Securing and Rate Limiting API calls using API Gateway

search share 参加 ログイン

Securing and Rate Limiting API calls using API Gateway

1時間 30分 クレジット: 7


Google Cloud Self-Paced Labs


API Gateway supports multiple authentication methods that are suited to different applications and use cases. The authentication method you specify in your API config determines how client requests will be validated before providing access to backend services. There are two main authentication methods used by API Gateway and their use cases are client specific, these are: API Keys and User Authentication.

API Keys provide project identification and authorization and typically are used to identify an application and validate that it has been granted access to call the API being requested. The API Key used to identify the client application is generated in a Google Cloud Project that is provided access to the set of APIs it needs to consume. The API Key can also be utilized to identify usage information associated with the calling client application.

In contrast, authentication schemes provide a secure way of identifying a calling user and typically serve two purposes, User Authentication and User Authorization:

  • User Authentication is leveraged to securely verify that the calling user is who they claim to be.
  • User Authorization is leveraged to check whether the user should have access to make a client request.

You can find more information on various Use Cases for API Keys on the documentation page.

API Gateway also provides the ability to limit client requests by enforcing quotas or controling the rate at which an application can call your API. This is also known as rate limiting. Setting a quota for your API is important as it allows you to specify usage limits to your API to protect your backend services from an excessive number of requests from calling applications.

The benefits of doing this are many. It allows you to:

  • Protect the health of your backend services
  • Maintain cost efficiency of running services on the cloud
  • Ensure that one application cannot negatively impact other applications consuming your API

More information on using Quotas can be found on the documentation page.

In this lab you will deploy an API to API Gateway and make enhancements to improve its security and rate limiting configuration.

Qwiklabs に参加してこのラボの残りの部分や他のラボを確認しましょう。

  • Cloud Console への一時的なアクセス権を取得します。
  • 初心者レベルから上級者レベルまで 200 を超えるラボが用意されています。
  • ご自分のペースで学習できるように詳細に分割されています。