Which solution will meet these requirements?
Setup Amazon Inspector on the backend servers. Create assessment targets with a rate-based configuration to block any offending IP address.
Create a rate-based rule in AWS WAF to block an IP address when that IP address exceeds the configured threshold rate.
Identity the offending client IP address ranges. Create a regular rule in AWS WAF to block the offending IP address ranges.
Create a rate-based rule in Amazon GuardDuty to block an IP address when that IP address exceeds the configured threshold rate
Explanations:
Amazon Inspector is primarily a security assessment service that helps identify vulnerabilities in applications, but it does not have capabilities to manage or limit traffic rates to a web application. It cannot block IP addresses based on request rates.
AWS WAF (Web Application Firewall) allows you to create rate-based rules that automatically block or limit traffic from an IP address once it exceeds a defined threshold. This directly addresses the requirement to limit traffic from high-request IP addresses and protect against potential DDoS attacks.
While creating a regular rule in AWS WAF can block specific IP addresses, it does not have the functionality to dynamically monitor and limit traffic based on the rate of requests. This option does not meet the requirement of tracking and limiting based on request rates.
Amazon GuardDuty is a threat detection service that monitors for malicious activity, but it does not have the functionality to directly block traffic or create rate-based rules for web traffic. GuardDuty can alert on issues but cannot perform traffic management like AWS WAF.
I scheme that the answer is:
Create a rate-based rule in AWS WAF to block an IP address when that IP address exceeds the configured threshold rate.