Exam SAP-C01 All QuestionsBrowse all questions from this exam
Go to Exam
Question 898

A company is offering one of its applications as a multi-tenant software-as-a-service (SaaS) solution. The application has a RESTAPI that runs on a set of Amazon

EC2 instances behind an Application Load Balancer (ALB). The instances run in an Auto Scaling group.

Last week, one of the tenants ran a campaign that significantly increased traffic to the REST API. The resource constraints affected the performance of other tenants that were running on the same set of EC2 instances. The company wants the ability to throttle API calls for each tenant.

Which combination of steps should a solutions architect take to meet these requirements? (Choose three.)

    Correct Answer: B, E, F

    To effectively throttle API calls for each tenant in a multi-tenant SaaS environment, the appropriate steps involve setting usage plans and modifying the application's architecture. Creating an Amazon API Gateway API allows assigning API key usage plans for each tenant, enabling specific throttling and rate limiting per tenant. A VPC link for HTTP APIs targeting the ALB facilitates handling incoming traffic and routing it efficiently through the API Gateway. Finally, modifying the application's API requests to target the newly created endpoint ensures that all API calls go through the API Gateway, where the throttling rules can be enforced. This combination offers a robust solution for controlling traffic and preventing any single tenant from impacting others adversely.

Discussion
daiditenan

e.g. B,E,F

JohnPiOptions: BEF

B. Create an Amazon API Gateway API. Assign an API key usage plan for each tenant. E. Create a VPC link for HTTP APIs. Set up the ALB as the target. Configure an HTTP proxy private integration that uses the VPC link. F. Modify the application's API requests to target the newly created endpoint.

crerem

i don't understand how will E and F -help on throttle API calls ?

ByrneyOptions: BEF

Not A because a rate based rule in WAF is per *originating IP address* not per tenant. You need to use usage plans.

awsguru1998

BC cant go together as they are both having step of 'Create an Amazon API Gateway API." CORRECT ABD

dcdcdc3Options: ABC

I will go with the links provided by sb333 It appears DEF are how to make a private API, which is already private, per the question.

daiditenan

why do you think that waf acl is throttling related ? is more about usage plans https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html

crerem

waf is rate based rule - so it will block anything above a value - just like throttling

WhyIronManOptions: BEF

BEF not A because a rate based rule in WAF is per *originating IP address* not per tenant. You need to use usage plans

pek77Options: BEF

Usage Plan could enable to limit throttling the rate. Thus, A C wrong. When you chose the API gateway you should modify your app, from ALB to API Gateway (F) And proxy API Gateway to ALB (E) https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-application-load-balancers/?nc1=h_ls

pek77

Usage Plan, enable throttling to limit the rate.: https://aws.amazon.com/cn/blogs/aws/new-usage-plans-for-amazon-api-gateway/

skywalkerOptions: ABC

A. Create a Rate Limit so that no tenat can over use the bandwidth B. Create Usage Plan to limit usage of each API C. Assign API Gateway API together with WAF. Thus ABC.

sb333Options: ABC

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-aws-waf.html

Cloudxie

https://aws.amazon.com/blogs/compute/managing-multi-tenant-apis-using-amazon-api-gateway/