tencentcloud-sdk-sts 3.0.1118 → 3.0.1123
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/VERSION +1 -1
- data/lib/v20180813/client.rb +21 -7
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 384bba21fee0533b599d295f70403ff1ead34474
|
|
4
|
+
data.tar.gz: 56858c3a2b7622a1083ad89d9cceaa285b848726
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 419bf94ae405bb52766e6cbf45adc972f4dde75070fa12c9633cdedd20d182118b5a0ae19e05e3fa4446ed0cbbfd938411608d15cac85fdfe282d76005e6654b
|
|
7
|
+
data.tar.gz: e422371acaa8438484b192fe396a46cbbd0c4fd14344931eac5fe3ff697e28357ccff34831e009dfe6485c7b62a757d01c0ade8b1af057d7ee637c89e91f65cc
|
data/lib/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.0.
|
|
1
|
+
3.0.1123
|
data/lib/v20180813/client.rb
CHANGED
|
@@ -29,20 +29,34 @@ module TencentCloud
|
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
|
|
32
|
-
#
|
|
32
|
+
# **使用说明**
|
|
33
|
+
|
|
34
|
+
# 1. 申请扮演某个角色的临时访问凭证,返回临时身份的token和能够扮演该角色的临时密钥;
|
|
35
|
+
# 2. 角色策略组成
|
|
36
|
+
# (1)角色载体:指定谁可以扮演该角色;
|
|
37
|
+
# (2)角色权限:指定扮演角色后可以执行哪些操作,操作哪些资源。
|
|
38
|
+
|
|
39
|
+
# 3. 角色可被扮演的条件
|
|
40
|
+
# (1)给该用户绑定包含AssumeRole的策略;
|
|
41
|
+
# (2)将该用户配置为角色载体的主体。
|
|
33
42
|
|
|
34
|
-
#
|
|
43
|
+
# 4. 此接口可以支持永久密钥或临时密钥调用。
|
|
35
44
|
|
|
36
|
-
# (1)角色信任策略:指定谁可以扮演该角色;
|
|
37
45
|
|
|
38
|
-
#
|
|
46
|
+
# **典型场景**
|
|
47
|
+
|
|
48
|
+
# 1. 跨账号授权:主账号A需要操作主账号B的资源。
|
|
49
|
+
# 例如:A账号下有子用户a,B账号下有角色role b,a可以通过AssumeRole接口扮演b,以角色b身份登录账号B的控制台,并操作资源。
|
|
39
50
|
|
|
51
|
+
# 2. 跨服务调用:云上的A服务需要访问或操作B服务的资源。
|
|
52
|
+
# 例如:为A服务接入一个服务相关角色,用户授权创建角色和策略后,A服务即可调用AssumeRole获取用户的服务相关角色临时密钥,调用B服务接口并访问资源。
|
|
40
53
|
|
|
41
|
-
# 2、角色可扮演条件
|
|
42
54
|
|
|
43
|
-
# (1)给用户绑定允许调用AssumeRole的策略 ;
|
|
44
55
|
|
|
45
|
-
#
|
|
56
|
+
# **最佳实践**
|
|
57
|
+
# 1. 临时访问凭证在有效期内(Expiration)都可以使用,建议在有效期内重复使用,避免业务请求该接口频率达到上限被限频;
|
|
58
|
+
# 2. 授予临时访问凭证权限的CAM策略,建议严格遵循最小权限原则;
|
|
59
|
+
# 3. 建议不要使用主账号永久密钥,对该接口进行调用。
|
|
46
60
|
|
|
47
61
|
# @param request: Request instance for AssumeRole.
|
|
48
62
|
# @type request: :class:`Tencentcloud::sts::V20180813::AssumeRoleRequest`
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tencentcloud-sdk-sts
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.1123
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tencent Cloud
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-08-
|
|
11
|
+
date: 2025-08-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tencentcloud-sdk-common
|