Azure Logic Apps - Disable/Limit based on Runs Started
Question
I have an Azure Logic App that provides a publicly accessible HTTPS URL to trigger the Azure logic app. The Logic App does a number of data manipulations and so on and then sends a response back to the requester. This is working well but I am concerned about escalating costs if some one intentionally calls this HTTPS URL (ie: a DDOS attack or something along those lines)
What is the best way to stop this? I know Azure has a limit of 100 000 runs per 5 minutes but that still adds up quickly. Is there a better way to put a threshold in place to stop a situation like this? Some thoughts I had:
- Create a metric alert and call another Azure Logic App to disable the open logic app being called repetitively. But I do not seem to be able to get this to work.
- Use Traffic manager or something similar to manage some limits or threshold but not sure how this would work either.
Any advise or thoughts would be very helpful. The through put on the Logic App would be relatively low and anything over say 5000 calls in 10 minutes would be out of the norm. For this reason the costs are relatively low and things like Azure DDOS protection are just too expensive. So the approach definitely needs to be cost efficient.
1 answers
solution1
0 ACCPTED 2018-09-05 07:27:50
The best solution is to use some form of API management to securely expose your API's. Here's a good blog post on how to secure your API's with Azure API Management:
using-azure-api-management-to-prevent-denial-of-wallet-attacks
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.