From caf3b69ed4021bdfb9c300f178272507970339b0 Mon Sep 17 00:00:00 2001 From: 824750130 Date: Fri, 29 May 2020 15:31:58 +0800 Subject: [PATCH] update usage document --- README-CN.md | 150 ++++++++++++++++++++++++++++++++++++++++++++++++++- README.md | 150 ++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 298 insertions(+), 2 deletions(-) diff --git a/README-CN.md b/README-CN.md index 47a6d94..13bda0f 100644 --- a/README-CN.md +++ b/README-CN.md @@ -2,7 +2,7 @@ ![](https://aliyunsdk-pages.alicdn.com/icons/AlibabaCloud.svg) -## Alibaba Cloud Credentials for Python +# Alibaba Cloud Credentials for Python ## 安装 @@ -16,7 +16,155 @@ pip install alibabacloud_credentials ``` +## 使用说明 + +在您开始之前,您需要注册阿里云帐户并获取您的[凭证](https://usercenter.console.aliyun.com/#/manage/ak)。 + +#### 凭证类型 + +##### access_key + +通过[用户信息管理](https://usercenter.console.aliyun.com/#/manage/ak)设置 access_key,它们具有该账户完全的权限,请妥善保管。有时出于安全考虑,您不能把具有完全访问权限的主账户 AccessKey 交于一个项目的开发者使用,您可以[创建RAM子账户](https://ram.console.aliyun.com/users)并为子账户[授权](https://ram.console.aliyun.com/permissions),使用RAM子用户的 AccessKey 来进行API调用。 + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='access_key', # 凭证类型 + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +cred_type = cred.get_type() +``` + + + +##### sts + +通过安全令牌服务(Security Token Service,简称 STS),申请临时安全凭证(Temporary Security Credentials,简称 TSC),创建临时安全凭证。 + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='sts', # 凭证类型 + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret + security_token='securityToken' # STS Token +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +##### Ram_role_arn + +通过指定[RAM角色](https://ram.console.aliyun.com/#/role/list),让凭证自动申请维护 STS Token。你可以通过为 `Policy` 赋值来限制获取到的 STS Token 的权限。 + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='ram_role_arn', # 凭证类型 + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret + security_token='securityToken', # STS Token + role_arn='roleArn', # 格式: acs:ram::用户ID:role/角色名 + role_session_name='roleSessionName', # 角色会话名称 + policy='policy', # 可选, 限制 STS Token 的权限 + role_session_expiration=3600 # 可选, 限制 STS Token 的有效时间 +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +##### ecs_ram_role + +通过指定角色名称,让凭证自动申请维护 STS Token + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='ecs_ram_role', # 凭证类型 + role_name='roleName' # 账户RoleName,非必填,不填则自动获取,建议设置,可以减少请求 +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +##### Ras_key_pair + +通过指定公钥ID和私钥文件,让凭证自动申请维护 AccessKey。仅支持日本站。 + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='rsa_key_pair', # 凭证类型 + private_key_file='privateKeyFile', # PrivateKey文件路径 + public_key_id='publicKeyId' # 账户PublicKeyId +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +##### bearer + +如呼叫中心(CCC)需用此凭证,请自行申请维护 Bearer Token。 + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='bearer', # 凭证类型 + bearer_token='bearerToken', # BearerToken +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + ## 问题 + [提交 Issue](https://github.com/aliyun/credentials-python/issues/new),不符合指南的问题可能会立即关闭。 ## 发行说明 diff --git a/README.md b/README.md index 507e2f0..9f00534 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ English | [简体中文](README-CN.md) ![](https://aliyunsdk-pages.alicdn.com/icons/AlibabaCloud.svg) -## Alibaba Cloud Credentials for Python +# Alibaba Cloud Credentials for Python ## Installation - **Install with pip** @@ -13,7 +13,155 @@ Python SDK uses a common package management tool named `pip`. If pip is not inst pip install alibabacloud_credentials ``` +## Usage + +Before you begin, you need to sign up for an Alibaba Cloud account and retrieve your [Credentials](https://usercenter.console.aliyun.com/#/manage/ak). + +### Credential Type + +#### access_key + +Setup access_key credential through [User Information Management][ak], it have full authority over the account, please keep it safe. Sometimes for security reasons, you cannot hand over a primary account AccessKey with full access to the developer of a project. You may create a sub-account [RAM Sub-account][ram] , grant its [authorization][permissions],and use the AccessKey of RAM Sub-account. + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='access_key', # credential type + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +cred_type = cred.get_type() +``` + + + +#### sts + +Create a temporary security credential by applying Temporary Security Credentials (TSC) through the Security Token Service (STS). + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='sts', # credential type + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret + security_token='securityToken' # STS Token +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +#### ram_role_arn + +By specifying [RAM Role][RAM Role], the credential will be able to automatically request maintenance of STS Token. If you want to limit the permissions([How to make a policy][policy]) of STS Token, you can assign value for `Policy`. + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='ram_role_arn', # credential type + access_key_id='accessKeyId', # AccessKeyId + access_key_secret='accessKeySecret', # AccessKeySecret + security_token='securityToken', # STS Token + role_arn='roleArn', # Format: acs:ram::USER_ID:role/ROLE_NAME + role_session_name='roleSessionName', # Role Session Name + policy='policy', # Not required, limit the permissions of STS Token + role_session_expiration=3600 # Not required, limit the Valid time of STS Token +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +#### ecs_ram_role + +By specifying the role name, the credential will be able to automatically request maintenance of STS Token. + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='ecs_ram_role', # credential type + role_name='roleName' # `roleName` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests. +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +#### rsa_key_pair + +By specifying the public key ID and the private key file, the credential will be able to automatically request maintenance of the AccessKey before sending the request. Only Japan station is supported. + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='rsa_key_pair', # credential type + private_key_file='privateKeyFile', # The file path to store the PrivateKey + public_key_id='publicKeyId' # PublicKeyId of your account +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + +#### bearer + +If credential is required by the Cloud Call Centre (CCC), please apply for Bearer Token maintenance by yourself. + +```python +from alibabacloud_credentials.client import Client +from alibabacloud_credentials.models import Config + +config = Config( + type='bearer', # credential type + bearer_token='bearerToken', # BearerToken +) +cred = Client(config) + +access_key_id = cred.get_access_key_id() +access_key_secret = cred.get_access_key_secret() +security_token = cred.get_security_token() +cred_type = cred.get_type() +``` + + + ## Issues + [Opening an Issue](https://github.com/aliyun/credentials-python/issues/new), Issues not conforming to the guidelines may be closed immediately. ## Changelog