Creating a Request Throttling Policy
Scenario
Request throttling controls the number of times an API can be called within a time period to protect backend services.
To provide stable, uninterrupted services, you can create request throttling policies to control the number of calls made to your APIs.
Request throttling policies take effect for an API only if they have been bound to the API.
- An API can be bound with only one request throttling policy for a given environment, but each request throttling policy can be bound to multiple APIs.
- For the shared gateway, the default request throttling limit is 200 calls per second.
Prerequisites
You have published the API to which you want to bind a request throttling policy.
Creating a Request Throttling Policy
- Access the shared gateway console.
- In the navigation pane, choose API Publishing > Request Throttling.
- Click Create Request Throttling Policy, and set the parameters listed in Table 1.
Table 1 Parameters for creating a request throttling policy Parameter
Description
Name
Request throttling policy name.
Type
API-based or API-shared request throttling.
- API-based: Request throttling is based on every API to which the policy is bound.
- API-shared: Request throttling is based on all APIs as a whole to which the policy is bound.
Period
For how long you want to limit the number of API calls. This parameter can be used together with the following parameters:
- Max. API Requests: Limit the maximum number of times an API can be called within a specific period.
- Max. User Requests: Limit the maximum number of times an API can be called by a user within a specific period.
- Max. App Requests: Limit the maximum number of times an API can be called by an app within a specific period.
- Max. IP Address Requests: Limit the maximum number of times an API can be called by an IP address within a specific period.
Max. API Requests
The maximum number of times each bound API can be called within the specified period.
This parameter must be used together with Period.
Max. User Requests
The maximum number of times each bound API can be called by a user within the specified period. This limit only applies to APIs that are accessed through app or IAM authentication.
- The value of this parameter cannot exceed that of Max. API Requests.
- This parameter must be used together with Period.
- If there are many users under your account that access an API, the request throttling limits of the API will apply to all these users.
Max. App Requests
The maximum number of times each bound API can be called by an app within the specified period. This limit only applies to APIs that are accessed through app authentication.
- The value of this parameter cannot exceed that of Max. User Requests.
- This parameter must be used together with Period.
Max. IP Address Requests
The maximum number of times each bound API can be called by an IP address within the specified period.
- The value of this parameter cannot exceed that of Max. API Requests.
- This parameter must be used together with Period.
Description
Description of the request throttling policy.
- Click OK.
After the policy is created, it is displayed on the Request Throttling page. You can bind this policy to APIs to throttle API requests.
Binding a Request Throttling Policy to an API
- Go to the page for binding a request throttling policy to an API. You can use one of the following methods:
- In the Operation column of the request throttling policy to be bound, click Bind to API, and then click Select API.
- Click the name of the target request throttling policy, and click Select API on the APIs tab page.
- Specify an API group, environment, and API name keyword to search for the desired API.
- Select the API and click OK.
Figure 1 Binding a request throttling policy to an API
If a request throttling policy is no longer needed for an API, you can unbind it. To unbind a request throttling policy from multiple APIs, select the APIs, and click Unbind. You can unbind a request throttling policy from a maximum of 1000 APIs at a time.
Follow-Up Operations
To control the maximum number of API calls received from a specific app or tenant, specify the app or tenant to exclude by referring to Adding an Excluded App or Tenant. If an app is excluded in a request throttling policy, any threshold configured for that app takes precedence over the request throttling policy. The API and user request limits of this policy are still valid. If a tenant is excluded in a request throttling policy, any threshold configured for that tenant will be applied. The API and app request limits of this policy are still valid.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot