Models¶
Data models for rate limit configuration and status.
Limit¶
dataclass
¶
Token bucket rate limit configuration.
Refill rate is stored as a fraction (refill_amount / refill_period_seconds) to avoid floating point precision issues.
Attributes:
| Name | Type | Description |
|---|---|---|
name |
str
|
Unique identifier for this limit type (e.g., "rpm", "tpm") |
capacity |
int
|
Max tokens that refill over the period (sustained rate) |
burst |
int
|
Max tokens in bucket (>= capacity, allows bursting) |
refill_amount |
int
|
Numerator of refill rate |
refill_period_seconds |
int
|
Denominator of refill rate |
classmethod
¶
Create a limit that refills capacity tokens per second.
classmethod
¶
Create a limit that refills capacity tokens per minute.
classmethod
¶
Create a limit that refills capacity tokens per hour.
classmethod
¶
Create a limit that refills capacity tokens per day.
classmethod
¶
Create a custom limit with explicit refill rate.
Sustain 100/sec with burst of 1000
Limit.custom("requests", capacity=100, refill_amount=100, refill_period_seconds=1, burst=1000)
Entity¶
dataclass
¶
An entity that can have rate limits applied.
Entities can be parents (projects) or children (API keys). Children have a parent_id reference.
Note: This model does not validate in post_init to support DynamoDB deserialization and avoid performance overhead. Validation is performed in Repository.create_entity() at the API boundary.
LimitStatus¶
dataclass
¶
LimitStatus(entity_id, resource, limit_name, limit, available, requested, exceeded, retry_after_seconds)
Status of a specific limit check.
Returned in RateLimitExceeded to provide full visibility into all limits that were checked.
Note: This is an internal model created by the limiter from validated inputs. No validation is performed here to avoid performance overhead.
BucketState¶
dataclass
¶
BucketState(entity_id, resource, limit_name, tokens_milli, last_refill_ms, capacity_milli, burst_milli, refill_amount_milli, refill_period_ms)
Internal state of a token bucket.
All token values are stored in millitokens (x1000) for precision.
Note: This is an internal model. Validation is performed in from_limit() for user-provided inputs, not in post_init to support DynamoDB deserialization and avoid performance overhead on frequent operations.
classmethod
¶
Create a new bucket at full capacity from a Limit.
Note: This is an internal factory method. Validation of entity_id and resource is performed at the API boundary (RateLimiter public methods) before calling this method.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
entity_id
|
str
|
Entity identifier (pre-validated by caller) |
required |
resource
|
str
|
Resource name (pre-validated by caller) |
required |
limit
|
Limit
|
Limit configuration (validated via post_init) |
required |
now_ms
|
int
|
Current time in milliseconds |
required |
AuditEvent¶
dataclass
¶
Security audit event for tracking modifications.
Audit events are logged for security-sensitive operations: - Entity creation and deletion - Limit configuration changes
Attributes:
| Name | Type | Description |
|---|---|---|
event_id |
str
|
Unique identifier for the event (timestamp-based) |
timestamp |
str
|
ISO timestamp when the event occurred |
action |
str
|
Type of action (see AuditAction constants) |
entity_id |
str
|
ID of the entity affected |
principal |
str | None
|
Caller identity who performed the action (optional) |
resource |
str | None
|
Resource name for limit-related actions (optional) |
details |
dict[str, Any]
|
Additional action-specific details |
AuditAction¶
Audit action type constants.