ホーム エクスプローラ ヘルプ
登録 サインイン
locky
/
ASJServer
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 67d8f59f5e
ブランチ タグ
ASJServer
/
Ansjer
/
test
/
oss_sts.py

oss_sts.py 2.9 KB
履歴 Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. from aliyunsdkcore import client
    2. 

  2. from aliyunsdksts.request.v20150401 import AssumeRoleRequest
    3. 

  3. import json
    4. 

  4. import oss2
    5. 

  5. 

  6. 

  7. # Endpoint以杭州为例,其它egion请按实际情况填写。
    8. 

  8. endpoint = 'oss-cn-shenzhen.aliyuncs.com'
    9. 

  9. access_key_id = 'LTAIyMkGfEdogyL9'
    10. 

  10. access_key_secret = '71uIjpsqVOmF7DAITRyRuc259jHOjO'
    11. 

  11. bucket_name = 'cloudvod1'
    12. 

  12. # role_arn是角色的资源名称。
    13. 

  13. role_arn = 'acs:ram::1901342792446414:role/stsoss'
    14. 

  14. 

  15. clt = client.AcsClient(access_key_id, access_key_secret, 'cn-shenzhen')
    16. 

  16. req = AssumeRoleRequest.AssumeRoleRequest()
    17. 

  17. 

  18. # 设置返回值格式为JSON。
    19. 

  19. req.set_accept_format('json')
    20. 

  20. req.set_RoleArn(role_arn)
    21. 

  21. req.set_RoleSessionName('uid13241234123')
    22. 

  22. req.set_DurationSeconds(3600)
    23. 

  23. policys = {
    24. 

  24.     "Version": "1",
    25. 

  25.     "Statement": [
    26. 

  26.         {
    27. 

  27.             "Action": [
    28. 

  28.                 "oss:PutObject",
    29. 

  29.                 "oss:DeleteObject",
    30. 

  30.             ],
    31. 

  31.             # "Resource": ["acs:oss:*:*:cloudvod1/*"],
    32. 

  32.             "Resource": ["acs:oss:*:*:cloudvod1/test/*"],
    33. 

  33.             "Effect": "Allow",
    34. 

  34.             "Condition": {
    35. 

  35.                 "IpAddress": {
    36. 

  36.                     "acs:SourceIp": "120.237.157.184"
    37. 

  37.                 }
    38. 

  38.             }
    39. 

  39.         }
    40. 

  40.     ]
    41. 

  41. }
    42. 

  42. req.set_Policy(Policy=json.dumps(policys))
    43. 

  43. body = clt.do_action(req)
    44. 

  44. # body = clt.do_action_with_exception(req)
    45. 

  45. # 使用RAM账号的AccessKeyId和AccessKeySecret向STS申请临时token。
    46. 

  46. token = json.loads(body)
    47. 

  47. print(token)
    48. 

  48. # exit()
    49. 

  49. # tokens = {'RequestId': '2D83A43D-8D6B-44C5-83A4-3530BFB032EC', 'AssumedRoleUser': {'AssumedRoleId': '394329055954717182:chanjunkai', 'Arn': 'acs:ram::1901342792446414:role/stsoss/chanjunkai'}, 'Credentials': {'AccessKeySecret': 'FtPRvMDBRitAX8X7ZGoQ2DohrMWvMjP2EXVVSVqhmdyv', 'AccessKeyId': 'STS.NJHBY1uKvmvy2rRunerymDq7y', 'Expiration': '2018-11-30T07:23:54Z', 'SecurityToken': 'CAIS0wJ1q6Ft5B2yfSjIr4n9CeOFmJRX2rSSMFTjkW4wfvZBq7Scmzz2IHFIf3NhAe0bv/kzm2lX7/YYlqN4S5ZDR1HCbsJxtgf5G/c/J9ivgde8yJBZoljMewHKedGSvqL7Z+H+U6mMGJOEYEzFkSle2KbzcS7YMXWuLZyOj+wuDLEQRRLqVSdaI91UKwB+yrcdLmCDGfupPwLnpWDSAUF0wFce71ly8qOi2MaRxwPDhVnhsI8vqp/2P4KvYrsdXuh2WMzn2/dtJOiTknxb7x9X+LlxgPUDu02D3LC8G3Bd7w+LKPGultRkN11CYbUgEKNltIqF95oh4LSVzd+ojU8QYqcMA3j9PNnxmJKfRLn2Z4xlKeinYij3v4rRZsWvgWQNemkGMQ5GQd0lJ0JrBAYkIjOgcf77owqbOlr+GvXZj/hpiMov1Tvz4cGNPEOf5T4EVOPY4vQagAGFFahWtPsgkWPPJhSOu/bsFZGJFeQvb/Ij5nT5dPNiuEfvECu+ns2GmUB5sAQO9xeMmIBr9y2yteTIwoG8FQx5S4ybj051MK+K53GeRZOSd05iZRU8hpU3+O2mTlQI4FicDjG6C6my1IJpNPYjO+8Y9cWecm+aodAeBJLJS1WP6w=='}}
    50. 

  50. 

  51. # 使用临时token中的认证信息初始化StsAuth实例。
    52. 

  52. auth = oss2.StsAuth(token['Credentials']['AccessKeyId'],
    53. 

  53.                     token['Credentials']['AccessKeySecret'],
    54. 

  54.                     token['Credentials']['SecurityToken'])
    55. 

  55. print(auth)
    56. 

  56. # 使用StsAuth实例初始化存储空间。
    57. 

  57. bucket = oss2.Bucket(auth, endpoint, bucket_name)
    58. 

  58. # 上传一个字符串。
    59. 

  59. # res = bucket.put_object('oss_media_hls.ts', b'hello world')
    60. 

  60. res = bucket.put_object('test/test-name.txt', b'hello world')
    61. 

  61. print(res)
    62.