Skip to content

Instantly share code, notes, and snippets.

@rkaiser0324

rkaiser0324/README.md

Last active June 24, 2022 14:53
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save rkaiser0324/ec59c11558699da1638b5829e3d233fe to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save rkaiser0324/ec59c11558699da1638b5829e3d233fe to your computer and use it in GitHub Desktop.
Download ZIP
How to set up Amazon S3 and SES services
Raw
README.md

Steps

  1. Create an S3 bucket "mybucketname" in the "US West / Northern California" region and set Object Ownership to "ACLs enabled".
  2. In the SES dashboard, in the "us-east-1" region, create two new Identities:
    1. Validate the sending email address "[email protected]"
    2. Verify domain ownership and add the generated DKIM keys to the DNS
  3. In the IAM dashboard:
    1. Create a new IAM user with programmatic access and record the access and secret keys.
    2. Add the following inline policy to the user, replacing "[email protected]" and "mybucketname": 
      {
 "Version": "2012-10-17",
 "Statement": [
 {
     "Effect": "Allow",
     "Action": [
 	"ses:ListVerifiedEmailAddresses",
 	"ses:GetSendQuota",
 	"ses:GetSendStatistics"
     ],
     "Resource": "*"
 },
 {
     "Effect": "Allow",
     "Action": [
 	"ses:SendEmail",
 	"ses:SendRawEmail"
     ],
     "Resource": "*",
     "Condition": {
 	"StringEquals": {
 	    "ses:FromAddress": "[email protected]"
 	}
     }
 },
 {
     "Effect": "Allow",
     "Action": [
 	"s3:GetBucketLocation",
 	"s3:ListAllMyBuckets"
     ],
     "Resource": "arn:aws:s3:::*"
 },
 {
     "Effect": "Allow",
     "Action": [
 	"s3:ListBucket"
     ],
     "Resource": "arn:aws:s3:::mybucketname"
 },
 {
     "Effect": "Allow",
     "Action": [
 	"s3:*"
     ],
     "Resource": "arn:aws:s3:::mybucketname/*"
 }
 ]
}
      If you will be sending from multiple addresses, use syntax like this instead: 
      {
     "Effect": "Allow",
     "Action": [
          ...,
          "ses:SendEmail",
          "ses:SendRawEmail"
     ],
     "Resource": "*"
 }
  4. On AWS->S3 and CloudFront (located in the Network dashboard for Multisite), select the appropriate bucket and set the following:
    • Copy Files to S3
    • Rewrite File URLs
    • Bucket name in path
    • Always SSL
    • Object Versioning
    • Far Future Expiration Header
  5. Upload all the existing wp-content/uploads assets to the created S3 bucket, using a client application like S3 Browser, a script like update_media_for_s3.php, etc.
  6. Update wp-config.php with the following (modify accordingly if you use the Bedrock layout): 
    // For WP Offload S3 and WP SES
define('AWS_ACCESS_KEY_ID', 'XXXXXXXXXXXXXXXX');
define('AWS_SECRET_ACCESS_KEY', 'XXXXXXXXXXXXXXXXXXX');
define('WP_SES_FROM','[email protected]');
define('WP_SES_RETURNPATH','[email protected]');
define('WP_SES_REPLYTO','[email protected]');
define('WP_SES_HIDE_VERIFIED',true);
define('WP_SES_ENDPOINT', 'email.us-east-1.amazonaws.com');
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment