From f6bfbfc838c54271cebd3c0afd53c899ea5ed1aa Mon Sep 17 00:00:00 2001 From: LandingZone Date: Sun, 29 Sep 2024 10:05:51 +0000 Subject: [PATCH] =?UTF-8?q?'=E4=BF=AE=E6=94=B9sls'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../oss_sdk/credentials_default_sample.py | 12 ++-- .../credentials_oidc_role_arn_sample.py | 46 +++++++-------- .../python/oss_sdk/requirements.txt | 2 + .../sdk2_0/credentials_default_sample.py | 1 + .../credentials_oidc_role_arn_sample.py | 3 + .../sls_sdk/credentials_default_sample.py | 32 +++++----- .../credentials_oidc_role_arn_sample.py | 58 ++++++++++--------- .../python/sls_sdk/requirements.txt | 2 + 8 files changed, 85 insertions(+), 71 deletions(-) create mode 100644 solution/solution-ack-sts-token/code-example/python/oss_sdk/requirements.txt create mode 100644 solution/solution-ack-sts-token/code-example/python/sls_sdk/requirements.txt diff --git a/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_default_sample.py b/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_default_sample.py index d1a2c0b..1c2d69f 100644 --- a/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_default_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_default_sample.py @@ -9,13 +9,17 @@ def __init__(self, client): self.client = client def get_credentials(self): - access_key_id = self.client.get_access_key_id() - access_key_secret = self.client.get_access_key_secret() - security_token = self.client.get_security_token() + credential = self.client.get_credential() + access_key_id = credential.access_key_id + access_key_secret = credential.access_key_secret + security_token = credential.security_token return Credentials(access_key_id, access_key_secret, security_token) -# 使用凭据初始化OSSClient +# 初始化Credentials客户端 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 cred = CredentialsClient() + +# 使用凭据初始化OSSClient credentials_provider = CredentialProviderWarpper(cred) # 填写Bucket所在地域对应的Endpoint。以华东1(杭州)为例,Endpoint填写为https://oss-cn-hangzhou.aliyuncs.com。 diff --git a/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_oidc_role_arn_sample.py b/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_oidc_role_arn_sample.py index e707a24..0409c40 100644 --- a/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_oidc_role_arn_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/oss_sdk/credentials_oidc_role_arn_sample.py @@ -6,39 +6,35 @@ from alibabacloud_credentials.client import Client as CredentialsClient from alibabacloud_credentials.models import Config -class OIDCRoleArnCredentialDemo(CredentialsProvider): +class CredentialProviderWrapper(CredentialsProvider): def __init__(self, client): self.client = client def get_credentials(self): - credential = self.get_credentials() - access_key_id = credential.get_access_key_id() - access_key_secret = credential.get_access_key_secret() - security_token = credential.get_access_key_secret() + credential = self.client.get_credential() + access_key_id = credential.access_key_id + access_key_secret = credential.access_key_secret + security_token = credential.security_token return Credentials(access_key_id, access_key_secret, security_token) -def get_credentials_client(): - # 初始化默认凭据链方式的Credentials客户端 - config = Config( - type='oidc_role_arn', - access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), - access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), - security_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN'), - role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'), - oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'), - oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'), - # 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置 - role_session_name='', - # 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"} - policy='', - # 设置session过期时间 - role_session_expiration=3600 - ) - return CredentialsClient(config) +# 初始化Credentials客户端 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 +config = Config( + type='oidc_role_arn', + role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'), + oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'), + oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'), + # 角色会话名称 + role_session_name='', + # 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"} + policy='', + # 设置session过期时间 + role_session_expiration=3600 +) +cred = CredentialsClient(config) # 使用凭据初始化OSSClient -cred = get_credentials_client() -credentials_provider = OIDCRoleArnCredentialDemo(cred) +credentials_provider = CredentialProviderWrapper(cred) # 填写Bucket所在地域对应的Endpoint。以华东1(杭州)为例,Endpoint填写为https://oss-cn-hangzhou.aliyuncs.com。 endpoint = 'https://oss-cn-hangzhou.aliyuncs.com' diff --git a/solution/solution-ack-sts-token/code-example/python/oss_sdk/requirements.txt b/solution/solution-ack-sts-token/code-example/python/oss_sdk/requirements.txt new file mode 100644 index 0000000..1344fe9 --- /dev/null +++ b/solution/solution-ack-sts-token/code-example/python/oss_sdk/requirements.txt @@ -0,0 +1,2 @@ +alibabacloud-credentials>=0.3.5 +oss2>=2.18.4 \ No newline at end of file diff --git a/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_default_sample.py b/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_default_sample.py index f30977c..cf0b5d2 100644 --- a/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_default_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_default_sample.py @@ -4,6 +4,7 @@ from alibabacloud_credentials.client import Client as CredentialsClient # 使用默认凭据链 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 cred = CredentialsClient() config = open_api_models.Config() diff --git a/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_oidc_role_arn_sample.py b/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_oidc_role_arn_sample.py index 6eeef1f..5300db3 100644 --- a/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_oidc_role_arn_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/sdk2_0/credentials_oidc_role_arn_sample.py @@ -22,6 +22,9 @@ # 设置session过期时间 role_session_expiration=3600 ) + +# 初始化Credentials客户端 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 cred = CredentialsClient(config) config = open_api_models.Config() diff --git a/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_default_sample.py b/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_default_sample.py index dd3f5aa..8d7af10 100644 --- a/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_default_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_default_sample.py @@ -1,22 +1,26 @@ from aliyun.log import LogClient -from aliyun.log.credentials import Credentials +from aliyun.log.credentials import CredentialsProvider, Credentials from alibabacloud_credentials.client import Client as CredentialsClient -def get_credentials(): - # 初始化默认凭据链方式的Credentials客户端 - cred = CredentialsClient() - # 获取凭据 - cloud_credential = cred.cloud_credential - access_key_id = cloud_credential.get_access_key_id() - access_key_secret = cloud_credential.get_access_key_secret() - security_token = cloud_credential.get_security_token() - # 返回构造的Credentials对象 - return Credentials(access_key_id, access_key_secret, security_token) +class CredentialProviderWarpper(CredentialsProvider): + def __init__(self, client): + self.client = client + + def get_credentials(self): + credential = self.client.get_credential() + access_key_id = credential.access_key_id + access_key_secret = credential.access_key_secret + security_token = credential.security_token + return Credentials(access_key_id, access_key_secret, security_token) + +# 默认凭据链方式初始化Credentials客户端 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 +cred = CredentialsClient() + +credentials_provider=CredentialProviderWarpper(cred) -# 获取凭据 -credentials = get_credentials() # 使用凭据初始化LogClient -client = LogClient("cn-hangzhou-intranet.log.aliyuncs.com", credentials) +client = LogClient("cn-hangzhou.log.aliyuncs.com", credentials_provider=credentials_provider) # 获取项目列表 response = client.list_project() # 打印响应 diff --git a/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_oidc_role_arn_sample.py b/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_oidc_role_arn_sample.py index bea1360..6292484 100644 --- a/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_oidc_role_arn_sample.py +++ b/solution/solution-ack-sts-token/code-example/python/sls_sdk/credentials_oidc_role_arn_sample.py @@ -1,39 +1,41 @@ import os from aliyun.log import LogClient -from aliyun.log.credentials import Credentials +from aliyun.log.credentials import CredentialsProvider, Credentials from alibabacloud_credentials.client import Client as CredentialsClient from alibabacloud_credentials.models import Config -def get_credentials(): - # 初始化默认凭据链方式的Credentials客户端 - config = Config( - type='oidc_role_arn', - access_key_id=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_ID'), - access_key_secret=os.environ.get('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), - security_token=os.environ.get('ALIBABA_CLOUD_SECURITY_TOKEN'), - role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'), - oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'), - oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'), - # 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置 - role_session_name='', - # 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"} - policy='', - # 设置session过期时间 - role_session_expiration=3600 - ) - cred = CredentialsClient(config) - # 获取凭据 - cloud_credential = cred.cloud_credential - access_key_id = cloud_credential.get_access_key_id() - access_key_secret = cloud_credential.get_access_key_secret() - security_token = cloud_credential.get_security_token() - # 返回构造的Credentials对象 - return Credentials(access_key_id, access_key_secret, security_token) +class CredentialProviderWarpper(CredentialsProvider): + def __init__(self, client): + self.client = client + + def get_credentials(self): + credential = self.client.get_credential() + access_key_id = credential.access_key_id + access_key_secret = credential.access_key_secret + security_token = credential.security_token + return Credentials(access_key_id, access_key_secret, security_token) + +# 初始化Credentials客户端 +# 请确保Credentials Python SDK(alibabacloud-credentials)版本>=0.3.5 +config = Config( + type='oidc_role_arn', + role_arn=os.environ.get('ALIBABA_CLOUD_ROLE_ARN'), + oidc_provider_arn=os.environ.get('ALIBABA_CLOUD_OIDC_PROVIDER_ARN'), + oidc_token_file_path=os.environ.get('ALIBABA_CLOUD_OIDC_TOKEN_FILE'), + # 角色会话名称,如果配置了ALIBABA_CLOUD_ROLE_SESSION_NAME这个环境变量,则无需设置 + role_session_name='', + # 设置更小的权限策略,非必填。示例值:{"Statement": [{"Action": ["*"],"Effect": "Allow","Resource": ["*"]}],"Version":"1"} + policy='', + # 设置session过期时间 + role_session_expiration=3600 +) +cred = CredentialsClient(config) + +credentials_provider=CredentialProviderWarpper(cred) # 使用凭据初始化LogClient -credentials = get_credentials() -client = LogClient("cn-hangzhou-intranet.log.aliyuncs.com", credentials) +client = LogClient("cn-hangzhou.log.aliyuncs.com", credentials_provider=credentials_provider) # 获取项目列表 response = client.list_project() # 打印响应 diff --git a/solution/solution-ack-sts-token/code-example/python/sls_sdk/requirements.txt b/solution/solution-ack-sts-token/code-example/python/sls_sdk/requirements.txt new file mode 100644 index 0000000..800554c --- /dev/null +++ b/solution/solution-ack-sts-token/code-example/python/sls_sdk/requirements.txt @@ -0,0 +1,2 @@ +alibabacloud-credentials>=0.3.5 +aliyun-log-python-sdk>=0.9.11 \ No newline at end of file