因此,我正在尝试使用google-cloud-storagePython库(https://googlecloudplatform.github.io/google-cloud-python/latest/storage/blobs.html)为我的Google云端存储对象生成临时的全局可读URL - 更具体地说, Blob.generate_signed_url()方法.我是在命令行Python脚本中的Compute Engine实例中执行此操作.我一直收到以下错误:
AttributeError: you need a private key to sign credentials.the credentials you are currently using <class 'oauth2cl
ient.service_account.ServiceAccountCredentials'> just contains a token. see https://google-cloud-python.readthedocs
.io/en/latest/core/auth.html?highlight=authentication#setting-up-a-service-account for more details.
我知道在GCE(https://github.com/GoogleCloudPlatform/google-auth-library-python/issues/50)中执行此操作存在问题,但我已按照此处的说明创建了新的服务帐户凭据:https://cloud.google.com/storage/docs/access-control/create-signed-urls-program和我的key.json文件肯定包含私钥.我仍然看到那个错误.
这是我的代码:
keyfile = "/path/to/my/key.json"
credentials = ServiceAccountCredentials.from_json_keyfile_name(keyfile)
expiration = timedelta(3) # valid for 3 days
url = blob.generate_signed_url(expiration, method="GET",
credentials=credentials)
我已经阅读了问题跟踪器这里https://github.com/GoogleCloudPlatform/google-cloud-python/issues?page=2&q=is%3Aissue+is%3Aopen并没有任何相关的跳出来所以我假设这应该工作.看不出这里出了什么问题.
python google-cloud-storage google-compute-engine google-cloud-python