管理訪問憑據
更新時間:
本文為您介紹如何配置訪問憑據,以確保安全有效地使用SDK進行開發。
使用AccessKey
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
# 初始化Client
client = AcsClient(
os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變量中獲取RAM賬號的AccessKey ID
os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變量中獲取RAM賬號Access Key Secret
'<region_id>' # 地域ID
)
# 創建API請求并設置參數
request = DescribeRegionsRequest()
# 發送請求
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
STS憑證
通過安全令牌服務(Security Token Service,簡稱STS),申請臨時安全憑證(Temporary Security Credentials,簡稱TSC),創建臨時安全客戶端。
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import StsTokenCredential
from aliyunsdkecs.request.v20140526.AcceptInquiredSystemEventRequest import AcceptInquiredSystemEventRequest
cred = StsTokenCredential(
sts_access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變量中獲取STS Access Key Secret
sts_access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變量中獲取STS Access Key Secret
sts_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN') # 從環境變量中獲取STS Access Key Secret Token
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = AcceptInquiredSystemEventRequest()
request.set_accept_format('json')
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
RamRole憑證
通過指定RAM角色,讓客戶端在發起請求前自動申請維護STS Token,自動轉變為一個具有時限性的STS客戶端。您也可以自行申請維護STS Token,再創建STS客戶端。
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import RamRoleArnCredential
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
cred = RamRoleArnCredential(
sts_access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變量中獲取RAM賬號的AccessKey ID
sts_access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變量中獲取RAM賬號Access Key Secret
role_arn='<ram_role_arn>',
session_role_name='<session_role_name>'
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = DescribeRegionsRequest()
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
EcsRamRole憑證
實例化Esc Ram角色憑據時,該程序將攜帶指定的角色名稱并請求http://100.100.100.200/latest/meta-data/ram/security-credentials/ 以獲得臨時安全憑據。
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
from aliyunsdkecs.request.v20140526.AcceptInquiredSystemEventRequest import AcceptInquiredSystemEventRequest
cred = EcsRamRoleCredential(
role_name='<ram_role_name>'
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = AcceptInquiredSystemEventRequest()
request.set_accept_format('json')
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
默認憑據
在環境變量中查找環境憑證,如果定義了ALIYUN_ACCESS_KEY_ID和ALIYUN_ACCESS_KEY_SECRET環境變量且不為空,程序將使用它們創建默認憑證。
from aliyunsdkcore.client import AcsClient
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
# 初始化Client
client = AcsClient(
region_id='<region_id>' # 地域ID
)
# 創建API請求并設置參數
request = DescribeRegionsRequest()
# 發送請求
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
文檔內容是否對您有幫助?