From the course: Microservices and API Security for Security Architects: From Gateway Protection to Container Security
Join today to access over 25,500 courses taught by industry experts.
Rate limiting
- [Instructor] Rate limiting is a critical security control for protecting your microservices from overuse, whether that's intentional or accidental. With Envoy Gateway, you can implement sophisticated rate limiting policies without modifying your application code. Rate limiting works at the API gateway layer, intercepting requests before they reach your services and enforcing usage quotas based on various criteria. This provides a consistent boundary across all of your backend services. Let's look at how this works with Envoy Gateway. The configuration is declarative, using Kubernetes custom resources to define your rate limiting policies. This policy implements a limit of 100 requests per minute per client IP address. When a client exceeds this limit, they receive a HTTP error 429 Too Many Requests response. You can apply more sophisticated rate limiting based on multiple factors. For example, you might want to have…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.