After initializing the KMS instance SDK client, you can use it to call the GetSecretValue API for retrieving the secret value. This topic provides code examples for this.
Github source code:
Python 2: get_secret_value_sample.py.
Python 3: get_secret_value_sample.py.
Python 3 is used in this topic.
Complete example
Example walkthrough
Initialize client
# -*- coding: utf-8 -*-
from openapi.models import Config
from sdk.client import Client
config = Config()
# The connection protocol. Set the value to https. The KMS instance service only allows access through the HTTPS protocol.
config.protocol = "https"
# Client Key.
config.client_key_file = "<CLIENT_KEY_FILE>"
# Client Key decryption password.
config.password = os.getenv('CLIENT_KEY_PASSWORD')
# The endpoint of your KMS instance. Set the value in the following format: <ID of your KMS instance>.cryptoservice.kms.aliyuncs.com.
config.endpoint = "<ENDPOINT>"
client = Client(config)Call the GetSecretValue API
def get_secret_value(secret_name):
request = GetSecretValueRequest()
request.secret_name = secret_name
runtime_options = RuntimeOptions()
# Ignore server-side certificate.
# runtime_options.ignore_ssl = True
# verify indicates the path of the instance CA certificate.
runtime_options.verify = "<CA_CERTIFICATE_FILE_PATH>"
resp = client.get_secret_value_with_options(request, runtime_options)
print(resp)