diff --git a/platform-api/src/api/generated.go b/platform-api/src/api/generated.go index f1a23aef4..d7d78718c 100644 --- a/platform-api/src/api/generated.go +++ b/platform-api/src/api/generated.go @@ -254,16 +254,28 @@ const ( Week RateLimitResetWindowUnit = "week" ) +// Defines values for RateLimitingResourceLimitMethods. +const ( + RateLimitingResourceLimitMethodsAsterisk RateLimitingResourceLimitMethods = "*" + RateLimitingResourceLimitMethodsDELETE RateLimitingResourceLimitMethods = "DELETE" + RateLimitingResourceLimitMethodsGET RateLimitingResourceLimitMethods = "GET" + RateLimitingResourceLimitMethodsHEAD RateLimitingResourceLimitMethods = "HEAD" + RateLimitingResourceLimitMethodsOPTIONS RateLimitingResourceLimitMethods = "OPTIONS" + RateLimitingResourceLimitMethodsPATCH RateLimitingResourceLimitMethods = "PATCH" + RateLimitingResourceLimitMethodsPOST RateLimitingResourceLimitMethods = "POST" + RateLimitingResourceLimitMethodsPUT RateLimitingResourceLimitMethods = "PUT" +) + // Defines values for RouteExceptionMethods. const ( - Asterisk RouteExceptionMethods = "*" - DELETE RouteExceptionMethods = "DELETE" - GET RouteExceptionMethods = "GET" - HEAD RouteExceptionMethods = "HEAD" - OPTIONS RouteExceptionMethods = "OPTIONS" - PATCH RouteExceptionMethods = "PATCH" - POST RouteExceptionMethods = "POST" - PUT RouteExceptionMethods = "PUT" + RouteExceptionMethodsAsterisk RouteExceptionMethods = "*" + RouteExceptionMethodsDELETE RouteExceptionMethods = "DELETE" + RouteExceptionMethodsGET RouteExceptionMethods = "GET" + RouteExceptionMethodsHEAD RouteExceptionMethods = "HEAD" + RouteExceptionMethodsOPTIONS RouteExceptionMethods = "OPTIONS" + RouteExceptionMethodsPATCH RouteExceptionMethods = "PATCH" + RouteExceptionMethodsPOST RouteExceptionMethods = "POST" + RouteExceptionMethodsPUT RouteExceptionMethods = "PUT" ) // Defines values for TimeUnit. @@ -1923,12 +1935,16 @@ type RateLimitingLimitConfig struct { // RateLimitingResourceLimit defines model for RateLimitingResourceLimit. type RateLimitingResourceLimit struct { // Limit Limit definition with independent request/token/cost dimensions. If all dimensions are disabled (or absent), rate limiting is off for that scope. - Limit RateLimitingLimitConfig `json:"limit" yaml:"limit"` + Limit RateLimitingLimitConfig `json:"limit" yaml:"limit"` + Methods []RateLimitingResourceLimitMethods `binding:"required" json:"methods" yaml:"methods"` // Resource Explicit resource path to apply the limit to. Resource string `binding:"required" json:"resource" yaml:"resource"` } +// RateLimitingResourceLimitMethods defines model for RateLimitingResourceLimit.Methods. +type RateLimitingResourceLimitMethods string + // RateLimitingScopeConfig Rate limiting configuration for a scope (provider or consumer). Either global or resource-wise limits can be defined. type RateLimitingScopeConfig struct { // Global Limit definition with independent request/token/cost dimensions. If all dimensions are disabled (or absent), rate limiting is off for that scope. diff --git a/platform-api/src/internal/model/llm.go b/platform-api/src/internal/model/llm.go index 8c24117e4..622394cd2 100644 --- a/platform-api/src/internal/model/llm.go +++ b/platform-api/src/internal/model/llm.go @@ -88,6 +88,7 @@ type CostRateLimit struct { } type RateLimitingResourceLimit struct { + Methods []string `json:"methods" db:"-"` Resource string `json:"resource" db:"-"` Limit RateLimitingLimitConfig `json:"limit" db:"-"` } diff --git a/platform-api/src/internal/service/llm.go b/platform-api/src/internal/service/llm.go index 11e01b637..d5063c8cc 100644 --- a/platform-api/src/internal/service/llm.go +++ b/platform-api/src/internal/service/llm.go @@ -1202,7 +1202,12 @@ func mapResourceWiseRateLimitingAPIToModel(in *api.ResourceWiseRateLimitingConfi } resources := make([]model.RateLimitingResourceLimit, 0, len(in.Resources)) for _, r := range in.Resources { + methods := make([]string, 0, len(r.Methods)) + for _, m := range r.Methods { + methods = append(methods, string(m)) + } resources = append(resources, model.RateLimitingResourceLimit{ + Methods: methods, Resource: r.Resource, Limit: *mapRateLimitingLimitAPIToModel(&r.Limit), }) @@ -1516,7 +1521,15 @@ func mapResourceWiseRateLimitingModelToAPI(in *model.ResourceWiseRateLimitingCon } resources := make([]api.RateLimitingResourceLimit, 0, len(in.Resources)) for _, r := range in.Resources { - resources = append(resources, api.RateLimitingResourceLimit{Resource: r.Resource, Limit: mapRateLimitingLimitModelToAPIValue(&r.Limit)}) + methods := make([]api.RateLimitingResourceLimitMethods, 0, len(r.Methods)) + if len(r.Methods) == 0 { + methods = append(methods, api.RateLimitingResourceLimitMethodsAsterisk) + } else { + for _, m := range r.Methods { + methods = append(methods, api.RateLimitingResourceLimitMethods(m)) + } + } + resources = append(resources, api.RateLimitingResourceLimit{Resource: r.Resource, Methods: methods, Limit: mapRateLimitingLimitModelToAPIValue(&r.Limit)}) } return &api.ResourceWiseRateLimitingConfig{ Default: mapRateLimitingLimitModelToAPIValue(&in.Default), diff --git a/platform-api/src/internal/service/llm_deployment.go b/platform-api/src/internal/service/llm_deployment.go index e5e43f1d2..c9a0f1954 100644 --- a/platform-api/src/internal/service/llm_deployment.go +++ b/platform-api/src/internal/service/llm_deployment.go @@ -709,10 +709,17 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand if err != nil { return "", fmt.Errorf("invalid token reset window for resource %s: %w", r.Resource, err) } - // TODO: the methods should be coming as input + policyMethods := make([]api.LLMPolicyPathMethods, 0, len(r.Methods)) + if len(r.Methods) == 0 { + policyMethods = append(policyMethods, "*") + } else { + for _, m := range r.Methods { + policyMethods = append(policyMethods, api.LLMPolicyPathMethods(m)) + } + } addOrAppendPolicyPath(&policies, tokenBasedRateLimitPolicyName, rateLimitPolicyVersion, api.LLMPolicyPath{ Path: r.Resource, - Methods: []api.LLMPolicyPathMethods{"*"}, + Methods: policyMethods, Params: map[string]interface{}{ "totalTokenLimits": []map[string]interface{}{ { @@ -729,10 +736,17 @@ func generateLLMProviderDeploymentYAML(provider *model.LLMProvider, templateHand if err != nil { return "", fmt.Errorf("invalid request reset window for resource %s: %w", r.Resource, err) } - // TODO: the methods should be coming as input + policyMethods := make([]api.LLMPolicyPathMethods, 0, len(r.Methods)) + if len(r.Methods) == 0 { + policyMethods = append(policyMethods, "*") + } else { + for _, m := range r.Methods { + policyMethods = append(policyMethods, api.LLMPolicyPathMethods(m)) + } + } addOrAppendPolicyPath(&policies, advancedRateLimitPolicyName, rateLimitPolicyVersion, api.LLMPolicyPath{ Path: r.Resource, - Methods: []api.LLMPolicyPathMethods{"*"}, + Methods: policyMethods, Params: map[string]interface{}{ "quotas": []map[string]interface{}{ { diff --git a/platform-api/src/resources/openapi.yaml b/platform-api/src/resources/openapi.yaml index 2461abec6..f4ff14835 100644 --- a/platform-api/src/resources/openapi.yaml +++ b/platform-api/src/resources/openapi.yaml @@ -5293,9 +5293,15 @@ components: RateLimitingResourceLimit: type: object required: + - methods - resource - limit properties: + methods: + type: array + items: + type: string + enum: [ GET, POST, PUT, DELETE, PATCH, OPTIONS, HEAD, "*" ] resource: type: string description: Explicit resource path to apply the limit to.