A company is offering one of its applications as a multi-tenant software-as-a-service (SaaS) solution.The application has a RESTAPI that runs on a set of AmazonEC2 instances behind an Application Load Balancer (ALB).The instances run in an Auto Scaling group.Last week, one of the tenants ran a campaign that significantly increased traffic to the REST API.The resource constraints affected the performance of other tenants that were running on the same set of EC2 instances.The company wants the ability to throttle API calls for each tenant.
Which combination of steps should a solutions architect take to meet these requirements?
(Choose three.)
Create an AWS WAF web ACL. Add a rate-based rule statement to the web ACL. Set the action to block.
Create an Amazon API Gateway API. Assign an API key usage plan for each tenant.
Create an Amazon API Gateway API. Assign the AWS WAF web ACL to the API Gateway API.
Create an Amazon CloudFront distribution. Assign the AWS WAF web ACL to the CloudFront distribution.
Create a VPC link for HTTP APIs. Set up the ALB as the target. Configure an HTTP proxy private integration that uses the VPC link.
Modify the application’s API requests to target the newly created endpoint.
I figure that the answer is:
Create an Amazon API Gateway API. Assign an API key usage plan for each tenant.