alibabacloud Python SDK的alibabacloud凭证模块。
alibabacloud-credentials的Python项目详细描述
英语| 简体中文
Python阿里云凭证
安装
- Install with pip
pythonsdk使用一个名为pip
的通用包管理工具。如果没有安装pip,请参阅pip user guide来安装pip。在
# Install the alibabacloud_credentials
pip install alibabacloud_credentials
使用
在开始之前,您需要注册一个阿里云帐户并检索您的Credentials。在
凭证类型
访问键
通过[User Information Management][ak]设置access_key credential,对账号拥有完全权限,请妥善保管。有时出于安全原因,您不能将具有完全访问权限的主帐户AccessKey交给项目的开发人员。您可以创建一个子账号【RAM sub account】【RAM】,授予其【授权】【权限】,使用RAM子账号的AccessKey。在
^{pr2}$sts
通过安全令牌服务(STS)应用临时安全凭据(TSC),创建临时安全凭据。在
fromalibabacloud_credentials.clientimportClientfromalibabacloud_credentials.modelsimportConfigconfig=Config(type='sts',# credential typeaccess_key_id='accessKeyId',# AccessKeyIdaccess_key_secret='accessKeySecret',# AccessKeySecretsecurity_token='securityToken'# STS Token)cred=Client(config)access_key_id=cred.get_access_key_id()access_key_secret=cred.get_access_key_secret()security_token=cred.get_security_token()cred_type=cred.get_type()
拉姆角色
通过指定[RAM Role][RAM Role],凭证将能够自动请求维护STS令牌。如果要限制STS令牌的权限([如何制定策略][策略]),可以为Policy
赋值。在
fromalibabacloud_credentials.clientimportClientfromalibabacloud_credentials.modelsimportConfigconfig=Config(type='ram_role_arn',# credential typeaccess_key_id='accessKeyId',# AccessKeyIdaccess_key_secret='accessKeySecret',# AccessKeySecretsecurity_token='securityToken',# STS Tokenrole_arn='roleArn',# Format: acs:ram::USER_ID:role/ROLE_NAMErole_session_name='roleSessionName',# Role Session Namepolicy='policy',# Not required, limit the permissions of STS Tokenrole_session_expiration=3600# Not required, limit the Valid time of STS Token)cred=Client(config)access_key_id=cred.get_access_key_id()access_key_secret=cred.get_access_key_secret()security_token=cred.get_security_token()cred_type=cred.get_type()
ecs的ram_角色
通过指定角色名称,凭证将能够自动请求维护STS令牌。在
fromalibabacloud_credentials.clientimportClientfromalibabacloud_credentials.modelsimportConfigconfig=Config(type='ecs_ram_role',# credential typerole_name='roleName'# `roleName` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests.)cred=Client(config)access_key_id=cred.get_access_key_id()access_key_secret=cred.get_access_key_secret()security_token=cred.get_security_token()cred_type=cred.get_type()
rsa_密钥对
通过指定公钥ID和私钥文件,凭证将能够在发送请求之前自动请求维护AccessKey。仅支持日本站。在
fromalibabacloud_credentials.clientimportClientfromalibabacloud_credentials.modelsimportConfigconfig=Config(type='rsa_key_pair',# credential typeprivate_key_file='privateKeyFile',# The file path to store the PrivateKeypublic_key_id='publicKeyId'# PublicKeyId of your account)cred=Client(config)access_key_id=cred.get_access_key_id()access_key_secret=cred.get_access_key_secret()security_token=cred.get_security_token()cred_type=cred.get_type()
承载器
如果云呼叫中心(CCC)需要凭证,请自行申请持有人代币维护。在
fromalibabacloud_credentials.clientimportClientfromalibabacloud_credentials.modelsimportConfigconfig=Config(type='bearer',# credential typebearer_token='bearerToken',# BearerToken)cred=Client(config)access_key_id=cred.get_access_key_id()access_key_secret=cred.get_access_key_secret()security_token=cred.get_security_token()cred_type=cred.get_type()
使用默认凭据提供程序链
fromalibabacloud_credentials.clientimportClientasCredClientfromalibabacloud_ocr20191230.clientimportClientasOcrClientfromalibabacloud_ocr20191230.modelsimportGetAsyncJobResultRequestfromalibabacloud_tea_rpc.modelsimportConfigfromalibabacloud_tea_util.modelsimportRuntimeOptionscred=CredClient()config=Config(credential=cred)client=OcrClient(config)request=GetAsyncJobResultRequest(job_id='<job_id>')runtime_options=RuntimeOptions()response=client.get_async_job_result(request,runtime_options)
默认凭据提供程序链按以下顺序查找可用凭据:
1.环境资质
在环境变量中查找环境凭据。如果ALIBABA_CLOUD_ACCESS_KEY_ID
和{
2.凭证文件
如果存在~/.alibabacloud/credentials default file (Windows shows C:\Users\USER_NAME\.alibabacloud\credentials)
,程序将自动创建具有指定类型和名称的凭据。默认文件不一定存在,但分析错误将引发异常。配置项的名称为小写。这个配置文件可以在不同的项目之间以及不同的工具之间共享。因为它在项目之外,不会意外地提交到版本控制中。可以通过定义ALIBABA_CLOUD_CREDENTIALS_FILE
环境变量来修改默认文件的路径。如果未配置,请使用默认配置default
。您还可以设置环境变量ALIBABA_CLOUD_PROFILE
以使用配置。在
[default] # default settingenable=true # Enable,Enabled by default if this option is not presenttype=access_key # Certification type: access_keyaccess_key_id=foo # Keyaccess_key_secret=bar # Secret[client1] # configuration that is named as `client1`type=ecs_ram_role # Certification type: ecs_ram_rolerole_name=EcsRamRoleTest # Role Name[client2] # configuration that is named as `client2`enable=false # Disabletype=ram_role_arn # Certification type: ram_role_arnregion_id=cn-testpolicy=test # optional Specify permissionsaccess_key_id=fooaccess_key_secret=barrole_arn=role_arnrole_session_name=session_name # optional[client3] # configuration that is named as `client3`type=rsa_key_pair # Certification type: rsa_key_pairpublic_key_id=publicKeyId # Public Key IDprivate_key_file=/your/pk.pem # Private Key file
3.实例RAM角色
如果环境变量ALIBABA_CLOUD_ECS_METADATA
已定义且不为空,则程序将使用环境变量的值作为角色名,并请求http://100.100.100.200/latest/meta-data/ram/security-credentials/获取临时安全凭据。在
问题
Opening an Issue,不符合准则的问题可以立即关闭。在
变更日志
每个版本的详细更改记录在release notes中。在
参考文献
许可证
版权所有(c)2009年至今,阿里云保留所有权利。在
- 项目
标签: