本文為您介紹如何配置訪問憑據,以確保安全有效地使用SDK進行開發。
使用AccessKey
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
# 初始化Client
client = AcsClient(
os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變數中擷取RAM帳號的AccessKey ID
os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變數中擷取RAM帳號Access Key Secret
'<region_id>' # 地區ID
)
# 建立API請求並設定參數
request = DescribeRegionsRequest()
# 發送請求
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
STS憑證
通過Security Token Service(Security Token Service,簡稱STS),申請臨時安全憑證(Temporary Security Credentials,簡稱TSC),建立臨時安全用戶端。
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import StsTokenCredential
from aliyunsdkecs.request.v20140526.AcceptInquiredSystemEventRequest import AcceptInquiredSystemEventRequest
cred = StsTokenCredential(
sts_access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變數中擷取STS Access Key Secret
sts_access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變數中擷取STS Access Key Secret
sts_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN') # 從環境變數中擷取STS Access Key Secret Token
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = AcceptInquiredSystemEventRequest()
request.set_accept_format('json')
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
RamRole憑證
通過指定RAM角色,讓用戶端在發起請求前自動申請維護STS Token,自動轉變為一個具有時限性的STS用戶端。您也可以自行申請維護STS Token,再建立STS用戶端。
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import RamRoleArnCredential
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
cred = RamRoleArnCredential(
sts_access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), # 從環境變數中擷取RAM帳號的AccessKey ID
sts_access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), # 從環境變數中擷取RAM帳號Access Key Secret
role_arn='<ram_role_arn>',
session_role_name='<session_role_name>'
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = DescribeRegionsRequest()
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
EcsRamRole憑證
執行個體化Esc Ram角色憑據時,該程式將攜帶指定的角色名稱並請求http://100.100.100.200/latest/meta-data/ram/security-credentials/ 以獲得臨時安全憑據。
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.auth.credentials import EcsRamRoleCredential
from aliyunsdkecs.request.v20140526.AcceptInquiredSystemEventRequest import AcceptInquiredSystemEventRequest
cred = EcsRamRoleCredential(
role_name='<ram_role_name>'
)
client = AcsClient(
region_id='<region_id>',
credential=cred
)
request = AcceptInquiredSystemEventRequest()
request.set_accept_format('json')
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))
預設憑據
在環境變數中尋找環境憑證,如果定義了ALIYUN_ACCESS_KEY_ID
和ALIYUN_ACCESS_KEY_SECRET
環境變數且不為空白,程式將使用它們建立預設憑證。
from aliyunsdkcore.client import AcsClient
from aliyunsdkecs.request.v20140526.DescribeRegionsRequest import DescribeRegionsRequest
# 初始化Client
client = AcsClient(
region_id='<region_id>' # 地區ID
)
# 建立API請求並設定參數
request = DescribeRegionsRequest()
# 發送請求
response = client.do_action_with_exception(request)
print(str(response, encoding='utf-8'))