因此,我正在尝试使用google-cloud-storage
Python 库(https://googlecloudplatform.github.io/google-cloud-python/latest/storage/blob.html)为我的 Google Cloud Storage 对象生成临时的全局可读 URL - 更具体地说Blob.generate_signed_url() 方法。我在命令行 Python 脚本中的 Compute Engine 实例中执行此操作。而且我不断收到以下错误:
AttributeError: you need a private key to sign credentials.the credentials you are currently using <class 'oauth2cl
ient.service_account.ServiceAccountCredentials'> just contains a token. see https://google-cloud-python.readthedocs
.io/en/latest/core/auth.html?highlight=authentication#setting-up-a-service-account for more details.
我知道在 GCE(https://github.com/GoogleCloudPlatform/google-auth-library-python/issues/50)中执行此操作存在问题,但我已按照此处的说明创建了一个新的服务帐户凭据:https://cloud.google.com/storage/docs/access-control/create-signed-urls-program我的 key.json 文件肯定包含一个私钥。我仍然看到那个错误。
这是我的代码:
keyfile = "/path/to/my/key.json"
credentials = ServiceAccountCredentials.from_json_keyfile_name(keyfile)
expiration = timedelta(3) # valid for 3 days
url = blob.generate_signed_url(expiration, method="GET",
credentials=credentials)
我已经阅读了这里的问题跟踪器https://github.com/GoogleCloudPlatform/google-cloud-python/issues?page=2&q=is%3Aissue+is%3Aopen并且没有任何相关的跳出所以我假设这应该可以工作. 看不到这里出了什么问题。