Avoid rate limit errors on Cognito auth endpoints

0

Hello re:Post community, here's my first post.

A while ago I implemented S3 bucket support for a genomics visualization package called IGV:

https://github.com/igvteam/igv/pull/620

Today, I'm facing some problem reports w.r.t API endpoint quota limits and I'd like to hear your advice:

https://github.com/igvteam/igv/issues/1311#issuecomment-1716974095

What's the best way to mitigate or solve this issue that other partners are facing? So far, our facility hasn't seen those, but there's no reason they cannot appear in the future, generating a DoS situation for our staff and their legitimate login attempts :/

1 Answer
1
Accepted Answer

Hi,

there are four types of resolution for this:

  1. As pointed in the Issue, you should handle 4XX Rate Limit error code gracefully
  2. You need to understand if the rate limiting applies to authentication or refresh of the access token. A. if Authentication, you can try to request a quota increase for Cognito , see Quotas page https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html B. If refresh of the access token, you might want to increase the life time of the Access token in the User Pool, see token Expiration parameter https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html
  3. Finally if this is bad traffic DDOS you, you apply an AWS WAF WebACL to filter out traffic before reaching Cognito see https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html
AWS
answered 9 months ago
profile picture
EXPERT
reviewed 9 months ago
  • It turned out to be a variant of point 1, see the updated GH issue, thanks Jeff!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions