[英]How to read Video from Google Cloud Storage without downloading it? using video URL
[英]Generating Cloud Storage Signed URL from Google Cloud Function without using explicit key file
我想創建一個預簽名上傳 URL 到存儲桶,並希望避免明確引用 json 密鑰。
目前,我正在嘗試使用默認 App Engine 服務帳戶執行此操作
我正在嘗試遵循此答案,但收到此錯誤:
AttributeError:您需要一個私鑰來簽署憑證。您當前使用的憑證 <class 'google.auth.compute_engine.credentials.Credentials'> 只包含一個令牌。 有關更多詳細信息,請參閱https://googleapis.dev/python/google-api-core/latest/auth.html#setting-up-a-service-account 。
我的雲 Function 代碼如下所示:
from google.cloud import storage
import datetime
import google.auth
def generate_upload_url(blob_name, additional_metadata: dict = {}):
credentials, project_id = google.auth.default()
# Perform a refresh request to get the access token of the current credentials (Else, it's None)
from google.auth.transport import requests
r = requests.Request()
credentials.refresh(r)
client = storage.Client()
bucket = client.get_bucket("my_bucket")
blob = bucket.blob(blob_name)
service_account_email = credentials.service_account_email
print(f"attempting to create signed url for {service_account_email}")
url = blob.generate_signed_url(
version="v4",
service_account_email=service_account_email,
access_token=credentials.token,
# This URL is valid for 120 minutes
expiration=datetime.timedelta(minutes=120),
# Allow PUT requests using this URL.
method="PUT",
content_type="application/octet-stream",
)
return url
def get_upload_url(request):
blob_name = get_param(request, "blob_name")
url = generate_upload_url(blob_name)
return url
當您使用簽名 URL 的 v4 版本時, 該方法的第一行調用ensure_signed_credentials
方法檢查當前服務帳戶是否可以在獨立模式下生成簽名(因此使用私鑰)。 因此,這打破了當前的行為。
在 function 的注釋中,清楚地描述了需要服務帳戶 JSON 文件
If you are on Google Compute Engine, you can't generate a signed URL.
Follow `Issue 922`_ for updates on this. If you'd like to be able to
generate a signed URL from GCE, you can use a standard service account
from a JSON file rather than a GCE service account.
因此,請改用 v2 版本。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.