OSS可以通过阿里云STS服务,临时进行授权访问。使用STS时请按以下步骤进行:
var OSS = require('ali-oss');
var STS = OSS.STS;
var co = require('co');
var sts = new STS({
accessKeyId: '<子账号的AccessKeyId>',
accessKeySecret: '<子账号的AccessKeySecret>'
});
co(function* () {
var token = yield sts.assumeRole(
'<role-arn>', '<policy>', '<expiration>', '<session-name>');
var client = new OSS({
region: '<region>',
accessKeyId: token.credentials.AccessKeyId,
accessKeySecret: token.credentials.AccessKeySecret,
stsToken: token.credentials.SecurityToken,
bucket: '<bucket-name>'
});
}).catch(function (err) {
console.log(err);
});
var OSS = require('ali-oss');
var STS = OSS.STS;
var co = require('co');
var sts = new STS({
accessKeyId: '<子账号的AccessKeyId>',
accessKeySecret: '<子账号的AccessKeySecret>'
});
var policy = {
"Statement": [
{
"Action": [
"oss:Get*"
],
"Effect": "Allow",
"Resource": ["acs:oss:*:*:my-bucket/*"]
}
],
"Version": "1"
};
co(function* () {
var token = yield sts.assumeRole(
'<role-arn>', policy, 15 * 60, '<session-name>');
var client = new OSS({
region: '<region>',
accessKeyId: token.credentials.AccessKeyId,
accessKeySecret: token.credentials.AccessKeySecret,
stsToken: token.credentials.SecurityToken,
bucket: '<bucket-name>'
});
}).catch(function (err) {
console.log(err);
});
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。