Call the Direct Mail API with an STS temporary access token from a RAM role-Direct Mail(Direct Mail)-阿里云帮助中心

Call the AssumeRole API to get a token

Note

You cannot use an Alibaba Cloud account to call this API. Use a Resource Access Management (RAM) user or a RAM role instead.

Example error message: You are not authorized to do this action. You should be authorized by RAM.

1. Add the AliyunSTSAssumeRoleAccess system policy to the RAM user.

2. Switch to the RAM user and log on.

Note

To create a logon password for a RAM user:

Go to Users > Authentication Management > Modify Logon Settings and set a custom password.

3. Call the AssumeRole API of Security Token Service (STS): https://api.aliyun.com/api/Sts/2015-04-01/AssumeRole?spm=a2c4g.11186623.0.0.17d9595cpEplh1&params={}&tab=DEMO&lang=PYTHON

Request parameters:

RoleArn: The Alibaba Cloud Resource Name (ARN) of the RAM role to assume. Format: acs:ram::<account_id>:role/<role_name>

RoleSessionName: The name of the role session.

Obtain the following three key values from the return value:

AccessKeyId

AccessKeySecret

SecurityToken

{'headers': {'date': 'Wed, 03 Jul 2024 09:40:20 GMT', 'content-type': 'application/json;charset=utf-8', 'content-length': '951', 'connection': 'keep-alive', 'keep-alive': 'timeout=25', 'access-control-allow-origin': '*', 'access-control-expose-headers': '*', 'x-acs-request-id': '11A37B5C-2CB0-5254-B971-74EA2DCBA224', 'x-acs-trace-id': '362308e551b03aa0219841caaf682969', 'etag': '9DgckwPseC/HB0XT4JpEljQ1'}, 'statusCode': 200, 'body': {'AssumedRoleUser': {'Arn': 'acs:ram::xxxxxxxuidxxxxxxx:role/dmrole/dmrole', 'AssumedRoleId': '327483xxxxxxxx5424:dmrole'}, 'Credentials': {'AccessKeyId': 'STS.NT4dM5xYVquAzxxxxxxxE', 'AccessKeySecret': 'Gud6u3TrbXRXKDBmKb6BgCk8zXckxxxxxxxxxxx', 'Expiration': '2024-07-03T10:40:20Z', 'SecurityToken': 'xxxxxxxxxxxxxx'}, 'RequestId': '11A37B5C-2CB0-5254-B971-74EA2DCBA224'}}

Call the Direct Mail API using the three key values

from alibabacloud_dm20151123.client import Client as Dm20151123Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_dm20151123 import models as dm_20151123_models
from alibabacloud_tea_util import models as util_models


def create_client(access_key_id, access_key_secret, security_token):
    config = open_api_models.Config(
        # Required. Your AccessKey ID.
        access_key_id=access_key_id,
        # Required. Your AccessKey secret.
        access_key_secret=access_key_secret,
        # Required. Your security token.
        security_token=security_token
    )
    # The endpoint to access.
    config.endpoint = f'dm.aliyuncs.com'
    return Dm20151123Client(config)


accesskeyid = 'xxxxxxxxxxx'
accesskeysecret = 'xxxxxxxxxxx'
security_token = 'xxxxxxxxxxx'

client = create_client(accesskeyid, accesskeysecret, security_token)
single_send_mail_request = dm_20151123_models.SingleSendMailRequest(
    account_name='test1@example.net',
    address_type=1,
    reply_to_address="True",
    to_address='test2@example.net',
    subject='test',
    html_body='testbody'
)
runtime = util_models.RuntimeOptions()

v_response = client.single_send_mail_with_options(single_send_mail_request, runtime)
print(v_response)