0
0
AWScloud~10 mins

API keys and usage plans in AWS - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - API keys and usage plans
Create API Key
Create Usage Plan
Associate API Key with Usage Plan
Client uses API Key
API Gateway checks Usage Plan limits
Within Limits
Allow Request
This flow shows how an API key is created, linked to a usage plan with limits, and how API Gateway checks these limits when a client makes a request.
Execution Sample
AWS
1. Create API Key 'Key123'
2. Create Usage Plan 'PlanA' with 1000 requests/day
3. Link 'Key123' to 'PlanA'
4. Client sends request with 'Key123'
5. API Gateway checks if usage < 1000
6. If yes, allow; else reject
This example shows creating an API key, a usage plan with limits, linking them, and how API Gateway enforces the limits on requests.
Process Table
StepActionAPI Key Usage CountUsage Plan LimitCheck ResultRequest Outcome
1Create API Key 'Key123'0N/AN/AAPI Key created
2Create Usage Plan 'PlanA' with 1000 requests/day01000N/AUsage Plan created
3Associate 'Key123' with 'PlanA'01000N/AAssociation done
4Client sends request with 'Key123'01000Check usage < limitProceed to check
5API Gateway checks usage count010000 < 1000 is TrueRequest allowed
6Increment usage count11000N/AUsage count updated
7Repeat requests until usage reaches 10009991000999 < 1000 is TrueRequest allowed
8Client sends request after limit reached100010001000 < 1000 is FalseRequest rejected
💡 Requests stop being allowed once usage count reaches the usage plan limit of 1000.
Status Tracker
VariableStartAfter Step 4After Step 6After Step 7Final
API Key Usage Count0019991000
Usage Plan LimitN/A1000100010001000
Request OutcomeN/APendingAllowedAllowedRejected
Key Moments - 3 Insights
Why does the request get rejected at step 8 even though usage count equals the limit?
Because the usage plan limit is a maximum allowed number of requests. When usage count reaches the limit, further requests are blocked as shown in execution_table row 8.
What happens if a client sends a request without an API key?
The request is rejected immediately because API Gateway requires a valid API key associated with a usage plan to track and enforce limits. This is implied before step 4.
Does the usage count reset automatically each day?
Yes, usage plans typically reset usage counts daily or per configured period, allowing clients to make new requests within limits. This is part of usage plan behavior beyond the shown steps.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table at step 5, what is the check result for usage count 0 and limit 1000?
AUsage count equals limit
B0 < 1000 is True
C0 < 1000 is False
DCheck not performed
💡 Hint
Refer to execution_table row 5 under 'Check Result' column.
At which step does the request start getting rejected due to exceeding the usage plan limit?
AStep 4
BStep 6
CStep 8
DStep 3
💡 Hint
Check execution_table rows 7 and 8 under 'Request Outcome' column.
If the usage plan limit was increased to 2000, how would the request outcome at step 8 change?
ARequest would be allowed
BRequest would still be rejected
CAPI key would be deleted
DUsage count would reset
💡 Hint
Look at usage plan limit and request outcome in execution_table rows 7 and 8.
Concept Snapshot
API keys identify clients.
Usage plans set request limits.
Link API keys to usage plans.
API Gateway checks usage on each request.
Requests over limit are rejected.
Usage resets periodically.
Full Transcript
This visual execution shows how API keys and usage plans work together in AWS API Gateway. First, an API key is created. Then a usage plan is created with a request limit, for example 1000 requests per day. The API key is linked to the usage plan. When a client sends a request with the API key, API Gateway checks if the usage count is below the limit. If yes, the request is allowed and usage count increments. If usage reaches the limit, further requests are rejected until usage resets. This ensures fair use and protects the API from overuse.