Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Amazon Introduces API Gateway Usage Plans

Amazon Introduces API Gateway Usage Plans


Amazon recently updated their API Gateway service to include Usage Plans. Usage Plans allow Amazon API Gateway customers to regulate and monetize their APIs through different levels of access and different categories of users. A common pattern for companies that expose their APIs, include monetizing them through a 3rd party developer ecosystem. Usage Plans allow an organization to manage 3rd party developer consumption patterns and billing at an API key level.

Amazon initially launched their API Gateway service in July 2015 as a way for organizations to protect and manage APIs running on AWS Lambda, EC2 or APIs hosted on public endpoints. The service has now been updated to include more granular control for managing APIs through Usage Plans. More specifically, Usage Plans can be assigned to different levels of access, such as Bronze, Silver and Gold. They can also be assigned to different categories of users, including Student, Individual, Professional or Enterprise. Using Usage Plans, API Gateway customers can now control the following characteristics of an API including:

  • Throttling – Overall request rate (average requests per second) and a burst capacity.
  • Quota – Number of requests that can be made per day, week, or month.
  • API / Stages – The API and API stages that can be accessed.

Creating a Usage Plan can be accomplished through the API Gateway Console. Within the Usage Plan, administrators can enable a throttling process that caps API requests per second and burst requests. The Usage Plan also allows for a quota, or cap, on the total number of requests within a predefined timeframe.

In a recent blog post, Jeff Barr, chief evangelist at Amazon Web Services, explains how Amazon implements throttling:

Throttling is implemented using a Token Bucket model. The bucket is large enough to hold the number of tokens denoted by the Burst value, and gains new tokens at the specified Rate. Each API request removes one token from the bucket. Using a Token Bucket allows you to have APIs that support a steady stream of requests with the capability to accommodate the occasional burst.

From a business and technical perspective, throttling ensures that a consumer on a lower tier plan does not introduce performance issues that would disrupt API consumers on a higher tier plan from making API calls. 

Image Source:

In the event an API consumer is close to exceeding their quota for the current month, due to unplanned consumption, a temporary extension may be granted in order to avoid a disruption of service.

Image Source:

Usage Plans may be implemented in different API Gateway Stages. Amazon has created Stages so computing environments can be managed independently of each other, such as Test or Production environments. In the event an organization is hosting their APIs on a less powerful Test environment, they may want to enforce different policies for API consumers in that Stage, or environment.

Since Amazon is now metering usage at an API key level, they can also provide consumption data through the Export Usage Data feature. An administrator has the ability to provide a date range and the format of the consumption data including JSON or CSV.  This information can then be provided to API consumers in order to justify costs.

Image Source:

Metering consumption, throttling and quotas are not unique to Amazon API Gateway. These are mainstream API Management features that can be found in competing offerings, including Microsoft’s Azure API Management service. Microsoft accomplishes throttling and quotas through the use of policies which can be applied at different scope levels including Product, API or Operation. Consumption tracking occurs at the Developer, Product, Subscription, API and Operation levels.

Rate this Article