Skip to content

Commit

Permalink
Merge pull request #77 from AlibabaCloudLandingZone/solution-ack-sts-…
Browse files Browse the repository at this point in the history 
…token/0.0.5

solution-ack-sts-token/0.0.5
  • Loading branch information
@wibud
wibud authored Sep 29, 2024
2 parents d6b6e37 + f6bfbfc commit 15d5fd3
Show file tree
Hide file tree
Showing 8 changed files with 85 additions and 71 deletions.
12 changes: 8 additions & 4 deletions solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_default_sample.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,17 @@ def __init__(self, client):
self.client = client

def get_credentials(self):
access_key_id = self.client.get_access_key_id()
access_key_secret = self.client.get_access_key_secret()
security_token = self.client.get_security_token()
credential = self.client.get_credential()
access_key_id = credential.access_key_id
access_key_secret = credential.access_key_secret
security_token = credential.security_token
return Credentials(access_key_id, access_key_secret, security_token)

# 使用凭据初始化OSSClient
# 初始化Credentials客户端
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
cred = CredentialsClient()

# 使用凭据初始化OSSClient
credentials_provider = CredentialProviderWarpper(cred)

# 填写Bucket所在地域对应的Endpoint。以华东1(杭州)为例,Endpoint填写为https://oss-cn-hangzhou.aliyuncs.com。
Expand Down
46 changes: 21 additions & 25 deletions ...on/solution-ack-sts-token/code-example/python/oss_sdk/credentials_oidc_role_arn_sample.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,39 +6,35 @@
from alibabacloud_credentials.client import Client as CredentialsClient
from alibabacloud_credentials.models import Config

class OIDCRoleArnCredentialDemo(CredentialsProvider):
class CredentialProviderWrapper(CredentialsProvider):
def __init__(self, client):
self.client = client

def get_credentials(self):
credential = self.get_credentials()
access_key_id = credential.get_access_key_id()
access_key_secret = credential.get_access_key_secret()
security_token = credential.get_access_key_secret()
credential = self.client.get_credential()
access_key_id = credential.access_key_id
access_key_secret = credential.access_key_secret
security_token = credential.security_token
return Credentials(access_key_id, access_key_secret, security_token)

def get_credentials_client():
# 初始化默认凭据链方式的Credentials客户端
config = Config(
type='oidc_role_arn',
access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'),
access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'),
security_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN'),
role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'),
oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'),
oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'),
# 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置
role_session_name='<RoleSessionName>',
# 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"}
policy='<Policy>',
# 设置session过期时间
role_session_expiration=3600
)
return CredentialsClient(config)
# 初始化Credentials客户端
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
config = Config(
type='oidc_role_arn',
role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'),
oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'),
oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'),
# 角色会话名称
role_session_name='<RoleSessionName>',
# 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"}
policy='<Policy>',
# 设置session过期时间
role_session_expiration=3600
)
cred = CredentialsClient(config)

# 使用凭据初始化OSSClient
cred = get_credentials_client()
credentials_provider = OIDCRoleArnCredentialDemo(cred)
credentials_provider = CredentialProviderWrapper(cred)

# 填写Bucket所在地域对应的Endpoint。以华东1(杭州)为例,Endpoint填写为https://oss-cn-hangzhou.aliyuncs.com。
endpoint = 'https://oss-cn-hangzhou.aliyuncs.com'
Expand Down
2 changes: 2 additions & 0 deletions solution/solution-ack-sts-token/code-example/python/oss_sdk/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
alibabacloud-credentials>=0.3.5
oss2>=2.18.4
1 change: 1 addition & 0 deletions solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_default_sample.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from alibabacloud_credentials.client import Client as CredentialsClient

# 使用默认凭据链
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
cred = CredentialsClient()

config = open_api_models.Config()
Expand Down
3 changes: 3 additions & 0 deletions ...ion/solution-ack-sts-token/code-example/python/sdk2_0/credentials_oidc_role_arn_sample.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@
# 设置session过期时间
role_session_expiration=3600
)

# 初始化Credentials客户端
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
cred = CredentialsClient(config)

config = open_api_models.Config()
Expand Down
32 changes: 18 additions & 14 deletions solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_default_sample.py
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,26 @@
from aliyun.log import LogClient
from aliyun.log.credentials import Credentials
from aliyun.log.credentials import CredentialsProvider, Credentials
from alibabacloud_credentials.client import Client as CredentialsClient

def get_credentials():
# 初始化默认凭据链方式的Credentials客户端
cred = CredentialsClient()
# 获取凭据
cloud_credential = cred.cloud_credential
access_key_id = cloud_credential.get_access_key_id()
access_key_secret = cloud_credential.get_access_key_secret()
security_token = cloud_credential.get_security_token()
# 返回构造的Credentials对象
return Credentials(access_key_id, access_key_secret, security_token)
class CredentialProviderWarpper(CredentialsProvider):
def __init__(self, client):
self.client = client

def get_credentials(self):
credential = self.client.get_credential()
access_key_id = credential.access_key_id
access_key_secret = credential.access_key_secret
security_token = credential.security_token
return Credentials(access_key_id, access_key_secret, security_token)

# 默认凭据链方式初始化Credentials客户端
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
cred = CredentialsClient()

credentials_provider=CredentialProviderWarpper(cred)

# 获取凭据
credentials = get_credentials()
# 使用凭据初始化LogClient
client = LogClient("cn-hangzhou-intranet.log.aliyuncs.com", credentials)
client = LogClient("cn-hangzhou.log.aliyuncs.com", credentials_provider=credentials_provider)
# 获取项目列表
response = client.list_project()
# 打印响应
Expand Down
58 changes: 30 additions & 28 deletions ...on/solution-ack-sts-token/code-example/python/sls_sdk/credentials_oidc_role_arn_sample.py
View file
Original file line number Diff line number Diff line change
@@ -1,39 +1,41 @@
import os

from aliyun.log import LogClient
from aliyun.log.credentials import Credentials
from aliyun.log.credentials import CredentialsProvider, Credentials
from alibabacloud_credentials.client import Client as CredentialsClient
from alibabacloud_credentials.models import Config

def get_credentials():
# 初始化默认凭据链方式的Credentials客户端
config = Config(
type='oidc_role_arn',
access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'),
access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'),
security_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN'),
role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'),
oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'),
oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'),
# 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置
role_session_name='<RoleSessionName>',
# 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"}
policy='<Policy>',
# 设置session过期时间
role_session_expiration=3600
)
cred = CredentialsClient(config)
# 获取凭据
cloud_credential = cred.cloud_credential
access_key_id = cloud_credential.get_access_key_id()
access_key_secret = cloud_credential.get_access_key_secret()
security_token = cloud_credential.get_security_token()
# 返回构造的Credentials对象
return Credentials(access_key_id, access_key_secret, security_token)
class CredentialProviderWarpper(CredentialsProvider):
def __init__(self, client):
self.client = client

def get_credentials(self):
credential = self.client.get_credential()
access_key_id = credential.access_key_id
access_key_secret = credential.access_key_secret
security_token = credential.security_token
return Credentials(access_key_id, access_key_secret, security_token)

# 初始化Credentials客户端
# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5
config = Config(
type='oidc_role_arn',
role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'),
oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'),
oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'),
# 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置
role_session_name='<RoleSessionName>',
# 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"}
policy='<Policy>',
# 设置session过期时间
role_session_expiration=3600
)
cred = CredentialsClient(config)

credentials_provider=CredentialProviderWarpper(cred)

# 使用凭据初始化LogClient
credentials = get_credentials()
client = LogClient("cn-hangzhou-intranet.log.aliyuncs.com", credentials)
client = LogClient("cn-hangzhou.log.aliyuncs.com", credentials_provider=credentials_provider)
# 获取项目列表
response = client.list_project()
# 打印响应
Expand Down
2 changes: 2 additions & 0 deletions solution/solution-ack-sts-token/code-example/python/sls_sdk/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
alibabacloud-credentials>=0.3.5
aliyun-log-python-sdk>=0.9.11

0 comments on commit 15d5fd3

Please sign in to comment.