AWScloud~30 mins

API keys and usage plans in AWS - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

API Keys and Usage Plans in AWS API Gateway

📖 Scenario: You are setting up an API in AWS API Gateway for a small app. You want to control who can use your API by creating API keys and usage plans. This helps you limit how many requests each user can make.

🎯 Goal: Build an AWS CloudFormation template that creates an API key and a usage plan with throttling limits. Then link the API key to the usage plan so only authorized users can access the API within set limits.

📋 What You'll Learn

Create an API key named MyApiKey with a description Key for app users

Create a usage plan named BasicUsagePlan with throttle limits: RateLimit 100 requests per second and BurstLimit 200

Associate the MyApiKey with the BasicUsagePlan

Use valid AWS CloudFormation syntax and resource types

💡 Why This Matters

🌍 Real World

API keys and usage plans are used to control access and limit usage of APIs in production environments, protecting backend services from overload and unauthorized use.

💼 Career

Cloud architects and DevOps engineers often configure API Gateway usage plans and keys to manage API consumption and billing.

Progress0 / 4 steps

Create the API key resource

Create an AWS CloudFormation resource of type AWS::ApiGateway::ApiKey named MyApiKey with the description Key for app users.

AWS

# Your CloudFormation template starts here
# Define the API key resource named MyApiKey with description

Need a hint?

Use the AWS::ApiGateway::ApiKey resource type and set the Name and Description properties exactly as instructed.

Create the usage plan resource

Add an AWS CloudFormation resource of type AWS::ApiGateway::UsagePlan named BasicUsagePlan with throttle limits: RateLimit 100 and BurstLimit 200.

AWS

Resources:
  MyApiKey:
    Type: AWS::ApiGateway::ApiKey
    Properties:
      Name: MyApiKey
      Description: Key for app users
      Enabled: true

# Add the BasicUsagePlan resource with throttle limits here

Need a hint?

Define the BasicUsagePlan resource with Throttle property containing RateLimit and BurstLimit as numbers.

Associate the API key with the usage plan

Add the ApiStages property to the BasicUsagePlan resource with an empty list (you will add stages later). Then add the UsagePlanId and KeyId properties to a new resource of type AWS::ApiGateway::UsagePlanKey named MyUsagePlanKey that links MyApiKey to BasicUsagePlan.

AWS

Resources:
  MyApiKey:
    Type: AWS::ApiGateway::ApiKey
    Properties:
      Name: MyApiKey
      Description: Key for app users
      Enabled: true
  BasicUsagePlan:
    Type: AWS::ApiGateway::UsagePlan
    Properties:
      UsagePlanName: BasicUsagePlan
      Throttle:
        RateLimit: 100
        BurstLimit: 200
      # Add ApiStages property here

# Add MyUsagePlanKey resource linking MyApiKey and BasicUsagePlan here

Need a hint?

Use ApiStages: [] in BasicUsagePlan. Create MyUsagePlanKey resource with KeyId referencing MyApiKey and UsagePlanId referencing BasicUsagePlan.

Complete the usage plan with API stage association

Update the ApiStages property of BasicUsagePlan to include one stage with ApiId set to exampleApiId and Stage set to prod. This completes the usage plan configuration to control usage on the production stage of the API.

AWS

Resources:
  MyApiKey:
    Type: AWS::ApiGateway::ApiKey
    Properties:
      Name: MyApiKey
      Description: Key for app users
      Enabled: true
  BasicUsagePlan:
    Type: AWS::ApiGateway::UsagePlan
    Properties:
      UsagePlanName: BasicUsagePlan
      Throttle:
        RateLimit: 100
        BurstLimit: 200
      # Update ApiStages property here
  MyUsagePlanKey:
    Type: AWS::ApiGateway::UsagePlanKey
    Properties:
      KeyId: !Ref MyApiKey
      KeyType: API_KEY
      UsagePlanId: !Ref BasicUsagePlan

Need a hint?

Replace the empty ApiStages list with one item containing ApiId: exampleApiId and Stage: prod.