Documentation

Quick Start Guide

Last updated April 12, 2023

Introduction

This guide aims to help you start sending your site emails through Amazon SES with WP Offload SES as quickly as possible. This article covers the following steps:

  1. Login to the AWS Console
  2. Create an Amazon Web Services (AWS) User
  3. Create Access Keys for the new User
  4. Saving the AWS User’s access details for WP Offload SES to use
  5. Configure WP Offload SES to send emails through Amazon SES

Login to the AWS Console

Already have an Amazon Web Services (AWS) account? Sign in here.

If you don’t have an AWS account yet, you will need to sign up here.

Create an IAM User

Once you have logged into the console, you will need to create a new IAM user:

Navigate to the IAM Users page in the AWS Console, click the Add users button.

Enter a name for the user in the User name field.

Names are case insensitive and must be unique within your AWS account. User names can be a combination of up to 64 letters, digits, and these characters: plus (+), equal (=), comma (,), period (.), at sign (@), and hyphen (-).

Leave the checkbox for Provide user access to the AWS Management Console empty. Click Next to continue.

AWS IAM Management Console specify user details

To allow the new user to verify new senders and send emails via SES, you need to grant it specific permissions.

For this quick start guide we recommend giving the new IAM User full access to SES, and nothing else. Using the AmazonSesFullAccess policy helps avoid potential problems when first setting up WP Offload SES. It’s always possible to later edit an IAM User’s policy to restrict access to only those resources required by WP Offload SES.

Click the Attach policies directly button, and then enter AmazonSesFullAccess in the filter policies input box.

Select the AmazonSesFullAccess policy, then click the Next button at the bottom of the page.

AWS IAM Management Console Add user permissions SES

In the final step, you can optionally add tags before creating the new user. Adding tags is purely optional, if you’re a heavy user of AWS you may have a reason to add tags here to help with management tasks.

AWS IAM Management Console Review and create

Whether you add tags here or not, click the Create user button at the bottom of the page to go ahead and create the new user. Once done, you will be taken back to the IAM Users listing page where you will see a confirmation that the new user has been created.

AWS IAM Management Console User Created

Create Access Keys

Next, you need to create access keys for the new user. Click on the newly created user name in the IAM Users page in the AWS Console to open the user details page.

AWS IAM Management Console User List

Go to the Security credentials tab and scroll down to the Access keys section and then click the Create access key button.

AWS IAM Management Console Security Credentials Tab

AWS IAM Management Console Access Keys Section

In the first step, you will be shown a list of Access key best practices & alternatives. Select Application running outside AWS and then click Next.

AWS IAM Management Console Access Keys Best Practices

The second step allows you to set a description tag and is entirely optional, whether you add tags here or not, click the Create access key button to get to the last step.

AWS IAM Management Console Access Keys Tags

You will be shown the security credentials for the user, which consist of an Access Key ID and a Secret Access Key. Amazon will not show these again so please download them as a .csv and also copy them somewhere safe. If you lose them, you can always create a new set of keys from the console but you cannot retrieve the secret key again later.

AWS IAM Management Console Download Access Keys

Clicking the Done button will return you to the user details page.

Define Your Access Keys

Now that you have your AWS Access Keys, you need to add them to your site so that WP Offload SES can use them to work with Amazon SES.

For better security, we recommend defining your access keys in your wp-config.php:

define( 'WPOSES_AWS_ACCESS_KEY_ID',     '********************' );
define( 'WPOSES_AWS_SECRET_ACCESS_KEY', '**************************************' );

These should be placed before the following block of code in your wp-config.php:

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
    define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Warning: If you define your access keys after this block of code, WP Offload SES will not be able to read them.

Alternatively, you can enter your access keys into the form on the AWS Access Keys page inside WP Offload SES. This will save them to the database, which is less secure than defining them in your wp-config.php.

Save AWS access keys in DB

If you’re running your site on an Amazon EC2 instance, you might like to use an IAM Role instead. This is even more secure than defining your access keys in wp-config.php.

Make Sure Cron Is Set Up

We highly recommend that you configure a proper cron job on your server as WP Offload SES relies heavily on background processing. See our Cron Setup doc for details on how to accomplish this.

Configure WP Offload SES to send emails through Amazon SES

If you haven’t installed WP Offload SES before, visit the WP Offload SES settings page to launch the Setup Guide. This will have everything you need to get started using WP Offload SES:

Offload SES setup wizard

Alternatively, you can click “Skip to Settings” and configure the plugin manually.