I want to access Cloud Storage from a GCE instance. Since it is accessed from inside the project, Method using OAuth 2.0 directly Simpler [Service account]( Use https://cloud.google.com/compute/docs/authentication).
First, get an access token from the metadata server.
import json
import urllib2
METADATA_SERVER = "http://169.254.169.254/computeMetadata/v1/instance/service-accounts"
SERVICE_ACCOUNT = "default"
req = urllib2.Request("{0}/{1}/token".format(METADATA_SERVER, SERVICE_ACCOUNT))
req.add_header("Metadata-Flavor", "Google")
data = json.load(urllib2.urlopen(req))
token = data["access_token"]
token_type = data["token_type"]
Use the received token to access Cloud Storage.
from apiclient import discovery
sp = discovery.build("storage", "v1")
req = sp.objects().get_media(bucket=<BUCKET>, object=<PATH>)
req.headers["Authorization"] = "{0} {1}".format(token_type, token)
res = req.execute()
Sample code used ʻoauth2_client.AccessTokenCredentials`, but you can also access it by the above method.
from apiclient import discovery
from apiclient.http import MediaIoBaseUpload
sp = discovery.build("storage", "v1")
# fp:Data to upload, mimetype: MIME type
media_body = MediaIoBaseUpload(fp, mimetype, resumable=True)
req = sp.objects().insert(bucket=<BUCKET>, body=dict(name=<PATH>), media_body=media_body)
req.headers["Authorization"] = "{0} {1}".format(token_type, token)
req.execute()
Recommended Posts