SAP-C01 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C01 Exam - Question 898

A company is offering one of its applications as a multi-tenant software-as-a-service (SaaS) solution. The application has a RESTAPI that runs on a set of Amazon

EC2 instances behind an Application Load Balancer (ALB). The instances run in an Auto Scaling group.

Last week, one of the tenants ran a campaign that significantly increased traffic to the REST API. The resource constraints affected the performance of other tenants that were running on the same set of EC2 instances. The company wants the ability to throttle API calls for each tenant.

Which combination of steps should a solutions architect take to meet these requirements? (Choose three.)

Show Answer
Correct Answer: BEF

To effectively throttle API calls for each tenant in a multi-tenant SaaS environment, the appropriate steps involve setting usage plans and modifying the application's architecture. Creating an Amazon API Gateway API allows assigning API key usage plans for each tenant, enabling specific throttling and rate limiting per tenant. A VPC link for HTTP APIs targeting the ALB facilitates handling incoming traffic and routing it efficiently through the API Gateway. Finally, modifying the application's API requests to target the newly created endpoint ensures that all API calls go through the API Gateway, where the throttling rules can be enforced. This combination offers a robust solution for controlling traffic and preventing any single tenant from impacting others adversely.

Discussion

11 comments
Sign in to comment
daiditenan
Sep 1, 2022

e.g. B,E,F

JohnPiOptions: BEF
Oct 3, 2022

B. Create an Amazon API Gateway API. Assign an API key usage plan for each tenant. E. Create a VPC link for HTTP APIs. Set up the ALB as the target. Configure an HTTP proxy private integration that uses the VPC link. F. Modify the application's API requests to target the newly created endpoint.

crerem
Nov 9, 2022

i don't understand how will E and F -help on throttle API calls ?

daiditenan
Sep 1, 2022

why do you think that waf acl is throttling related ? is more about usage plans https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html

crerem
Nov 9, 2022

waf is rate based rule - so it will block anything above a value - just like throttling

dcdcdc3Options: ABC
Oct 7, 2022

I will go with the links provided by sb333 It appears DEF are how to make a private API, which is already private, per the question.

awsguru1998
Oct 31, 2022

BC cant go together as they are both having step of 'Create an Amazon API Gateway API." CORRECT ABD

ByrneyOptions: BEF
Nov 9, 2022

Not A because a rate based rule in WAF is per *originating IP address* not per tenant. You need to use usage plans.

Cloudxie
Sep 18, 2022

https://aws.amazon.com/blogs/compute/managing-multi-tenant-apis-using-amazon-api-gateway/

sb333Options: ABC
Oct 2, 2022

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-aws-waf.html

skywalkerOptions: ABC
Oct 11, 2022

A. Create a Rate Limit so that no tenat can over use the bandwidth B. Create Usage Plan to limit usage of each API C. Assign API Gateway API together with WAF. Thus ABC.

pek77Options: BEF
Oct 15, 2022

Usage Plan could enable to limit throttling the rate. Thus, A C wrong. When you chose the API gateway you should modify your app, from ALB to API Gateway (F) And proxy API Gateway to ALB (E) https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-application-load-balancers/?nc1=h_ls

pek77
Oct 15, 2022

Usage Plan, enable throttling to limit the rate.: https://aws.amazon.com/cn/blogs/aws/new-usage-plans-for-amazon-api-gateway/

WhyIronManOptions: BEF
Jul 15, 2024

BEF not A because a rate based rule in WAF is per *originating IP address* not per tenant. You need to use usage plans