API Gateway allows you to create usage plans to control how clients use your APIs. What happens when a client exceeds the quota or rate limits defined in a usage plan?
Think about how limits protect your API from overuse.
When a client exceeds the quota or rate limits in a usage plan, API Gateway blocks further requests until the limits reset. This prevents abuse and controls costs.
You want to create an API key and associate it with an existing usage plan using AWS CLI. Which command correctly does this?
Creating an API key and linking it to a usage plan are two separate steps.
First, create the API key with create-api-key. Then, link it to a usage plan with create-usage-plan-key using the key ID and usage plan ID.
You have an API used by two clients: Client A needs 1000 requests/day, Client B needs 5000 requests/day. How should you configure usage plans and API keys to enforce these limits?
Think about how usage plans control limits per API key.
Usage plans define quotas and rate limits. Assigning unique API keys linked to different usage plans allows enforcing different limits per client.
If you deploy an API with API keys enabled but do not attach usage plans, what security risk arises?
Consider what usage plans control besides authentication.
Without usage plans, API keys only identify clients but do not limit their usage. This can lead to abuse or high costs.
You want to rotate API keys used by clients without causing service interruption. Which approach follows best practices?
Think about minimizing downtime and ensuring clients can switch keys smoothly.
Creating a new key and associating it before removing the old key allows clients to switch without losing access, avoiding downtime.