AWS Certified Developer – Associate — Question 429

A company has moved a legacy on-premises application to AWS by performing a lift and shift. The application exposes a REST API that can be used to retrieve billing information. The application is running on a single Amazon EC2 instance. The application code cannot support concurrent invocations. Many clients access the API, and the company adds new clients all the time.
A developer is concerned that the application might become overwhelmed by too many requests. The developer needs to limit the number of requests to the API for all current and future clients. The developer must not change the API, the application, or the client code.
What should the developer do to meet these requirements?

Answer options

• A. Place the API behind an Amazon API Gateway API. Set the server-side throttling limits.
• B. Place the API behind a Network Load Balancer. Set the target group throttling limits.
• C. Place the API behind an Application Load Balancer. Set the target group throttling limits.
• D. Place the API behind an Amazon API Gateway API. Set the per-client throttling limits.

Correct answer: A

Explanation

Placing the API behind Amazon API Gateway allows the configuration of server-side throttling limits, which globally restricts the rate of incoming requests to protect the backend EC2 instance from being overwhelmed. Neither Application Load Balancers nor Network Load Balancers natively support target group throttling limits. Per-client throttling in API Gateway would require managing usage plans and API keys for every client, which does not easily scale automatically for new clients without client-side modifications.