Skip to main content

awsim_core/
lib.rs

1pub mod auth;
2pub mod authz;
3pub mod error;
4pub mod events;
5pub mod gateway;
6pub mod persistence;
7pub mod protocol;
8pub mod router;
9pub mod state;
10
11pub use authz::{AuthzEngine, NoopPrincipalLookup, PrincipalLookup, ResolvedPrincipal, ResourcePolicyLookup, ScpLookup};
12pub use error::AwsError;
13pub use events::{EventBus, InternalEvent};
14pub use gateway::AppState;
15pub use persistence::PersistenceManager;
16pub use protocol::{Protocol, RouteDefinition};
17pub use router::RequestContext;
18pub use state::AccountRegionStore;
19
20use serde_json::Value;
21
22/// Trait that every AWS service crate must implement.
23///
24/// Each service (S3, SQS, DynamoDB, etc.) implements this trait in its own crate.
25/// The main `awsim` binary registers all service handlers with the gateway router.
26#[async_trait::async_trait]
27pub trait ServiceHandler: Send + Sync {
28    /// The AWS service name (e.g., "s3", "sqs", "dynamodb").
29    fn service_name(&self) -> &str;
30
31    /// The signing name used in SigV4 Authorization headers.
32    /// Usually the same as service_name, but not always.
33    fn signing_name(&self) -> &str {
34        self.service_name()
35    }
36
37    /// The primary protocol this service uses.
38    fn protocol(&self) -> Protocol;
39
40    /// Route definitions for REST-protocol services.
41    /// Not needed for RPC-style protocols (awsJson, awsQuery).
42    fn routes(&self) -> Vec<RouteDefinition> {
43        Vec::new()
44    }
45
46    /// Handle an AWS API operation.
47    async fn handle(
48        &self,
49        operation: &str,
50        input: Value,
51        ctx: &RequestContext,
52    ) -> Result<Value, AwsError>;
53
54    /// Serialize the service's state to bytes for persistence.
55    ///
56    /// Return `None` if this service does not support snapshots.
57    fn snapshot(&self) -> Option<Vec<u8>> {
58        None
59    }
60
61    /// Restore the service's state from a previous snapshot.
62    ///
63    /// The default implementation is a no-op and always succeeds.
64    fn restore(&self, _data: &[u8]) -> Result<(), String> {
65        Ok(())
66    }
67
68    fn iam_action(&self, _operation: &str) -> Option<String> {
69        None
70    }
71
72    fn iam_resource(
73        &self,
74        _operation: &str,
75        _input: &serde_json::Value,
76        _ctx: &router::RequestContext,
77    ) -> Option<String> {
78        None
79    }
80}