[Bug]: Removal of the Default route throttling for an API GatewayV2 sets the limits to 0

[davidg-idealo]

Terraform Core Version

1.1.7

AWS Provider Version

4.61.0

Affected Resource(s)

aws_apigatewayv2_api aws_apigatewayv2_stage

Expected Behavior

Before configuring the Default route throttling for an API-GW2 the Burst- and Rate limit is set to Not configured. This means that the account wide throttling limits are taken into account.

After configuring these values and remove them again afterwards my exception would be that the values are set to the initial value Not configured.

Actual Behavior

After removing the configuration for Default route throttling the values are set to 0. The problem is that the underlaying API is immediately unavailable because the API GW responds with 429 - Too many requests.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

Step 1:

resource "aws_apigatewayv2_api" "example" {
  name          = "example-http-api"
  protocol_type = "HTTP"
}

resource "aws_apigatewayv2_stage" "example" {
  api_id = aws_apigatewayv2_api.example.id
  name   = "example-stage"
  default_route_settings {
    throttling_burst_limit = 500
    throttling_rate_limit  = 1000
  }
}

Step 2:

resource "aws_apigatewayv2_api" "example" {
  name          = "example-http-api"
  protocol_type = "HTTP"
}

resource "aws_apigatewayv2_stage" "example" {
  api_id = aws_apigatewayv2_api.example.id
  name   = "example-stage"
}

Steps to Reproduce

First create an API-GW2 with default route limits. (Step1) Afterwards remove the limits. (Step 2)

Check the limits and you will see that they are set to 0 and it is not possible to set them back to Not configured in the console.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[scalp42]

@davidg-idealo I can confirm, bit me last night 😂

[rdepping]

Related issue.

Including a different optional setting in your TF for an APIGW stage like detailed_metrics_enabled will force the limits to 0 - even if you have never set them.

e.g.

include the following under aws_apigatewayv2_api

  default_route_settings {
    detailed_metrics_enabled = true
  }

Effectively you get the following optional params set for "free" to 0 - which to me is unexpected and surprising and high impact as it cuts off the APIGW from any usage.

  default_route_settings {
    throttling_burst_limit = 0
    throttling_rate_limit = 0
  }

Note - there is a long thread on this over at https://github.com/hashicorp/terraform-provider-aws/issues/14742 and it does appear this is at least partially an issue on the AWS side (see https://stackref.substack.com/p/psa-aws-api-gateway-429-errors-and?s=r)

However I would not expect that setting detailed_metrics_enabled in the TF would force setting the burst limits with such disastrous consequences.

[oeed]

Would really appreciate this receive the attention it deserves. Having your API rate limited for seemingly no reason is not fun.

[alena-m]

The problem still exists. Updating request_parameters causes throttling_burst_limit and throttling_rate_limit to be reset to 0.

Terraform Core version 1.2.0 AWS Provider version: 5.36.0

resource "aws_apigatewayv2_integration" "this" {
  api_id                    = aws_apigatewayv2_api.this.id
  integration_type          = "HTTP_PROXY"
  connection_type           = "INTERNET"
  content_handling_strategy = "CONVERT_TO_TEXT"
  integration_method        = "POST"
  integration_uri           = var.integration_uri
  request_parameters = {
    "integration.request.header.connectionId" = "context.connectionId",
    "integration.request.header.sourceIp" = "context.identity.sourceIp"
  }
}