Configurare i certificati SSL per la connessione TCP tramite Python
Mantieni tutto organizzato con le raccolte
Salva e classifica i contenuti in base alle tue preferenze.
Configura i certificati SSL (Secure Sockets Layer) per una connessione TCP a Cloud SQL per PostgreSQL utilizzando il pacchetto sqlalchemy di Python.
Esempio di codice
Salvo quando diversamente specificato, i contenuti di questa pagina sono concessi in base alla licenza Creative Commons Attribution 4.0, mentre gli esempi di codice sono concessi in base alla licenza Apache 2.0. Per ulteriori dettagli, consulta le norme del sito di Google Developers. Java è un marchio registrato di Oracle e/o delle sue consociate.
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema è stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],[],[],[],null,["# Configure SSL certificates for TCP connection by using Python\n\nConfigure SSL (Secure Sockets Layer) certificates for a TCP connection to Cloud SQL for PostgreSQL by using Python's sqlalchemy package.\n\nCode sample\n-----------\n\n### Python\n\n\nTo authenticate to Cloud SQL for PostgreSQL, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import os\n import ssl\n\n import sqlalchemy\n\n\n def connect_tcp_socket() -\u003e sqlalchemy.engine.base.Engine:\n \"\"\"Initializes a TCP connection pool for a Cloud SQL instance of Postgres.\"\"\"\n # Note: Saving credentials in environment variables is convenient, but not\n # secure - consider a more secure solution such as\n # Cloud Secret Manager (https://cloud.google.com/secret-manager) to help\n # keep secrets safe.\n db_host = os.environ[\n \"INSTANCE_HOST\"\n ] # e.g. '127.0.0.1' ('172.17.0.1' if deployed to GAE Flex)\n db_user = os.environ[\"DB_USER\"] # e.g. 'my-db-user'\n db_pass = os.environ[\"DB_PASS\"] # e.g. 'my-db-password'\n db_name = os.environ[\"DB_NAME\"] # e.g. 'my-database'\n db_port = os.environ[\"DB_PORT\"] # e.g. 5432\n\n connect_args = {}\n # For deployments that connect directly to a Cloud SQL instance without\n # using the Cloud SQL Proxy, configuring SSL certificates will ensure the\n # connection is encrypted.\n if os.environ.get(\"DB_ROOT_CERT\"):\n db_root_cert = os.environ[\"DB_ROOT_CERT\"] # e.g. '/path/to/my/server-ca.pem'\n db_cert = os.environ[\"DB_CERT\"] # e.g. '/path/to/my/client-cert.pem'\n db_key = os.environ[\"DB_KEY\"] # e.g. '/path/to/my/client-key.pem'\n\n ssl_context = ssl.SSLContext()\n ssl_context.verify_mode = ssl.CERT_REQUIRED\n ssl_context.load_verify_locations(db_root_cert)\n ssl_context.load_cert_chain(db_cert, db_key)\n connect_args[\"ssl_context\"] = ssl_context\n\n pool = sqlalchemy.create_engine(\n # Equivalent URL:\n # postgresql+pg8000://\u003cdb_user\u003e:\u003cdb_pass\u003e@\u003cdb_host\u003e:\u003cdb_port\u003e/\u003cdb_name\u003e\n sqlalchemy.engine.url.URL.create(\n drivername=\"postgresql+pg8000\",\n username=db_user,\n password=db_pass,\n host=db_host,\n port=db_port,\n database=db_name,\n ),\n connect_args=connect_args,\n # ...\n )\n return pool\n\nWhat's next\n-----------\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=cloud_sql_postgres)."]]
