Morioh
Login
Gordon Matlala

Gordon Matlala

2 years ago

Setting the burst and rate throttling limits on an AWS API Gateway REST API’s Stage without any 3rd-party plugins using Serverless

In this article, we’ll look at how one can set the default method burst and rate throttling limits on an AWS API Gateway REST API’s Stage without using any 3rd-party plugins or dependencies. We’ll assume at least some familiarity with Serverless and AWS CloudFormation.

The  Serverless Framework allows us to configure many settings through the provider section of a serverless.yml file. For example, you can configure the usage plan for your API which allows you to set request throttling limits on each API client (API key) you create. However, not all API Gateway settings are exposed by Serverless. Currently, two of these are the API Stage default method burst and rate throttling limits.

AWS API Gateway has two types of throttling-related settings ( docs):

  1. Per-client throttling limits which are configured and applied through usage plans which provide API clients with API keys
  2. Global throttling limits which can be applied on a stage and affect all clients — often useful to prevent your API and account from being overwhelmed by too many requests

There are a few Serverless plugins which let you set the stage default throttling limits, but they don’t appear to be actively maintained. Moreover, when it comes to infrastructure deployment, I’m generally mistrusting of 3rd-party libraries including Serverless plugins which muck about with the resources that get provisioned during deployment. For example, through a plugin update, a malicious developer could sneak in code which provisions AWS resources on subsequent deployments after the update is installed — all without us even being aware of it. No good. So, I tend to avoid Serverless plugins.

Luckily, Serverless lets us add our own custom CloudFormation configuration in the resources  section of any project’s Serverless configuration file. This lets us control settings which go beyond what Serverless supports out of the box.

In the rest of this article, we’ll look at how we can set the Stage default burst and rate throttling limits via the serverless.yml’s resources section without requiring any 3rd-party dependencies.

#serverless #aws #api-gateway #devops

How To Set Your REST API’s Default Rate & Burst Throttling Limits

medium.com

How To Set Your REST API’s Default Rate & Burst Throttling Limits

We’ll look at how one can set the default method burst and rate throttling limits on an AWS API Gateway REST API’s Stage without using any 3rd-party plugins or dependencies. How To Set Your REST API’s Default Rate & Burst Throttling Limits. Setting the burst and rate throttling limits on an AWS API Gateway REST API’s Stage without any 3rd-party plugins using Serverless

2.20 GEEK