How to rate limit per user in API Gateway?

2
votes

I'm running a business API on AWS, through API Gateway and Lambda. Currently, I handle rate limiting with the built in usage plans and api keys. Each account tier (think basic, medium, premium) is associated to a usage plan, to which each customer's api key is linked.

I just found out that there is a hard (but increasable) limit of 500 api keys that a single AWS account can have per region (https://docs.aws.amazon.com/fr_fr/apigateway/latest/developerguide/limits.html).

Is it sustainable to rely on api keys to rate limit each customer ? We will get to the 500 limit eventually. Are there other solutions we could use ?

Thanks a lot

1
amazon-web-servicesaws-lambdaaws-api-gatewayrate-limitingapi-gateway

1 Answers

4
votes

If you read the table carefully you will notice that the last column has a header "Can Be Increased" and value "Yes" for "Maximum number of API keys per account per region".

Just contact support once you will be getting close to your limit and ask for an increase. It may take up to 2-3 work days, but otherwise it should be only a matter of asking.