Implementation Procedure

Log in to the APIG console and create a request throttling 2.0 policy. For details, see section "Request Throttling 2.0" in the API Gateway User Guide.

In the navigation pane, choose API Management > API Policies. Click Create Policy, and select Request Throttling 2.0.

As required in 1, set Max. API Requests to 10 times per 60s and Max. User Requests to 5 times per 60s.

1. As required in 2, enable parameter-based throttling, and define the header and rule.
   1. Click Add Parameter, select header for Parameter Location, and enter Host for Parameter.
   2. In the Rules area, click Add Rule, and set Max. API Requests to 10 and Period to 60 seconds. Then click , and set the matching condition Host = www.abc.com.
   3. Click OK. The header matching rule Host = www.abc.com is generated, indicating that an API bound with this policy can only be called 10 times per 60s by requests whose Host header is www.abc.com.

2. As required in 3 and 4, define multiple rules with parameter Path.
   1. In the Rules area, click Add Rule, and set Max. API Requests to 10 and Period to 60 seconds. Then click to open the Condition Expressions dialog box.
   2. Add these three condition expressions: reqPath = /fc, reqPath = /list, and method = get.
   3. Click Set Lower Level.
   4. Put the two reqPath expressions in an OR relationship. This means the condition is met when either of the two paths is matched.
   5. Select reqPath = /list and method = get, click Set Lower Level, and select AND.

      

   6. Click OK. It indicates that APIs with path /list and method GET or APIs with path /fc bound with this policy can only be called 10 times per 60s.

As required in 5, enable excluded throttling. Add an excluded tenant with a threshold of 5 requests per 60s.

1. Click the policy name to go to the policy details page.
2. In the APIs area, select environment RELEASE and click Bind to APIs. Select an API and click OK.

Call the API and verify whether the request throttling 2.0 policy has taken effect.