Home Explore Help
Register Sign In
locky
/
ASJServer
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: fb33a68d66
Branches Tags
ASJServer
/
Ansjer
/
test
/
coposs_sts.py

coposs_sts.py 3.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. # -*- coding: utf-8 -*-
    2. 

  2. '''
    3. 

  3. 生成sts上传授权
    4. 

  4. '''
    5. 

  5. from aliyunsdkcore import client
    6. 

  6. from aliyunsdksts.request.v20150401 import AssumeRoleRequest
    7. 

  7. import json
    8. 

  8. import oss2
    9. 

  9. 

  10. # Endpoint以杭州为例,其它Region请按实际情况填写。
    11. 

  11. endpoint = 'oss-cn-shenzhen.aliyuncs.com'
    12. 

  12. # 阿里云主账号AccessKey拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM账号进行API访问或日常运维,请登录 https://ram.console.aliyun.com 创建RAM账号。
    13. 

  13. access_key_id = 'LTAIyMkGfEdogyL9'
    14. 

  14. access_key_secret = '71uIjpsqVOmF7DAITRyRuc259jHOjO'
    15. 

  15. bucket_name = 'cloudvod1'
    16. 

  16. # role_arn是角色的资源名称。
    17. 

  17. role_arn = 'acs:ram::1901342792446414:role/stsoss'
    18. 

  18. 

  19. clt = client.AcsClient(access_key_id, access_key_secret, 'cn-shenzhen')
    20. 

  20. req = AssumeRoleRequest.AssumeRoleRequest()
    21. 

  21. 

  22. # 设置返回值格式为JSON。
    23. 

  23. req.set_accept_format('json')
    24. 

  24. req.set_RoleArn(role_arn)
    25. 

  25. req.set_RoleSessionName('test')
    26. 

  26. req.set_DurationSeconds(3600)
    27. 

  27. policys = {
    28. 

  28.     "Version": "1",
    29. 

  29.     "Statement": [
    30. 

  30.         {
    31. 

  31.             "Action": [
    32. 

  32.                 "oss:PutObject",
    33. 

  33.                 "oss:DeleteObject",
    34. 

  34.             ],
    35. 

  35.             "Resource": ["acs:oss:*:*:cloudvod1/*"],
    36. 

  36.             "Effect": "Allow",
    37. 

  37.             "Condition": {
    38. 

  38.                 "IpAddress": {
    39. 

  39.                     "acs:SourceIp": "120.237.157.184"
    40. 

  40.                 }
    41. 

  41.             }
    42. 

  42.         }
    43. 

  43.     ]
    44. 

  44. }
    45. 

  45. req.set_Policy(Policy=json.dumps(policys))
    46. 

  46. body = clt.do_action(req)
    47. 

  47. # body = clt.do_action_with_exception(req)
    48. 

  48. # 使用RAM账号的AccessKeyId和AccessKeySecret向STS申请临时token。
    49. 

  49. token = json.loads(body)
    50. 

  50. print(token)
    51. 

  51. # exit()
    52. 

  52. # tokens = {
    53. 

  53. #     "Credentials":{
    54. 

  54. #     'AccessKeySecret': 'eDwALgKkfZp6eXD2jz8ckktfduneNCjEz8NgHxcZsVe',
    55. 

  55. #     'AccessKeyId': 'STS.NJNUa1UjHgo5idVKqY9wBLB3e',
    56. 

  56. #     'Expiration': '2018-11-15T09:06:30Z',
    57. 

  57. #     'SecurityToken': 'CAISwgJ1q6Ft5B2yfSjIr4n7HtuFuLVp0K3ea0Lnr3EMNfhuo4eYhzz2IHxLf3RuAe8dvvw+nGBV7vsdlqN4S5ZDR1HCbsJxtkXiZd84J9ivgde8yJBZom/MewHKeeKSvqL7Z+H+U6mSGJOEYEzFkSle2KbzcS7YMXWuLZyOj+wADLEQRRLqVSdaI91UKwB+0pN4U0HcLvGwKBXnr3PNBU5zwGpGhHh49L60z7/siGTXh0aozfQO9cajYMq4YtJwJot6S5D3pqgUF4vZ+SJc8RVR790ShadfqwzAo8uWDnhJkWzkVLOOqps1d1A/P/VlXfcU8NqEzKUi5raIyN+tkE0WZboOCh6yHt7wnJH2f8qyLcs8eLrBPHDA78uCLJGdsXl/PS1AaV0SJIFxci4oWUF0F27ASqqu6FnGZwalW1srcmfDSBocGoABBPrYt/W5rkesL4dOVkQTaYz14WpwbEQfMBi+8/T5xLEqUP4tuwsiiBbsQhfAm3QLKzGODGJB9bCcfxpQPSnZuAyCI4uSUZiuCFUzdKX/eaiurRDLMnACYx3aEzfmDCvQ6dYbbHxIdk+0UNMWk51eWKXfWnoH+udI6rkks2AWjTM='
    58. 

  58. #   }
    59. 

  59. # }
    60. 

  60. # 使用临时token中的认证信息初始化StsAuth实例。
    61. 

  61. auth = oss2.StsAuth(token['Credentials']['AccessKeyId'],
    62. 

  62.                     token['Credentials']['AccessKeySecret'],
    63. 

  63.                     token['Credentials']['SecurityToken'])
    64. 

  64. print(auth)
    65. 

  65. # 使用StsAuth实例初始化存储空间。
    66. 

  66. bucket = oss2.Bucket(auth, endpoint, bucket_name)
    67. 

  67. # 上传一个字符串。
    68. 

  68. # res = bucket.put_object('oss_media_hls.ts', b'hello world')
    69. 

  69. res = bucket.put_object('object-name.txt', b'hello world')
    70. 

  70. print(res)
    71. 

  71. 

  72. 

  73. '''
    74. 

  74. # master 172.17.0.4
    75. 

  75. 

  76. slave 172.17.0.8
    77. 

  77. '''
    78.