English | [简体中文](README-CN.md)
# Alibaba Cloud Credentials for Python2
## Installation
- **Install with pip**
Python SDK uses a common package management tool named `pip`. If pip is not installed, see the [pip user guide](https://pip.pypa.io/en/stable/installing/ "pip User Guide") to install pip.
```bash
# Install the alibabacloud_credentials_py2
pip install alibabacloud_credentials_py2
```
## Usage
Before you begin, you need to sign up for an Alibaba Cloud account and retrieve your [Credentials](https://usercenter.console.aliyun.com/#/manage/ak).
### Credential Type
#### access_key
Setup access_key credential through [User Information Management][ak], it have full authority over the account, please keep it safe. Sometimes for security reasons, you cannot hand over a primary account AccessKey with full access to the developer of a project. You may create a sub-account [RAM Sub-account][ram] , grant its [authorization][permissions],and use the AccessKey of RAM Sub-account.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='access_key', # credential type
access_key_id='accessKeyId', # AccessKeyId
access_key_secret='accessKeySecret', # AccessKeySecret
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
cred_type = cred.get_type()
```
#### sts
Create a temporary security credential by applying Temporary Security Credentials (TSC) through the Security Token Service (STS).
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='sts', # credential type
access_key_id='accessKeyId', # AccessKeyId
access_key_secret='accessKeySecret', # AccessKeySecret
security_token='securityToken' # STS Token
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
#### ram_role_arn
By specifying [RAM Role][RAM Role], the credential will be able to automatically request maintenance of STS Token. If you want to limit the permissions([How to make a policy][policy]) of STS Token, you can assign value for `Policy`.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='ram_role_arn', # credential type
access_key_id='accessKeyId', # AccessKeyId
access_key_secret='accessKeySecret', # AccessKeySecret
security_token='securityToken', # STS Token
role_arn='roleArn', # Format: acs:ram::USER_ID:role/ROLE_NAME
role_session_name='roleSessionName', # Role Session Name
policy='policy', # Not required, limit the permissions of STS Token
role_session_expiration=3600 # Not required, limit the Valid time of STS Token
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
#### OIDC Role ARN
By specifying [OIDC Role][OIDC Role], the credential will be able to automatically request maintenance of STS Token. If you want to limit the permissions([How to make a policy][policy]) of STS Token, you can assign value for `Policy`.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='oidc_role_arn', # credential type
access_key_id='accessKeyId', # AccessKeyId
access_key_secret='accessKeySecret', # AccessKeySecret
security_token='securityToken', # STS Token
role_arn='roleArn', # Format: acs:ram::USER_ID:role/ROLE_NAME
oidc_provider_arn='oidcProviderArn', # Format: acs:ram::USER_Id:oidc-provider/OIDC Providers
oidc_token_file_path='/Users/xxx/xxx',# oidc_token_file_path can be replaced by setting environment variable: ALIBABA_CLOUD_OIDC_TOKEN_FILE
role_session_name='roleSessionName', # Role Session Name
policy='policy', # Not required, limit the permissions of STS Token
role_session_expiration=3600 # Not required, limit the Valid time of STS Token
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
#### ecs_ram_role
By specifying the role name, the credential will be able to automatically request maintenance of STS Token.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='ecs_ram_role', # credential type
role_name='roleName' # `roleName` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests.
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
#### rsa_key_pair
By specifying the public key ID and the private key file, the credential will be able to automatically request maintenance of the AccessKey before sending the request. Only Japan station is supported.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='rsa_key_pair', # credential type
private_key_file='privateKeyFile', # The file path to store the PrivateKey
public_key_id='publicKeyId' # PublicKeyId of your account
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
#### bearer
If credential is required by the Cloud Call Centre (CCC), please apply for Bearer Token maintenance by yourself.
```python
from alibabacloud_credentials.client import Client
from alibabacloud_credentials.models import Config
config = Config(
type='bearer', # credential type
bearer_token='bearerToken', # BearerToken
)
cred = Client(config)
access_key_id = cred.get_access_key_id()
access_key_secret = cred.get_access_key_secret()
security_token = cred.get_security_token()
cred_type = cred.get_type()
```
### Use the default credential provider chain
```python
from alibabacloud_credentials.client import Client as CredClient
from alibabacloud_ocr20191230.client import Client as OcrClient
from alibabacloud_ocr20191230.models import GetAsyncJobResultRequest
from alibabacloud_tea_rpc.models import Config
from alibabacloud_tea_util.models import RuntimeOptions
cred = CredClient()
config = Config(credential=cred)
client = OcrClient(config)
request = GetAsyncJobResultRequest(
job_id='<job_id>'
)
runtime_options = RuntimeOptions()
response = client.get_async_job_result(request, runtime_options)
```
The default credential provider chain looks for available credentials, with following order:
1.Environment Credentials
Look for environment credentials in environment variable. If the `ALIBABA_CLOUD_ACCESS_KEY_ID` and `ALIBABA_CLOUD_ACCESS_KEY_SECRET` environment variables are defined and are not empty, the program will use them to create default credentials.
2.Credentials File
If there is `~/.alibabacloud/credentials default file (Windows shows C:\Users\USER_NAME\.alibabacloud\credentials)`, the program automatically creates credentials with the specified type and name. The default file is not necessarily exist, but a parse error will throw an exception. The name of configuration item is lowercase.This configuration file can be shared between different projects and between different tools. Because it is outside of the project and will not be accidentally committed to the version control. The path to the default file can be modified by defining the `ALIBABA_CLOUD_CREDENTIALS_FILE` environment variable. If not configured, use the default configuration `default`. You can also set the environment variables `ALIBABA_CLOUD_PROFILE` to use the configuration.
```ini
[default] # default setting
enable = true # Enable,Enabled by default if this option is not present
type = access_key # Certification type: access_key
access_key_id = foo # Key
access_key_secret = bar # Secret
[client1] # configuration that is named as `client1`
type = ecs_ram_role # Certification type: ecs_ram_role
role_name = EcsRamRoleTest # Role Name
[client2] # configuration that is named as `client2`
enable = false # Disable
type = ram_role_arn # Certification type: ram_role_arn
region_id = cn-test
policy = test # optional Specify permissions
access_key_id = foo
access_key_secret = bar
role_arn = role_arn
role_session_name = session_name # optional
[client3] # configuration that is named as `client3`
type = rsa_key_pair # Certification type: rsa_key_pair
public_key_id = publicKeyId # Public Key ID
private_key_file = /your/pk.pem # Private Key file
[client3] # configuration that is named as `client3`
type = rsa_key_pair # Certification type: rsa_key_pair
public_key_id = publicKeyId # Public Key ID
private_key_file = /your/pk.pem # Private Key file
[client4] # configuration that is named as `client4`
enable = false # Disable
type = oidc_role_arn # Certification type: oidc_role_arn
region_id = cn-test
policy = test # optional Specify permissions
access_key_id = foo # optional
access_key_secret = bar # optional
role_arn = role_arn
oidc_provider_arn = oidc_provider_arn
oidc_token_file_path = /xxx/xxx # can be replaced by setting environment variable: ALIBABA_CLOUD_OIDC_TOKEN_FILE
role_session_name = session_name # optional
```
3.Instance RAM Role
If the environment variable `ALIBABA_CLOUD_ECS_METADATA` is defined and not empty, the program will take the value of the environment variable as the role name and request <http://100.100.100.200/latest/meta-data/ram/security-credentials/> to get the temporary Security credentials.
## Issues
[Opening an Issue](https://github.com/aliyun/credentials-python2/issues/new), Issues not conforming to the guidelines may be closed immediately.
## Changelog
Detailed changes for each release are documented in the [release notes](./ChangeLog.md).
## References
* [Latest Release](https://github.com/aliyun/credentials-python2)
## License
[Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0)
Copyright (c) 2009-present, Alibaba Cloud All rights reserved.
Raw data
{
"_id": null,
"home_page": "https://github.com/aliyun/credentials-python2",
"name": "alibabacloud-credentials-py2",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "alibabacloud,sdk,tea",
"author": "Alibaba Cloud",
"author_email": "alibaba-cloud-sdk-dev-team@list.alibaba-inc.com",
"download_url": "https://files.pythonhosted.org/packages/78/a4/b3711c70d7177c2e2d5a49f7609d09c2ecb702d94bc50b90e4cfbbb6daa8/alibabacloud_credentials_py2-0.1.1.tar.gz",
"platform": "any",
"description": "English | [\u7b80\u4f53\u4e2d\u6587](README-CN.md)\n\n\n# Alibaba Cloud Credentials for Python2\n\n## Installation\n- **Install with pip**\n\nPython SDK uses a common package management tool named `pip`. If pip is not installed, see the [pip user guide](https://pip.pypa.io/en/stable/installing/ \"pip User Guide\") to install pip.\n\n```bash\n# Install the alibabacloud_credentials_py2\npip install alibabacloud_credentials_py2\n```\n\n## Usage\n\nBefore you begin, you need to sign up for an Alibaba Cloud account and retrieve your [Credentials](https://usercenter.console.aliyun.com/#/manage/ak).\n\n### Credential Type\n\n#### access_key\n\nSetup access_key credential through [User Information Management][ak], it have full authority over the account, please keep it safe. Sometimes for security reasons, you cannot hand over a primary account AccessKey with full access to the developer of a project. You may create a sub-account [RAM Sub-account][ram] , grant its [authorization][permissions]\uff0cand use the AccessKey of RAM Sub-account.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='access_key', # credential type\n access_key_id='accessKeyId', # AccessKeyId\n access_key_secret='accessKeySecret', # AccessKeySecret\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\ncred_type = cred.get_type()\n```\n\n\n\n#### sts\n\nCreate a temporary security credential by applying Temporary Security Credentials (TSC) through the Security Token Service (STS).\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='sts', # credential type\n access_key_id='accessKeyId', # AccessKeyId\n access_key_secret='accessKeySecret', # AccessKeySecret\n security_token='securityToken' # STS Token\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n\n\n#### ram_role_arn\n\nBy specifying [RAM Role][RAM Role], the credential will be able to automatically request maintenance of STS Token. If you want to limit the permissions([How to make a policy][policy]) of STS Token, you can assign value for `Policy`.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='ram_role_arn', # credential type\n access_key_id='accessKeyId', # AccessKeyId\n access_key_secret='accessKeySecret', # AccessKeySecret\n security_token='securityToken', # STS Token\n role_arn='roleArn', # Format: acs:ram::USER_ID:role/ROLE_NAME\n role_session_name='roleSessionName', # Role Session Name\n policy='policy', # Not required, limit the permissions of STS Token\n role_session_expiration=3600 # Not required, limit the Valid time of STS Token\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n\n\n#### OIDC Role ARN\n\nBy specifying [OIDC Role][OIDC Role], the credential will be able to automatically request maintenance of STS Token. If you want to limit the permissions([How to make a policy][policy]) of STS Token, you can assign value for `Policy`.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='oidc_role_arn', # credential type\n access_key_id='accessKeyId', # AccessKeyId\n access_key_secret='accessKeySecret', # AccessKeySecret\n security_token='securityToken', # STS Token\n role_arn='roleArn', # Format: acs:ram::USER_ID:role/ROLE_NAME\n oidc_provider_arn='oidcProviderArn', # Format: acs:ram::USER_Id:oidc-provider/OIDC Providers\n oidc_token_file_path='/Users/xxx/xxx',# oidc_token_file_path can be replaced by setting environment variable: ALIBABA_CLOUD_OIDC_TOKEN_FILE\n role_session_name='roleSessionName', # Role Session Name\n policy='policy', # Not required, limit the permissions of STS Token\n role_session_expiration=3600 # Not required, limit the Valid time of STS Token\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n\n\n#### ecs_ram_role\n\nBy specifying the role name, the credential will be able to automatically request maintenance of STS Token.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='ecs_ram_role', # credential type\n role_name='roleName' # `roleName` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests.\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n\n\n#### rsa_key_pair\n\nBy specifying the public key ID and the private key file, the credential will be able to automatically request maintenance of the AccessKey before sending the request. Only Japan station is supported.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='rsa_key_pair', # credential type\n private_key_file='privateKeyFile', # The file path to store the PrivateKey\n public_key_id='publicKeyId' # PublicKeyId of your account\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n\n\n#### bearer\n\nIf credential is required by the Cloud Call Centre (CCC), please apply for Bearer Token maintenance by yourself.\n\n```python\nfrom alibabacloud_credentials.client import Client\nfrom alibabacloud_credentials.models import Config\n\nconfig = Config(\n type='bearer', # credential type\n bearer_token='bearerToken', # BearerToken\n)\ncred = Client(config)\n\naccess_key_id = cred.get_access_key_id()\naccess_key_secret = cred.get_access_key_secret()\nsecurity_token = cred.get_security_token()\ncred_type = cred.get_type()\n```\n\n### Use the default credential provider chain\n\n```python\nfrom alibabacloud_credentials.client import Client as CredClient\nfrom alibabacloud_ocr20191230.client import Client as OcrClient\nfrom alibabacloud_ocr20191230.models import GetAsyncJobResultRequest\nfrom alibabacloud_tea_rpc.models import Config\nfrom alibabacloud_tea_util.models import RuntimeOptions\n\ncred = CredClient()\nconfig = Config(credential=cred)\n\nclient = OcrClient(config)\n\nrequest = GetAsyncJobResultRequest(\n job_id='<job_id>'\n)\n\nruntime_options = RuntimeOptions()\nresponse = client.get_async_job_result(request, runtime_options)\n```\n\nThe default credential provider chain looks for available credentials, with following order:\n\n1.Environment Credentials\n\nLook for environment credentials in environment variable. If the `ALIBABA_CLOUD_ACCESS_KEY_ID` and `ALIBABA_CLOUD_ACCESS_KEY_SECRET` environment variables are defined and are not empty, the program will use them to create default credentials.\n\n2.Credentials File\n\nIf there is `~/.alibabacloud/credentials default file (Windows shows C:\\Users\\USER_NAME\\.alibabacloud\\credentials)`, the program automatically creates credentials with the specified type and name. The default file is not necessarily exist, but a parse error will throw an exception. The name of configuration item is lowercase.This configuration file can be shared between different projects and between different tools. Because it is outside of the project and will not be accidentally committed to the version control. The path to the default file can be modified by defining the `ALIBABA_CLOUD_CREDENTIALS_FILE` environment variable. If not configured, use the default configuration `default`. You can also set the environment variables `ALIBABA_CLOUD_PROFILE` to use the configuration.\n\n```ini\n[default] # default setting\nenable = true # Enable\uff0cEnabled by default if this option is not present\ntype = access_key # Certification type: access_key\naccess_key_id = foo # Key\naccess_key_secret = bar # Secret\n\n[client1] # configuration that is named as `client1`\ntype = ecs_ram_role # Certification type: ecs_ram_role\nrole_name = EcsRamRoleTest # Role Name\n\n[client2] # configuration that is named as `client2`\nenable = false # Disable\ntype = ram_role_arn # Certification type: ram_role_arn\nregion_id = cn-test\npolicy = test # optional Specify permissions\naccess_key_id = foo\naccess_key_secret = bar\nrole_arn = role_arn\nrole_session_name = session_name # optional\n\n[client3] # configuration that is named as `client3`\ntype = rsa_key_pair # Certification type: rsa_key_pair\npublic_key_id = publicKeyId # Public Key ID\nprivate_key_file = /your/pk.pem # Private Key file\n\n[client3] # configuration that is named as `client3`\ntype = rsa_key_pair # Certification type: rsa_key_pair\npublic_key_id = publicKeyId # Public Key ID\nprivate_key_file = /your/pk.pem # Private Key file\n\n[client4] # configuration that is named as `client4`\nenable = false # Disable\ntype = oidc_role_arn # Certification type: oidc_role_arn\nregion_id = cn-test \npolicy = test # optional Specify permissions\naccess_key_id = foo # optional\naccess_key_secret = bar # optional\nrole_arn = role_arn\noidc_provider_arn = oidc_provider_arn\noidc_token_file_path = /xxx/xxx # can be replaced by setting environment variable: ALIBABA_CLOUD_OIDC_TOKEN_FILE \nrole_session_name = session_name # optional\n```\n\n3.Instance RAM Role\n\nIf the environment variable `ALIBABA_CLOUD_ECS_METADATA` is defined and not empty, the program will take the value of the environment variable as the role name and request <http://100.100.100.200/latest/meta-data/ram/security-credentials/> to get the temporary Security credentials.\n\n\n## Issues\n\n[Opening an Issue](https://github.com/aliyun/credentials-python2/issues/new), Issues not conforming to the guidelines may be closed immediately.\n\n## Changelog\nDetailed changes for each release are documented in the [release notes](./ChangeLog.md).\n\n## References\n* [Latest Release](https://github.com/aliyun/credentials-python2)\n\n## License\n[Apache-2.0](http://www.apache.org/licenses/LICENSE-2.0)\n\nCopyright (c) 2009-present, Alibaba Cloud All rights reserved.",
"bugtrack_url": null,
"license": "Apache License 2.0",
"summary": "The alibabacloud credentials module of alibabaCloud Python2 SDK.",
"version": "0.1.1",
"split_keywords": [
"alibabacloud",
"sdk",
"tea"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "78a4b3711c70d7177c2e2d5a49f7609d09c2ecb702d94bc50b90e4cfbbb6daa8",
"md5": "4f5415bd921317b9f235eb775fe5b98e",
"sha256": "8f2d7f5f01e7ae74f3c2a4817b6f8d55e7dabd44755a9a6b8e0c980926cf5259"
},
"downloads": -1,
"filename": "alibabacloud_credentials_py2-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "4f5415bd921317b9f235eb775fe5b98e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 14840,
"upload_time": "2023-02-01T08:19:10",
"upload_time_iso_8601": "2023-02-01T08:19:10.320126Z",
"url": "https://files.pythonhosted.org/packages/78/a4/b3711c70d7177c2e2d5a49f7609d09c2ecb702d94bc50b90e4cfbbb6daa8/alibabacloud_credentials_py2-0.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-02-01 08:19:10",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "aliyun",
"github_project": "credentials-python2",
"travis_ci": true,
"coveralls": false,
"github_actions": true,
"lcname": "alibabacloud-credentials-py2"
}
JSON
