| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- package utils
- import (
- "fmt"
- "github.com/aliyun/alibaba-cloud-sdk-go/services/sts"
- "gitlab.alibaba-inc.com/pai_biz_arch/pairec/log"
- "gitlab.alibaba-inc.com/pai_biz_arch/pairec/recconf"
- )
- var (
- accessKeyId = "LTAIm398VwCMfDhK"
- accessKeySecret = "vFNt9TQTQTlbzwtzlIH4HTegWHqJrw"
- EndpointMap = map[string]string{
- "cn-beijing": "sts-vpc.cn-beijing.aliyuncs.com",
- }
- )
- func AssumedRoleUser(regionId, rolearn, roleSessionName string) (*sts.AssumeRoleResponse, error) {
- client, err := sts.NewClientWithAccessKey(regionId, accessKeyId, accessKeySecret)
- if err != nil {
- log.Error(fmt.Sprintf("error=%v", err))
- return nil, err
- }
- client.SetHTTPSInsecure(true)
- if recconf.Config.RunMode == "production" {
- if endpoint, ok := EndpointMap[regionId]; ok {
- client.Domain = endpoint
- }
- } else {
- client.Domain = "sts.cn-beijing.aliyuncs.com"
- }
- // client.Domain = "sts.cn-beijing.aliyuncs.com"
- request := sts.CreateAssumeRoleRequest()
- request.RoleSessionName = roleSessionName
- request.RoleArn = rolearn
- request.DurationSeconds = "3600"
- request.SetScheme("https")
- response, err := client.AssumeRole(request)
- if err != nil {
- log.Error(fmt.Sprintf("error=%v", err))
- return nil, err
- }
- fmt.Println("AssumedRoleUser", client, response)
- return response, nil
- }
|
