Rate Limiter

Edit online

This policy limits the number of API invocations during a specified time interval, and sends alerts to a specified destination when the performance conditions are violated. You can use this policy to avoid overloading the back-end services and their infrastructure, to limit specific clients in terms of resource usage, and so on.

The Throttling policy generates two types of events when the specified limit is breached:

Policy violation event. Indicates the violations that occur for an API. If there are 100 violations, then 100 policy violation events are generated.
Monitor event. Controlled by the alert frequency configuration specified in the policy.

In API Studio, this policy is identified by the kind RateLimiter.

Here is a sample code for the Throttling policy.

kind: RateLimiter
apiVersion: api.webmethods.io/beta
metadata:
  name: rate-limiter
  version: 1.0
  namespace: sample
  tags:
    - traffic_optimization
spec:
  enabled: true
  maxLimit: 20
  applications:
      - "Each-applications" 
  applicationSpecific: true
  alert-configuration:
    interval: 2m  # m,h,d,w,cw, cm are possible values
    frequency: always # Other possible value is 'once'
    message: 'Throtting reached!'
    destinations:
        - self
        - dev_portals :
          - portal 1
          - portal 2
        - email:
          - nas@sag.com
          - daso@sag.com
        - snmp
        - jdbc
        - log-file:
            level: info

The structure in the code view and what it denotes is as follows.

Type	Description
kind	`RateLimiter`. This denotes the asset type, Throttling policy.
apiVersion	This denotes the API version of the API on which this policy is enforced.
metadata	This denotes the metadata or details of the asset type. It covers the following metadata: `name`. Name of the policy. `version`. Version of the policy. `namespace`. The namespace identifier of the policy. `tags`. The tags assoxattr -cr ~/Downloads/api-studio-mac.zipciated with the policy.
spec	This denotes various policy properties you can configure for the policy. You can configure the following policy properties: `enabled`. Specify whether the policy is enabled or disabled. You can disable the policy by setting this property as Disabled. `maxLimit`. Specify the maximum value of the request count beyond which the policy is violated. `applications`. Specify the applications for which the policy is applied. `applicationSpecific`. Enable to apply rate limits individually per application instead of globally. `alert-configuration`. Specifies the details of when the alert gets triggered. `interval`. Specifies the interval of time for the maximum limit to be reached. `frequency`. Specifies the frequency at which the alerts are issued and the monitor events are logged. If you set the value as Only once, it triggers an alert every time the specified condition is violated and logs a monitor event for the alert interval specified. If you set the value as Everytime, it triggers an alert every time the specified condition is violated and logs multiple monitor events based on the number of API invocations. `message`. Specifies the text message to be included in the alert. `destination`. Specifies the destination to log the alerts. Available destinations are: self, dev_portals, email, snmp, jdbc, log-file.