chainsaws 0.0.1__tar.gz

chainsaws-0.0.1/.gitignore

@@ -0,0 +1,164 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+#   in version control.
+#   https://pdm.fming.dev/latest/usage/project/#working-with-version-control
+.pdm.toml
+.pdm-python
+.pdm-build/
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#  and can be added to the global gitignore or merged into this file.  For a more nuclear
+#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
+#.idea/
+
+chainsaws_playground/

chainsaws-0.0.1/.python-version

@@ -0,0 +1 @@
+3.13

chainsaws-0.0.1/LICENSE.txt

@@ -0,0 +1,21 @@
+IT License
+
+Copyright (c) 2024 Joonho Lee
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

chainsaws-0.0.1/PKG-INFO

@@ -0,0 +1,24 @@
+Metadata-Version: 2.3
+Name: chainsaws
+Version: 0.0.1
+Summary: Chain you backend with Simple AWS wrapper
+Project-URL: Homepage, https://github.com/whatisyourname0/chainsaws
+Project-URL: Repository, https://github.com/whatisyourname0/chainsaws.git
+Author-email: whatisyourname0 <mynameisjune111@gmail.com>
+License: MIT
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Requires-Python: >=3.11
+Requires-Dist: boto3>=1.35.63
+Requires-Dist: botocore>=1.35.63
+Requires-Dist: croniter>=5.0.1
+Requires-Dist: cryptography>=43.0.3
+Requires-Dist: pydantic>=2.9.2
+Description-Content-Type: text/markdown
+
+# Chainsaws
+
+Chain you backend with simple aws service

chainsaws-0.0.1/README.md

@@ -0,0 +1,3 @@
+# Chainsaws
+
+Chain you backend with simple aws service

chainsaws-0.0.1/TODO.md

@@ -0,0 +1 @@
+- [ ] Lambda Event Typing하기

chainsaws-0.0.1/chainsaws/aws/cloudfront/README.md

@@ -0,0 +1,134 @@
+# AWS CloudFront Wrapper
+
+A high-level Python wrapper for AWS CloudFront that simplifies CDN management operations. This wrapper provides an intuitive interface for common CloudFront operations while handling AWS best practices and security configurations automatically.
+
+## Features
+
+### Distribution Management
+
+- Create S3-backed distributions with Origin Access Control (OAC)
+- Create custom origin distributions
+- Manage multiple origins and behaviors
+- Update existing distributions
+- Delete distributions
+
+### Security
+
+- Automatic Origin Access Control (OAC) setup for S3 buckets
+- Automatic S3 bucket policy configuration
+- WAF integration support
+- SSL/TLS certificate management
+
+### Cache Management
+
+- Create cache invalidations
+- Invalidate specific paths
+- Bulk invalidate all files
+- Configure cache behaviors
+
+### Domain Management
+
+- Add custom domains
+- Configure alternate domain names (CNAMEs)
+- SSL/TLS certificate association
+
+## Installation
+
+```bash
+pip install chainsaws
+```
+
+## Usage Examples
+
+### Create S3-backed Distribution
+
+```python
+from chainsaws.aws.cloudfront import CloudFrontAPI
+
+cloudfront = CloudFrontAPI()
+
+# Create distribution for S3 bucket
+distribution = cloudfront.create_s3_distribution(
+    bucket_name="my-bucket",
+    aliases=["cdn.example.com"],
+    certificate_arn="arn:aws:acm:ap-northeast-2:123456789012:certificate/xxx",
+    default_root_object="index.html"
+)
+```
+
+### Create Custom Origin Distribution
+
+```python
+from chainsaws.aws.cloudfront import CloudFrontAPI, BehaviorConfig
+
+cloudfront = CloudFrontAPI()
+
+# Define custom cache behavior
+api_behavior = BehaviorConfig(
+    path_pattern="/api/*",
+    target_origin_id="my-api",
+    viewer_protocol_policy="https-only",
+    allowed_methods=["GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "PATCH"],
+    cached_methods=["GET", "HEAD", "OPTIONS"]
+)
+
+# Create distribution with custom origin
+distribution = cloudfront.create_custom_distribution(
+    origin_domain="api.example.com",
+    origin_id="my-api",
+    behaviors=[api_behavior],
+    aliases=["cdn.example.com"],
+    certificate_arn="arn:aws:acm:ap-northeast-2:123456789012:certificate/xxx"
+)
+```
+
+### Cache Management
+
+```python
+# Invalidate specific paths
+invalidation_id = cloudfront.invalidate_cache(
+    distribution_id="EDFDVBD6EXAMPLE",
+    paths=["/images/*", "/css/main.css"]
+)
+
+# Invalidate all files
+invalidation_id = cloudfront.invalidate_all_files(
+    distribution_id="EDFDVBD6EXAMPLE"
+)
+```
+
+### Add Custom Domain
+
+```python
+distribution = cloudfront.add_custom_domain(
+    distribution_id="EDFDVBD6EXAMPLE",
+    domain_name="cdn.example.com",
+    certificate_arn="arn:aws:acm:ap-northeast-2:123456789012:certificate/xxx"
+)
+```
+
+### Enable WAF Protection
+
+```python
+distribution = cloudfront.enable_waf(
+    distribution_id="EDFDVBD6EXAMPLE",
+    web_acl_id="arn:aws:wafv2:ap-northeast-2:123456789012:global/webacl/xxx"
+)
+```
+
+## Configuration
+
+```python
+from chainsaws.aws.cloudfront import CloudFrontAPI, CloudFrontAPIConfig
+from chainsaws.aws.shared.config import AWSCredentials
+
+config = CloudFrontAPIConfig(
+    credentials=AWSCredentials(
+        aws_access_key_id="YOUR_ACCESS_KEY",
+        aws_secret_access_key="YOUR_SECRET_KEY",
+        aws_region="ap-northeast-2"
+    )
+)
+
+cloudfront = CloudFrontAPI(config)
+```

chainsaws-0.0.1/chainsaws/aws/cloudfront/__init__.py

@@ -0,0 +1,17 @@
+from chainsaws.aws.cloudfront.cloudfront import CloudFrontAPI
+from chainsaws.aws.cloudfront.cloudfront_models import (
+    BehaviorConfig,
+    CloudFrontAPIConfig,
+    DistributionConfig,
+    DistributionSummary,
+    OriginConfig,
+)
+
+__all__ = [
+    "BehaviorConfig",
+    "CloudFrontAPI",
+    "CloudFrontAPIConfig",
+    "DistributionConfig",
+    "DistributionSummary",
+    "OriginConfig",
+]

chainsaws-0.0.1/chainsaws/aws/cloudfront/_cloudfront_internal.py

@@ -0,0 +1,281 @@
+import logging
+import uuid
+from typing import Any
+
+import boto3
+
+from chainsaws.aws.cloudfront.cloudfront_models import (
+    BehaviorConfig,
+    CloudFrontAPIConfig,
+    DistributionConfig,
+    DistributionSummary,
+)
+
+logger = logging.getLogger(__name__)
+
+
+class CloudFront:
+    def __init__(
+        self,
+        boto3_session: boto3.Session,
+        config: CloudFrontAPIConfig | None = None,
+    ) -> None:
+        self.config = config or CloudFrontAPIConfig()
+        self.client = boto3_session.client("cloudfront")
+
+    def _build_distribution_config(self, config: DistributionConfig) -> dict[str, Any]:
+        """Build CloudFront distribution configuration."""
+        origins = []
+        for origin in config.origins:
+            origin_config = {
+                "Id": origin.origin_id,
+                "DomainName": origin.domain_name,
+                "OriginPath": origin.origin_path,
+                "CustomHeaders": {
+                    "Quantity": len(origin.custom_headers),
+                    "Items": [
+                        {"HeaderName": k, "HeaderValue": v}
+                        for k, v in origin.custom_headers.items()
+                    ],
+                },
+            }
+
+            if origin.s3_origin_access_identity:
+                origin_config["S3OriginConfig"] = {
+                    "OriginAccessIdentity": f"origin-access-identity/cloudfront/{origin.s3_origin_access_identity}",
+                }
+            else:
+                origin_config["CustomOriginConfig"] = {
+                    "HTTPPort": 80,
+                    "HTTPSPort": 443,
+                    "OriginProtocolPolicy": "https-only",
+                    "OriginSslProtocols": {"Quantity": 1, "Items": ["TLSv1.2"]},
+                }
+
+            origins.append(origin_config)
+
+        distribution_config = {
+            "Comment": config.comment,
+            "Enabled": config.enabled,
+            "Aliases": {
+                "Quantity": len(config.aliases),
+                "Items": config.aliases,
+            },
+            "DefaultRootObject": config.default_root_object,
+            "Origins": {
+                "Quantity": len(origins),
+                "Items": origins,
+            },
+            "DefaultCacheBehavior": self._build_cache_behavior(config.default_behavior),
+            "CacheBehaviors": {
+                "Quantity": len(config.custom_behaviors),
+                "Items": [
+                    self._build_cache_behavior(behavior)
+                    for behavior in config.custom_behaviors
+                ],
+            },
+            "PriceClass": config.price_class,
+            "ViewerCertificate": {
+                "CloudFrontDefaultCertificate": True,
+            },
+        }
+
+        if config.certificate_arn:
+            distribution_config["ViewerCertificate"] = {
+                "ACMCertificateArn": config.certificate_arn,
+                "SSLSupportMethod": "sni-only",
+                "MinimumProtocolVersion": "TLSv1.2_2021",
+            }
+
+        if config.web_acl_id:
+            distribution_config["WebACLId"] = config.web_acl_id
+
+        return distribution_config
+
+    def _build_cache_behavior(self, behavior: BehaviorConfig) -> dict[str, Any]:
+        """Build cache behavior configuration."""
+        return {
+            "PathPattern": behavior.path_pattern,
+            "TargetOriginId": behavior.target_origin_id,
+            "ViewerProtocolPolicy": behavior.viewer_protocol_policy,
+            "AllowedMethods": {
+                "Quantity": len(behavior.allowed_methods),
+                "Items": behavior.allowed_methods,
+                "CachedMethods": {
+                    "Quantity": len(behavior.cached_methods),
+                    "Items": behavior.cached_methods,
+                },
+            },
+            "CachePolicyId": behavior.cache_policy_id,
+            "OriginRequestPolicyId": behavior.origin_request_policy_id,
+            "ResponseHeadersPolicyId": behavior.response_headers_policy_id,
+            "FunctionAssociations": {
+                "Quantity": len(behavior.function_associations),
+                "Items": behavior.function_associations,
+            },
+        }
+
+    def create_distribution(self, config: DistributionConfig) -> DistributionSummary:
+        """Create new CloudFront distribution."""
+        try:
+            response = self.client.create_distribution(
+                DistributionConfig=self._build_distribution_config(config),
+            )
+            distribution = response["Distribution"]
+
+            return DistributionSummary(
+                id=distribution["Id"],
+                domain_name=distribution["DomainName"],
+                enabled=distribution["Status"] == "Deployed",
+                status=distribution["Status"],
+                aliases=distribution["DistributionConfig"]["Aliases"].get(
+                    "Items", []),
+            )
+        except Exception as ex:
+            logger.exception(f"Failed to create distribution: {ex!s}")
+            raise
+
+    def get_distribution(self, distribution_id: str) -> DistributionSummary:
+        """Get CloudFront distribution details."""
+        try:
+            response = self.client.get_distribution(Id=distribution_id)
+            distribution = response["Distribution"]
+
+            return DistributionSummary(
+                id=distribution["Id"],
+                domain_name=distribution["DomainName"],
+                enabled=distribution["Status"] == "Deployed",
+                status=distribution["Status"],
+                aliases=distribution["DistributionConfig"]["Aliases"].get(
+                    "Items", []),
+            )
+        except Exception as ex:
+            logger.exception(f"Failed to get distribution: {ex!s}")
+            raise
+
+    def update_distribution(
+        self,
+        distribution_id: str,
+        config: DistributionConfig,
+    ) -> DistributionSummary:
+        """Update existing CloudFront distribution."""
+        try:
+            current = self.client.get_distribution(Id=distribution_id)
+            etag = current["ETag"]
+
+            response = self.client.update_distribution(
+                Id=distribution_id,
+                DistributionConfig=self._build_distribution_config(config),
+                IfMatch=etag,
+            )
+            distribution = response["Distribution"]
+
+            return DistributionSummary(
+                id=distribution["Id"],
+                domain_name=distribution["DomainName"],
+                enabled=distribution["Status"] == "Deployed",
+                status=distribution["Status"],
+                aliases=distribution["DistributionConfig"]["Aliases"].get(
+                    "Items", []),
+            )
+        except Exception as ex:
+            logger.exception(f"Failed to update distribution: {ex!s}")
+            raise
+
+    def delete_distribution(self, distribution_id: str) -> None:
+        """Delete CloudFront distribution."""
+        try:
+            current = self.client.get_distribution(Id=distribution_id)
+            etag = current["ETag"]
+
+            if current["Distribution"]["Status"] != "Deployed":
+                msg = "Distribution must be deployed before deletion"
+                raise ValueError(
+                    msg)
+
+            if current["Distribution"]["DistributionConfig"]["Enabled"]:
+                # Disable distribution first
+                config = current["Distribution"]["DistributionConfig"]
+                config["Enabled"] = False
+                self.client.update_distribution(
+                    Id=distribution_id,
+                    DistributionConfig=config,
+                    IfMatch=etag,
+                )
+
+            self.client.delete_distribution(
+                Id=distribution_id,
+                IfMatch=etag,
+            )
+        except Exception as ex:
+            logger.exception(f"Failed to delete distribution: {ex!s}")
+            raise
+
+    def invalidate_cache(
+        self,
+        distribution_id: str,
+        paths: list[str],
+    ) -> str:
+        """Create cache invalidation."""
+        try:
+            response = self.client.create_invalidation(
+                DistributionId=distribution_id,
+                InvalidationBatch={
+                    "Paths": {
+                        "Quantity": len(paths),
+                        "Items": paths,
+                    },
+                    "CallerReference": str(uuid.uuid4()),
+                },
+            )
+            return response["Invalidation"]["Id"]
+        except Exception as ex:
+            logger.exception(f"Failed to create invalidation: {ex!s}")
+            raise
+
+    def create_origin_access_control(
+        self,
+        bucket_name: str,
+    ) -> str:
+        """Create Origin Access Control for S3 bucket.
+
+        Args:
+            bucket_name: S3 bucket name
+
+        Returns:
+            str: Origin Access Control ID
+
+        Raises:
+            Exception: If creation fails
+
+        """
+        try:
+            response = self.client.create_origin_access_control(
+                OriginAccessControlConfig={
+                    "Name": f"OAC-{bucket_name}",
+                    "Description": f"OAC for {bucket_name}",
+                    "SigningProtocol": "sigv4",
+                    "SigningBehavior": "always",
+                    "OriginAccessControlOriginType": "s3",
+                },
+            )
+            return response["OriginAccessControl"]["Id"]
+        except Exception:
+            logger.exception("Failed to create Origin Access Control")
+            raise
+
+    def delete_origin_access_control(self, oac_id: str) -> None:
+        """Delete Origin Access Control.
+
+        Args:
+            oac_id: Origin Access Control ID
+
+        Raises:
+            Exception: If deletion fails
+
+        """
+        try:
+            self.client.delete_origin_access_control(Id=oac_id)
+        except Exception:
+            logger.exception("Failed to delete Origin Access Control")
+            raise