145 lines
5.1 KiB
Python
145 lines
5.1 KiB
Python
#!/usr/bin/env python3
|
||
"""
|
||
查询阿里云账号信息
|
||
通过 AccessKey 获取账号详情和权限信息
|
||
"""
|
||
|
||
import os
|
||
import sys
|
||
from dotenv import load_dotenv
|
||
|
||
# 加载环境变量
|
||
load_dotenv()
|
||
|
||
def check_account_info():
|
||
"""检查阿里云账号信息"""
|
||
try:
|
||
import oss2
|
||
from aliyunsdkcore.client import AcsClient
|
||
from aliyunsdkcore.request import CommonRequest
|
||
|
||
# 从环境变量读取配置
|
||
access_key_id = os.getenv('ALIYUN_OSS_ACCESS_KEY_ID')
|
||
access_key_secret = os.getenv('ALIYUN_OSS_ACCESS_KEY_SECRET')
|
||
|
||
print(f"🔍 查询阿里云账号信息...")
|
||
print(f" AccessKeyId: {access_key_id}")
|
||
|
||
if not access_key_id or not access_key_secret:
|
||
print("❌ AccessKey 配置不完整")
|
||
return False
|
||
|
||
# 方法1: 通过 OSS 获取账号信息
|
||
try:
|
||
auth = oss2.Auth(access_key_id, access_key_secret)
|
||
|
||
# 尝试列出所有 Bucket(这会显示账号ID)
|
||
service = oss2.Service(auth, 'https://oss-cn-hangzhou.aliyuncs.com')
|
||
|
||
print(f"\n📋 尝试列出该账号下的所有 Bucket...")
|
||
buckets = service.list_buckets()
|
||
|
||
if buckets.buckets:
|
||
print(f"✅ 找到 {len(buckets.buckets)} 个 Bucket:")
|
||
for bucket in buckets.buckets:
|
||
print(f" - {bucket.name} (区域: {bucket.location}, 创建时间: {bucket.creation_date})")
|
||
|
||
# 检查是否有 nvlovers
|
||
if bucket.name == 'nvlovers':
|
||
print(f" ✅ 找到目标 Bucket: nvlovers")
|
||
return True
|
||
|
||
print(f"\n❌ 未找到 'nvlovers' Bucket")
|
||
print(f"💡 建议使用上述任一 Bucket,或创建新的 Bucket")
|
||
|
||
else:
|
||
print(f"❌ 该账号下没有任何 Bucket")
|
||
|
||
except Exception as e:
|
||
print(f"❌ OSS 查询失败: {e}")
|
||
|
||
# 分析错误类型
|
||
error_str = str(e)
|
||
if "InvalidAccessKeyId" in error_str:
|
||
print("💡 AccessKeyId 无效或不存在")
|
||
elif "SignatureDoesNotMatch" in error_str:
|
||
print("💡 AccessKeySecret 错误")
|
||
elif "AccessDenied" in error_str:
|
||
print("💡 AccessKey 权限不足,无法列出 Bucket")
|
||
|
||
# 方法2: 通过 STS 获取账号信息
|
||
try:
|
||
print(f"\n🔍 尝试获取账号身份信息...")
|
||
|
||
client = AcsClient(access_key_id, access_key_secret, 'cn-hangzhou')
|
||
|
||
request = CommonRequest()
|
||
request.set_accept_format('json')
|
||
request.set_domain('sts.cn-hangzhou.aliyuncs.com')
|
||
request.set_method('POST')
|
||
request.set_protocol_type('https')
|
||
request.set_version('2015-04-01')
|
||
request.set_action_name('GetCallerIdentity')
|
||
|
||
response = client.do_action_with_exception(request)
|
||
|
||
import json
|
||
result = json.loads(response)
|
||
|
||
if 'AccountId' in result:
|
||
account_id = result['AccountId']
|
||
user_id = result.get('UserId', 'N/A')
|
||
arn = result.get('Arn', 'N/A')
|
||
|
||
print(f"✅ 账号信息:")
|
||
print(f" 账号ID: {account_id}")
|
||
print(f" 用户ID: {user_id}")
|
||
print(f" ARN: {arn}")
|
||
|
||
return True
|
||
|
||
except ImportError:
|
||
print("❌ 阿里云 SDK 未安装,请运行:")
|
||
print(" pip install aliyun-python-sdk-core")
|
||
print(" pip install aliyun-python-sdk-sts")
|
||
except Exception as e:
|
||
print(f"❌ STS 查询失败: {e}")
|
||
|
||
return False
|
||
|
||
except ImportError:
|
||
print("❌ 依赖模块未安装,请运行:")
|
||
print(" pip install oss2")
|
||
print(" pip install aliyun-python-sdk-core")
|
||
return False
|
||
except Exception as e:
|
||
print(f"❌ 查询失败: {e}")
|
||
return False
|
||
|
||
def suggest_solutions():
|
||
"""提供解决方案建议"""
|
||
print(f"\n🔧 解决方案建议:")
|
||
print(f"1. 如果找到了其他 Bucket,修改 .env 中的 ALIYUN_OSS_BUCKET_NAME")
|
||
print(f"2. 如果没有 Bucket,登录阿里云控制台创建一个:")
|
||
print(f" https://oss.console.aliyun.com/")
|
||
print(f"3. 如果 AccessKey 权限不足,在 RAM 控制台添加 OSS 权限:")
|
||
print(f" https://ram.console.aliyun.com/")
|
||
print(f"4. 确保 AccessKey 有以下权限:")
|
||
print(f" - oss:ListBuckets")
|
||
print(f" - oss:ListObjects")
|
||
print(f" - oss:PutObject")
|
||
print(f" - oss:DeleteObject")
|
||
|
||
def main():
|
||
print("🚀 开始查询阿里云账号信息...")
|
||
|
||
success = check_account_info()
|
||
|
||
if not success:
|
||
suggest_solutions()
|
||
return 1
|
||
|
||
return 0
|
||
|
||
if __name__ == "__main__":
|
||
sys.exit(main()) |