Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS API Gateway: limit requests from a single IP

Does AWS API Gateway allows limiting a number of requests from a single IP?

I'm building a public API and would like to prevent it from being abused by establishing a limit on a number of times the API can be called from a single IP address (like 100 requests per minute).

Thanks,

like image 225
spoonboy Avatar asked Jul 18 '16 19:07

spoonboy


People also ask

How many requests can AWS API gateway handle?

Amazon API Gateway has raised the default limit on requests made to your API to 10,000 requests per second (RPS) from 1,000 RPS. The burst limit has been raised to 5,000 requests across all APIs in your account from the original limit of 2,000 requests.


1 Answers

AWS API Gateway does not offer the functionality that you are looking for but there is a workaround.

What you can do is Integrate AWS API gateway with AWS Cloud Front and use AWS Web Application Firewall Rules to limit the API call from a Specific IP address.

Check this Guide for implementing the WAF. http://docs.aws.amazon.com/waf/latest/developerguide/tutorials-rate-based-blocking.html

like image 68
error2007s Avatar answered Oct 16 '22 22:10

error2007s