GCP 客户端与云 API 身份验证
GCP Client vs Cloud API Authentication
Google 云平台服务的云和 api 客户端库似乎有不同的路径。在 api 客户端库中,我们可以使用默认凭据,但我找不到在云库中使用默认凭据的文档。
我们还能使用云库中的默认凭据吗?如果不是,建议使用项目的 api 密钥生成服务用户的路径?
对于 Cloud Storage 和 Stackdriver 监控客户端库,您应该能够默认使用应用程序默认凭据,就像任何其他 Google 客户端库一样。
If no credentials are provided, google-cloud will attempt to detect
them from the environment using
GoogleCredentials.getApplicationDefault() which will search for
Default Application Credentials in the following locations (in order):
- The credentials file pointed to by the
GOOGLE_APPLICATION_CREDENTIALS environment variable.
- Credentials provided by the Google Cloud SDK
gcloud auth application-default login command.
- Google App Engine built-in credentials.
- Google Cloud Shell built-in credentials Google
- Compute Engine built-in credentials
根据您的设置和环境,您可以选择最有效的方法。通常指向凭据 json 文件的环境变量 GOOGLE_APPLICATION_CREDENTIALS 最容易设置。
完成上述操作后,您可以继续调用相应的库。
对于云存储(复制示例here):
// Imports the Google Cloud client library
import com.google.cloud.storage.Bucket;
import com.google.cloud.storage.BucketInfo;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
public class QuickstartSample {
public static void main(String... args) throws Exception {
// Instantiates a client
Storage storage = StorageOptions.getDefaultInstance().getService();
// The name for the new bucket
String bucketName = args[0]; // "my-new-bucket";
// Creates the new bucket
Bucket bucket = storage.create(BucketInfo.of(bucketName));
System.out.printf("Bucket %s created.%n", bucket.getName());
}
}
对于Stackdriver监控(复制示例here):
import com.google.api.Metric;
import com.google.api.MonitoredResource;
// Imports the Google Cloud client library
import com.google.cloud.monitoring.spi.v3.MetricServiceClient;
import com.google.monitoring.v3.CreateTimeSeriesRequest;
import com.google.monitoring.v3.Point;
import com.google.monitoring.v3.ProjectName;
import com.google.monitoring.v3.TimeInterval;
import com.google.monitoring.v3.TimeSeries;
import com.google.monitoring.v3.TypedValue;
import com.google.protobuf.util.Timestamps;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class QuickstartSample {
public static void main(String... args) throws Exception {
// Your Google Cloud Platform project ID
String projectId = System.getProperty("projectId");
if (projectId == null) {
System.err.println("Usage: QuickstartSample -DprojectId=YOUR_PROJECT_ID");
return;
}
// Instantiates a client
MetricServiceClient metricServiceClient = MetricServiceClient.create();
// Prepares an individual data point
TimeInterval interval = TimeInterval.newBuilder()
.setEndTime(Timestamps.fromMillis(System.currentTimeMillis()))
.build();
TypedValue value = TypedValue.newBuilder()
.setDoubleValue(123.45)
.build();
Point point = Point.newBuilder()
.setInterval(interval)
.setValue(value)
.build();
List<Point> pointList = new ArrayList<>();
pointList.add(point);
ProjectName name = ProjectName.create(projectId);
// Prepares the metric descriptor
Map<String, String> metricLabels = new HashMap<String, String>();
metricLabels.put("store_id", "Pittsburg");
Metric metric = Metric.newBuilder()
.setType("custom.googleapis.com/stores/daily_sales")
.putAllLabels(metricLabels)
.build();
// Prepares the monitored resource descriptor
Map<String, String> resourceLabels = new HashMap<String, String>();
resourceLabels.put("project_id", projectId);
MonitoredResource resource = MonitoredResource.newBuilder()
.setType("global")
.putAllLabels(resourceLabels)
.build();
// Prepares the time series request
TimeSeries timeSeries = TimeSeries.newBuilder()
.setMetric(metric)
.setResource(resource)
.addAllPoints(pointList)
.build();
List<TimeSeries> timeSeriesList = new ArrayList<>();
timeSeriesList.add(timeSeries);
CreateTimeSeriesRequest request = CreateTimeSeriesRequest.newBuilder()
.setNameWithProjectName(name)
.addAllTimeSeries(timeSeriesList)
.build();
// Writes time series data
metricServiceClient.createTimeSeries(request);
System.out.printf("Done writing time series data.%n");
metricServiceClient.close();
}
}
顺便说一句,云监控库 APIs v2 are deprecated in favor of Stackdriver Monitoring libraries and APIs v3。
Google 云平台服务的云和 api 客户端库似乎有不同的路径。在 api 客户端库中,我们可以使用默认凭据,但我找不到在云库中使用默认凭据的文档。
我们还能使用云库中的默认凭据吗?如果不是,建议使用项目的 api 密钥生成服务用户的路径?
对于 Cloud Storage 和 Stackdriver 监控客户端库,您应该能够默认使用应用程序默认凭据,就像任何其他 Google 客户端库一样。
If no credentials are provided, google-cloud will attempt to detect them from the environment using
GoogleCredentials.getApplicationDefault()which will search for Default Application Credentials in the following locations (in order):
- The credentials file pointed to by the
GOOGLE_APPLICATION_CREDENTIALSenvironment variable.- Credentials provided by the Google Cloud SDK
gcloud auth application-default logincommand.- Google App Engine built-in credentials.
- Google Cloud Shell built-in credentials Google
- Compute Engine built-in credentials
根据您的设置和环境,您可以选择最有效的方法。通常指向凭据 json 文件的环境变量 GOOGLE_APPLICATION_CREDENTIALS 最容易设置。
完成上述操作后,您可以继续调用相应的库。
对于云存储(复制示例here):
// Imports the Google Cloud client library
import com.google.cloud.storage.Bucket;
import com.google.cloud.storage.BucketInfo;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
public class QuickstartSample {
public static void main(String... args) throws Exception {
// Instantiates a client
Storage storage = StorageOptions.getDefaultInstance().getService();
// The name for the new bucket
String bucketName = args[0]; // "my-new-bucket";
// Creates the new bucket
Bucket bucket = storage.create(BucketInfo.of(bucketName));
System.out.printf("Bucket %s created.%n", bucket.getName());
}
}
对于Stackdriver监控(复制示例here):
import com.google.api.Metric;
import com.google.api.MonitoredResource;
// Imports the Google Cloud client library
import com.google.cloud.monitoring.spi.v3.MetricServiceClient;
import com.google.monitoring.v3.CreateTimeSeriesRequest;
import com.google.monitoring.v3.Point;
import com.google.monitoring.v3.ProjectName;
import com.google.monitoring.v3.TimeInterval;
import com.google.monitoring.v3.TimeSeries;
import com.google.monitoring.v3.TypedValue;
import com.google.protobuf.util.Timestamps;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class QuickstartSample {
public static void main(String... args) throws Exception {
// Your Google Cloud Platform project ID
String projectId = System.getProperty("projectId");
if (projectId == null) {
System.err.println("Usage: QuickstartSample -DprojectId=YOUR_PROJECT_ID");
return;
}
// Instantiates a client
MetricServiceClient metricServiceClient = MetricServiceClient.create();
// Prepares an individual data point
TimeInterval interval = TimeInterval.newBuilder()
.setEndTime(Timestamps.fromMillis(System.currentTimeMillis()))
.build();
TypedValue value = TypedValue.newBuilder()
.setDoubleValue(123.45)
.build();
Point point = Point.newBuilder()
.setInterval(interval)
.setValue(value)
.build();
List<Point> pointList = new ArrayList<>();
pointList.add(point);
ProjectName name = ProjectName.create(projectId);
// Prepares the metric descriptor
Map<String, String> metricLabels = new HashMap<String, String>();
metricLabels.put("store_id", "Pittsburg");
Metric metric = Metric.newBuilder()
.setType("custom.googleapis.com/stores/daily_sales")
.putAllLabels(metricLabels)
.build();
// Prepares the monitored resource descriptor
Map<String, String> resourceLabels = new HashMap<String, String>();
resourceLabels.put("project_id", projectId);
MonitoredResource resource = MonitoredResource.newBuilder()
.setType("global")
.putAllLabels(resourceLabels)
.build();
// Prepares the time series request
TimeSeries timeSeries = TimeSeries.newBuilder()
.setMetric(metric)
.setResource(resource)
.addAllPoints(pointList)
.build();
List<TimeSeries> timeSeriesList = new ArrayList<>();
timeSeriesList.add(timeSeries);
CreateTimeSeriesRequest request = CreateTimeSeriesRequest.newBuilder()
.setNameWithProjectName(name)
.addAllTimeSeries(timeSeriesList)
.build();
// Writes time series data
metricServiceClient.createTimeSeries(request);
System.out.printf("Done writing time series data.%n");
metricServiceClient.close();
}
}
顺便说一句,云监控库 APIs v2 are deprecated in favor of Stackdriver Monitoring libraries and APIs v3。