Knowledge Base | Daily Notes

Azure- Rate limiting

Aug 30, 20242 min read

rate_limiting with Azure

https://learn.microsoft.com/en-us/azure/api-management/rate-limit-by-key-policy

  • To add a rate limit per user in Azure API Management (APIM), you can follow these steps:

  1. Open the Azure portal (portal.azure.com) and navigate to your API Management instance.

  2. Select the desired API within your API Management instance.

  3. In the API menu, click on the “Policies” option. This will open the policy editor.

  4. In the policy editor, locate the <inbound> section and add the following policy code to enable rate limiting per user:

<inbound>
    <ratelimit-by-key calls="1000" renewal-period="60" counter-key="@(context.Subscription.Id):@(context.User.Id)" />
</inbound>

In the above code:

  • calls specifies the maximum number of requests allowed within the defined time period.
  • renewal-period defines the duration (in seconds) after which the rate limit counter resets.
  • counter-key specifies the key used to track requests per user. In this example, it combines the subscription ID and user ID to uniquely identify each user.
  1. Save the policy configuration.

Once the rate limiting policy is applied, Azure APIM will start enforcing the rate limit per user for the specified API. If a user exceeds the defined rate limit, they will receive a response with an HTTP status code indicating the rate limit has been exceeded (e.g., 429 Too Many Requests).

Remember to adjust the calls and renewal-period values based on your specific requirements.

Note that the above instructions assume you are using the Azure portal for configuring APIM. Alternatively, you can also use Azure PowerShell, Azure CLI, or ARM templates to define and deploy the rate limiting policy programmatically.

Questions

Graph View

Backlinks

  • No backlinks found