What should the developer do to meet these requirements?
Place the API behind an Amazon API Gateway API. Set the server-side throttling limits.
Place the API behind a Network Load Balancer. Set the target group throttling limits.
Place the API behind an Application Load Balancer. Set the target group throttling limits.
Place the API behind an Amazon API Gateway API. Set the per-client throttling limits.
Explanations:
API Gateway provides built-in throttling capabilities and can limit the number of requests to the API. Server-side throttling can be set to manage overall request rates, which helps prevent the API from being overwhelmed.
A Network Load Balancer (NLB) is designed to handle high volumes of TCP traffic and cannot directly limit the rate of HTTP requests, making it unsuitable for throttling API requests.
While an Application Load Balancer (ALB) can distribute HTTP(S) traffic, it does not offer request throttling capabilities for controlling the rate of incoming requests.
API Gateway supports per-client throttling, but this option implies that the developer wants to apply the limit universally for all clients, which can be achieved by setting server-side throttling limits instead.
As far as I can tell, the answer is:
Place the API behind an Amazon API Gateway API. Set the server-side throttling limits.