def test_rpc_assume_role_request_with_sts_token(self):
self._create_default_ram_user()
# self._attach_default_policy()
self._create_access_key()
self._create_default_ram_role()
acs_client = ClientConfig(region_id=self.region_id)
ram_role_arn_credential = RamRoleCredentialsProvider(
acs_client,
AccessKeyCredentials(self.ram_user_access_key_id,
self.ram_user_access_key_secret),
self.ram_role_arn, "alice_test")
client = AlibabaCloudClient(acs_client, ram_role_arn_credential)
client.product_code = "Ecs"
client.api_version = "2014-05-26"
client.location_service_code = 'ecs'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeRegions', 'GET', 'https', 'RPC')
response = client._handle_request(api_request)
response_credentials = response.http_request.credentials
self.assertTrue(response_credentials.access_key_id.startswith("STS."))
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("Regions"))
self.assertTrue(ret.get("RequestId"))
def test_roa_assume_role_request_with_sts_token(self):
self._create_default_ram_user()
# self._attach_default_policy()
self._create_access_key()
self._create_default_ram_role()
roa_client = ClientConfig(region_id=self.region_id)
ram_role_arn_credential = RamRoleCredentialsProvider(
roa_client,
AccessKeyCredentials(self.ram_user_access_key_id,
self.ram_user_access_key_secret),
self.ram_role_arn, "alice_test")
client = AlibabaCloudClient(roa_client, ram_role_arn_credential)
client.product_code = "ROS"
client.api_version = "2015-09-01"
client.location_service_code = 'ros'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeResourceTypes', 'GET', 'https',
'ROA')
api_request.uri_pattern = '/resource_types'
api_request.path_params = None
response = client._handle_request(api_request)
response_credentials = response.http_request.credentials
self.assertTrue(response_credentials.access_key_id.startswith("STS."))
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("ResourceTypes"))
def test_call_request_with_env_config_priority(self):
os.environ.setdefault("ALIBABA_CLOUD_ACCESS_KEY_ID",
self.access_key_id)
os.environ.setdefault("ALIBABA_CLOUD_ACCESS_KEY_SECRET",
self.access_key_secret)
client_config = ClientConfig(region_id=self.region_id)
client = AlibabaCloudClient(
client_config,
credentials_provider=self.init_credentials_provider())
client.product_code = "Ecs"
client.api_version = "2014-05-26"
client.location_service_code = 'ecs'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeRegions', 'GET', 'https', 'RPC')
response = client._handle_request(api_request)
env_credential_id = os.environ.get("ALIBABA_CLOUD_ACCESS_KEY_ID")
env_credential_secret = os.environ.get(
"ALIBABA_CLOUD_ACCESS_KEY_SECRET")
response_key_id = response.http_request.credentials.access_key_id
response_key_secret = response.http_request.credentials.access_key_secret
self.assertEqual(env_credential_id, response_key_id)
self.assertEqual(env_credential_secret, response_key_secret)
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("Regions"))
self.assertTrue(ret.get("RequestId"))
os.environ.pop("ALIBABA_CLOUD_ACCESS_KEY_ID")
os.environ.pop("ALIBABA_CLOUD_ACCESS_KEY_SECRET")
def test_call_request_with_env_error(self):
os.environ["ALIBABA_CLOUD_ACCESS_KEY_ID"] = self.access_key_id
client_config = ClientConfig(region_id=self.region_id)
with self.assertRaises(PartialCredentialsException) as e:
DefaultChainedCredentialsProvider(client_config)
self.assertEqual(
e.exception.error_message,
"Partial credentials found in env, ALIBABA_CLOUD_ACCESS_KEY_SECRET is empty"
)
def init_sub_client_config(self):
self._create_default_ram_user()
# self._attach_default_policy()
self._create_access_key()
sub_client_config = ClientConfig(region_id=self.region_id,
connection_timeout=120)
credentials = AccessKeyCredentials(self.ram_user_access_key_id,
self.ram_user_access_key_secret, )
from alibabacloud.credentials.provider import StaticCredentialsProvider
sub_credentials_provider = StaticCredentialsProvider(credentials)
return sub_client_config, sub_credentials_provider
def test_call_rpc_request_with_env_ak(self):
os.environ["ALIBABA_CLOUD_ACCESS_KEY_ID"] = self.access_key_id
os.environ["ALIBABA_CLOUD_ACCESS_KEY_SECRET"] = self.access_key_secret
client_config = ClientConfig(region_id=self.region_id)
client = AlibabaCloudClient(
client_config,
credentials_provider=self.init_credentials_provider())
client.product_code = "Ecs"
client.api_version = "2014-05-26"
client.location_service_code = 'ecs'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeRegions', 'GET', 'https', 'RPC')
response = client._handle_request(api_request)
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("Regions"))
self.assertTrue(ret.get("RequestId"))
def test_call_roa_request_with_env_ak(self):
os.environ["ALIBABA_CLOUD_ACCESS_KEY_ID"] = self.access_key_id
os.environ["ALIBABA_CLOUD_ACCESS_KEY_SECRET"] = self.access_key_secret
client_config = ClientConfig(region_id=self.region_id)
client = AlibabaCloudClient(
client_config,
credentials_provider=self.init_credentials_provider())
client.product_code = "ROS"
client.api_version = "2015-09-01"
client.location_service_code = 'ros'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeResourceTypes', 'GET', 'https',
'ROA')
api_request.uri_pattern = '/resource_types'
api_request.path_params = None
response = client._handle_request(api_request)
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("ResourceTypes"))
os.environ.pop("ALIBABA_CLOUD_ACCESS_KEY_ID")
os.environ.pop("ALIBABA_CLOUD_ACCESS_KEY_SECRET")
def test_call_request_with_config_role_name_priority(self):
os.environ["ALIBABA_CLOUD_ROLE_NAME"] = self.default_ram_role_name
client_config = ClientConfig(region_id=self.region_id)
client = AlibabaCloudClient(
client_config,
credentials_provider=self.init_credentials_provider())
client.product_code = "Ecs"
client.api_version = "2014-05-26"
client.location_service_code = 'ecs'
client.location_endpoint_type = "openAPI"
api_request = APIRequest('DescribeRegions', 'GET', 'https', 'RPC')
response = client._handle_request(api_request)
response_key_id = response.http_request.credentials.access_key_id
self.assertFalse(response_key_id.startswith("TST."))
response = response.http_response.content
ret = self.get_dict_response(response)
self.assertTrue(ret.get("Regions"))
self.assertTrue(ret.get("RequestId"))
os.environ.pop("ALIBABA_CLOUD_ROLE_NAME")
def get_client(service_name,
api_version=None,
region_id=None,
endpoint=None,
access_key_id=None,
access_key_secret=None,
credentials_provider=None,
retry_policy=None,
endpoint_resolver=None,
config=None):
"""
获取 `Alibaba Cloud Python SDK` 某个产品某个Version的client
:param service_name: 产品的product_code,比如Ecs
:type service_name: str
:param api_version: 产品的version,格式:2018-06-09
:type api_version: str
:param region_id: 参照 `可用区 <https://help.aliyun.com/document_detail/40654.html>`_
:type region_id: str
:param endpoint: 自定义的endpoint,不经过endpoint的解析流程
:type endpoint: str
:param access_key_id: 秘钥AccessKeyID
:type access_key_id: str
:param access_key_secret: 秘钥AccessKeySecret
:type access_key_secret: str
:param credentials_provider: 自定义的credentials_provider,如果用户自定义
credentials_provider,使用用户自定义的
:type credentials_provider: 一个具备provide接口的对象
:param retry_policy: 用户自定义的重试策略
:type retry_policy:
:param endpoint_resolver: 用户自定义的endpoint_resolver,如果用户自定义
endpoint_resolver,使用用户自定义的
:type endpoint_resolver: 一个具备resolve接口的对象
:param config: 如果用户自定义ClientConfig,使用用户自定义的,否则初始化一个ClientConfig。
如果用户在 `get_client()` 指定region_id ,则会覆盖config当中的region_id
:type config: ClientConfig
:return: client
:rtype: AlibabaCloudClient
"""
module_name, client_name = _prepare_module(
service_name, api_version) # ecs_20180909, EcsClient
if region_id is not None and config:
config.region_id = region_id
if endpoint is not None and config:
config.endpoint = endpoint
client_config = config if config else ClientConfig(region_id=region_id,
endpoint=endpoint)
try:
client_module = __import__(
'.'.join(['alibabacloud', 'clients', module_name]), globals(),
locals(), ['clients', module_name], 0)
except ImportError:
raise NoModuleException(name='.'.join(module_name))
if credentials_provider is not None:
custom_credentials_provider = credentials_provider
elif access_key_id and access_key_secret:
custom_credentials_provider = StaticCredentialsProvider(
AccessKeyCredentials(access_key_id, access_key_secret))
else:
custom_credentials_provider = DefaultChainedCredentialsProvider(
client_config)
return getattr(client_module, client_name)(
client_config,
retry_policy=retry_policy,
credentials_provider=custom_credentials_provider,
endpoint_resolver=endpoint_resolver)
def init_client_config(self, region_id=None):
if not region_id:
region_id = self.region_id
client_config = ClientConfig(region_id=region_id,
connection_timeout=120)
return client_config