前置条件
1.已 注册 华为云,并完成 实名认证
2.获取华为云开发工具包(SDK),您也可以查看安装JPython SDK。
3.已获取华为云账号对应的Access Key(AK)和Secret Access Key(SK)。请在华为云控制台“我的凭证 > 访问密钥”页面上创建和查看您的AK/SK。具体请参见 访问密钥 。
4.已具备开发环境 ,支持Python3及其以上版本。
代码示例
以下代码展示如何配置云服务器的访问策略
Copied!
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcore.exceptions.exceptions import ClientRequestException
from huaweicloudsdkcore.exceptions.exceptions import ServerResponseException
from huaweicloudsdkvpc.v2.vpc_client import VpcClient
from huaweicloudsdkvpc.v2.model.list_ports_request import ListPortsRequest
from huaweicloudsdkvpc.v2.model.list_security_groups_request import ListSecurityGroupsRequest
from huaweicloudsdkvpc.v2.model.update_port_option import UpdatePortOption
from huaweicloudsdkvpc.v2.model.update_port_request import UpdatePortRequest
from huaweicloudsdkvpc.v2.model.update_port_request_body import UpdatePortRequestBody
from huaweicloudsdkvpc.v2.region.vpc_region import VpcRegion
import os
class VPCPortBindSecurityGroupDemo:
"""
配置云服务器的访问策略
"""
def __init__(self):
pass
@staticmethod
def main(args):
ak = os.environ["HUAWEICLOUD_SDK_AK"]
sk = os.environ["HUAWEICLOUD_SDK_SK"]
ecs_id = "{ecs_id}"
auth = BasicCredentials(
ak=ak,
sk=sk
)
vpc_client = VpcClient.new_builder() \
.with_credentials(credentials=auth) \
.with_region(region=VpcRegion.value_of(region_id="cn-north-4")) \
.build()
demo = VPCPortBindSecurityGroupDemo()
list_ports_response = demo.list_ports(vpc_client, ecs_id)
security_groups_response = demo.list_security_groups(vpc_client)
port_id = list_ports_response.ports.get(0).id
security_group_id = security_groups_response.security_groups.get(0).id
demo.update_port(vpc_client, port_id, security_group_id)
def list_security_groups(self, vpc_client):
security_groups_request = ListSecurityGroupsRequest(
limit=1
)
security_groups_response = None
try:
security_groups_response = vpc_client.list_security_groups(security_groups_request)
print(security_groups_response)
except ClientRequestException as e:
print(str(e.status_code))
print(e)
except ServerResponseException as e:
print(str(e.status_code))
print(e.error_msg)
return security_groups_response
def list_ports(self, vpc_client, ecs_id):
list_ports_request = ListPortsRequest(
device_id=ecs_id
)
list_ports_response = None
try:
list_ports_response = vpc_client.list_ports(list_ports_request)
print(list_ports_response)
except ClientRequestException as e:
print(str(e.status_code))
print(e)
except ServerResponseException as e:
print(str(e.status_code))
print(e.error_msg)
return list_ports_response
def update_port(self, vpc_client, port_id, security_group_id):
request = UpdatePortRequest(
port_id=port_id,
body=UpdatePortRequestBody(
port=UpdatePortOption(
security_groups=[
security_group_id
]
)
)
)
update_port_response = None
try:
update_port_response = vpc_client.update_port(request)
print(update_port_response)
except ClientRequestException as e:
print(str(e.status_code))
print(e)
except ServerResponseException as e:
print(str(e.status_code))
print(e.error_msg)
return update_port_response
您可以在 虚拟私有云VPC服务文档 和API Explorer 查看具体信息。
版本说明
本示例基于华为云SDK开发
配置云服务器的访问策略
本示例展示如何配置云服务器的访问策略
功能介绍
配置云服务器的访问策略
前置条件
1.已 注册 华为云,并完成 实名认证
2.获取华为云开发工具包(SDK),您也可以查看安装JPython SDK。
3.已获取华为云账号对应的Access Key(AK)和Secret Access Key(SK)。请在华为云控制台“我的凭证 > 访问密钥”页面上创建和查看您的AK/SK。具体请参见 访问密钥 。
4.已具备开发环境 ,支持Python3及其以上版本。
SDK获取和安装
具体的SDK版本号请参见 SDK开发中心 (产品类别:虚拟私有云服务)
代码示例
以下代码展示如何配置云服务器的访问策略
from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcore.exceptions.exceptions import ClientRequestException from huaweicloudsdkcore.exceptions.exceptions import ServerResponseException from huaweicloudsdkvpc.v2.vpc_client import VpcClient from huaweicloudsdkvpc.v2.model.list_ports_request import ListPortsRequest from huaweicloudsdkvpc.v2.model.list_security_groups_request import ListSecurityGroupsRequest from huaweicloudsdkvpc.v2.model.update_port_option import UpdatePortOption from huaweicloudsdkvpc.v2.model.update_port_request import UpdatePortRequest from huaweicloudsdkvpc.v2.model.update_port_request_body import UpdatePortRequestBody from huaweicloudsdkvpc.v2.region.vpc_region import VpcRegion import os class VPCPortBindSecurityGroupDemo: """ 配置云服务器的访问策略 """ def __init__(self): pass @staticmethod def main(args): # 认证用的ak和sk直接写到代码中有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全; # 本示例以ak和sk保存在环境变量中来实现身份验证为例,运行本示例前请先在本地环境中设置环境变量HUAWEICLOUD_SDK_AK和HUAWEICLOUD_SDK_SK。 ak = os.environ["HUAWEICLOUD_SDK_AK"] sk = os.environ["HUAWEICLOUD_SDK_SK"] # 云服务器id ecs_id = "{ecs_id}" auth = BasicCredentials( ak=ak, sk=sk ) vpc_client = VpcClient.new_builder() \ .with_credentials(credentials=auth) \ .with_region(region=VpcRegion.value_of(region_id="cn-north-4")) \ .build() demo = VPCPortBindSecurityGroupDemo() # 1.通过云服务器的ID查询网卡信息 list_ports_response = demo.list_ports(vpc_client, ecs_id) # 2.查询当前已有的安全组信息 security_groups_response = demo.list_security_groups(vpc_client) port_id = list_ports_response.ports.get(0).id security_group_id = security_groups_response.security_groups.get(0).id # 3.为弹性云服务器添加安全组。 demo.update_port(vpc_client, port_id, security_group_id) def list_security_groups(self, vpc_client): security_groups_request = ListSecurityGroupsRequest( limit=1 ) security_groups_response = None try: security_groups_response = vpc_client.list_security_groups(security_groups_request) print(security_groups_response) except ClientRequestException as e: print(str(e.status_code)) print(e) except ServerResponseException as e: print(str(e.status_code)) print(e.error_msg) return security_groups_response def list_ports(self, vpc_client, ecs_id): list_ports_request = ListPortsRequest( device_id=ecs_id ) list_ports_response = None try: list_ports_response = vpc_client.list_ports(list_ports_request) print(list_ports_response) except ClientRequestException as e: print(str(e.status_code)) print(e) except ServerResponseException as e: print(str(e.status_code)) print(e.error_msg) return list_ports_response def update_port(self, vpc_client, port_id, security_group_id): request = UpdatePortRequest( port_id=port_id, body=UpdatePortRequestBody( port=UpdatePortOption( security_groups=[ security_group_id ] ) ) ) update_port_response = None try: update_port_response = vpc_client.update_port(request) print(update_port_response) except ClientRequestException as e: print(str(e.status_code)) print(e) except ServerResponseException as e: print(str(e.status_code)) print(e.error_msg) return update_port_response您可以在 虚拟私有云VPC服务文档 和API Explorer 查看具体信息。
修订记录