All Products
Search

This Product

    Tablestore:Initialize a tunnel client

    Document Center

    Tablestore:Initialize a tunnel client

    Last Updated:Mar 20, 2025

    A tunnel client, which is a client for Tunnel Service, provides a variety of methods for callers to perform operations on tunnels and consume data. To use Tunnel Service to consume data in a table, you must initialize a tunnel client.

    Preparations

    Before you initialize a Tablestore client, you must obtain information about the Tablestore instance that you want to access, install Tablestore SDK for Go, and configure access credentials.

    Obtain information about the instance that you want to access

    • Region ID: the ID of the region in which the instance resides. For example, the ID of the China (Hangzhou) region is cn-hangzhou. For more information about regions, see Regions.

    • Instance name and endpoint: Each Tablestore instance has an endpoint. You must specify an endpoint before you can perform operations on the data and tables in Tablestore. You can perform the following steps to obtain the endpoint of an instance:

      1. Log on to the Tablestore console.

      2. In the top navigation bar, select a resource group and a region.

      3. On the Overview page, click the name of the instance that you want to manage or click Manage Instance in the Actions column of the instance.

      4. On the Instance Details tab, view the name and URLs of the instance.

    Install Tablestore SDK for Go

    Run the go mod init <DIRNAME> command in the project directory to generate the go.mo d file. Then, run the following command to install Tablestore SDK for Go:

    Note

    <DIRNAME> indicates the project directory path. Replace <DIRNAME> with the actual project directory path. 

    go get github.com/aliyun/aliyun-tablestore-go-sdk/tablestore

    For information about how to install Tablestore SDK for Go, see Install Tablestore SDK for Java.

    Configure access credentials

    To use Tablestore SDK for Java to initiate a request to access Tablestore, you must configure access credentials. Alibaba Cloud verifies your identity and access permissions based on the access credentials.

    In the examples in this topic, the AccessKey pair of an Alibaba Cloud account is used to describe how to configure access credentials. For more information, see How do I obtain an AccessKey pair?

    If you save access credentials to the code, information leaks may occur. We recommend that you save access credentials to system environment variables.

    Windows

    Run the command prompt as an administrator and run the following commands: 

    # Specify the AccessKey ID.
setx TABLESTORE_ACCESS_KEY_ID your_access_key_id /m
# Specify the AccessKey secret.
setx TABLESTORE_ACCESS_KEY_SECRET your_access_key_secret /m

    macOS/Linux/Unix

    # Specify the AccessKey ID.
export TABLESTORE_ACCESS_KEY_ID=your_access_key_id
# Specify the AccessKey secret.
export TABLESTORE_ACCESS_KEY_SECRET=your_access_key_secret

    For information about how to configure access credentials, see Configure access credentials.

    Initialize a tunnel client

    Initialize a tunnel client by using a method that best suits your business requirements.

    • Use the AccessKey pair of your Alibaba Cloud account or a RAM user to initialize a tunnel client

      Important

      For security purposes, we recommend that you use the AccessKey pair of a RAM user to access Tablestore. You can create a RAM user, attach the AliyunOTSFullAccess policy to the RAM user to grant the RAM user the permissions to manage Tablestore, and create an AccessKey pair for the RAM user. For more information, see Use the AccessKey pair of a RAM user to access Tablestore.

      The following sample code provides an example on how to use the AccessKey ID and AccessKey secret that you obtained to initialize a tunnel client: 

      // Specify the name of the instance. 
// Specify the endpoint of the instance. Example: https://instance.cn-hangzhou.ots.aliyun.com. 
// Specify the AccessKey ID and AccessKey secret of your Alibaba Cloud account or a RAM user. 
instanceName := "yourInstanceName"
endPoint := "yourEndpoint"
accessKeyId := os.Getenv("TABLESTORE_ACCESS_KEY_ID")
accessKeySecret := os.Getenv("TABLESTORE_ACCESS_KEY_SECRET")
tunnelClient := tunnel.NewTunnelClient(endPoint, instanceName, accessKeyId, accessKeySecret)

    • Use the temporary access credentials that you obtained from STS to initialize a tunnel client

      If you want to authorize temporary access, you can use this method to initialize a tunnel client.

      Note

      For information about how to obtain temporary access credentials from STS, see Use temporary access credentials obtained from STS to access Tablestore.

      A tunnel client provides the NewTunnelClientWithToken operation that you can call to initialize a tunnel client based on temporary access credentials.