API Throttling

Explore how to use API throttling in AWS API Gateway to prevent system overload and protect against DDoS attacks. Understand the token bucket algorithm, request rate, and burst limits to efficiently manage API traffic and ensure system stability.

We'll cover the following...

Why throttle?
Request rate and burst
Token bucket algorithm
Levels of throttling
Example
AWS Console

Why throttle?

Anything in excess is wrong. More so when using AWS resources. We all want more users to utilize our application, but when the traffic bursts beyond limits, it could overburden the system. The traffic surge could also be caused by a hacker, not actual good traffic.

The world is full of hackers. Unfortunately, as our products gain popularity, the more likely they are to be targeted. When hackers try to attack the application by simultaneously making too many API calls, it shows up as a DDoS attack on the API Gateway. AWS has several services dedicated to security against such attacks. The AWS Shield is the most popular for guarding against DDoS attacks.

The simplest way to hold back such attacks is through throttling. We can ...

1.Introduction to API Gateway

2.API Gateway: High Level View

Cloud Lab

3.API Gateway: Basic Configurations

4.Data Mapping Deep Dive

Cloud Lab

5.Websocket Deep Dive

6.AWS Service Integration Deep Dive

Cloud Lab

7.Appendix

Assessment

Mini Project

Cloud Lab

API Throttling

Why throttle?