By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to avoid from being getting costed for API gateway in case of DDOS attack

0

I wanted to have a hard configuration on the number of requests that the API gateway should serve and once we reach that, we should not even get costed for API gateway, how can this be implemented?

Topics
ServerlessFront-End Web & MobileNetworking & Content DeliveryCloud Financial ManagementSecurity, Identity, & Compliance
Tags
Amazon API GatewayAWS BillingDDOS Protection
Language
English
Vikhyat
asked 8 months ago212 views
1 Answer
0

If you want to set a hard limit for requests then set a quota limit https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html#api-gateway-api-usage-plans-overview

A quota limit sets the target maximum number of requests with a given API key that can be submitted within a specified time interval.

Also take a look at usage plans https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-create-usage-plans-with-console.html#api-gateway-usage-plan-create

Note that API Gateway includes DDOS protection https://aws.amazon.com/api-gateway/faqs/#Security_and_Authorization

API Gateway automatically protects your backend systems from distributed denial-of-service (DDoS) attacks, whether attacked with counterfeit requests (Layer 7) or SYN floods (Layer 3)

profile picture
EXPERT
Steve_M
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content