To improve the security and convenience of application deployment, Alibaba Cloud SDK supports using ECS Metadata Service to retrieve the authentication information of an ECS instance RAM role. Therefore, the applications deployed in the ECS instance can call APIs of other products without configuring credentials in the SDK. The SDK has the same permission as the RAM role attached to the ECS instance.
Note: Make sure that the ECS instance has configured a RAM role. For more information, see Access APIs of other cloud products by using the instance RAM role.
The following example shows how to configure the ECS instance RAM role in the Go SDK.
Do not use the custom configuration:
// If you do not need to customize the config, we provide a shortcut to build a client
client, err = ecs.NewClientWithEcsRamRole("region-id", "role-name")
Use the custom configuration:
// If you need to customize the config, you can use the following codes to build a client
config := sdk.NewConfig().WithEnableAsync(true)
// Create the credential object
credential := credentials.NewEcsRamRoleCredential("role-name")
// Initialize the client
client, err := ecs.NewClientWithOptions("region-id", config, credential)
role-nameis the name of the RAM role associated with the ECS instance.
region-idis the ID of the region where the cloud service that the ECS RAM role is accessing is located.