Menu
The AWS API Gateway by default limits the maximum number of API keys per account per region to 500, however documentation notes this can be increased by request.
Is there a hard cap on the max upper limit? Are there soft limits for which requests are unlikely to be approved? Can I get to 10K keys on the max upper end?
I'm following the AWS developer portal setup walk-through using API keys for authorization and want to ensure the project reasonably scales beyond 500.
AWS API Gateway Limits
471
The value is an alphanumeric string between 30 and 128 characters, for example, apikey1234abcdefghij0123456789 . API key values must be unique. If you try to create two API keys with different names and the same value, API Gateway considers them to be the same API key.
Choosing A New Tech Stack Infinite scale and high throughput - the account limit on API Gateway is 10,000 requests per second or about 864M calls daily.
A Key value must be between 30 and 128 characters.
You can easily ask for an increase. But APIG has hard limit for the number of API keys. This limit is currently 10k per region and you cannot go beyond that.
If you need to go beyond that number, I would question if you really tend to create such a service, having 10k different users, with a potential blast radius. You might consider to split up your service into multiple APIGs to minimize the risk.
The other alternative would be create own API key mechanism. You can use Lambda authorizer [1] and store API keys let's say in the DDB.
[1] https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
