Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pre-auth Rate Limiting heuristic #989

Open
alexsnaps opened this issue Nov 7, 2024 · 0 comments
Open

Pre-auth Rate Limiting heuristic #989

alexsnaps opened this issue Nov 7, 2024 · 0 comments
Assignees
@alexsnaps
Labels
kind/enhancement New feature or request

Comments

@alexsnaps
Copy link
Member

We can have a first round of rate limiting happen prior to the auth phase, when there is no need to resolve anything on the auth. root binding in none of the expressions and/or predicates within a RateLimitPolicy. I'd do that for limits coming from a RateLimitPolicy where this is true for all limits, so that limits from a single policy are always "transactional" (i.e. all counters get incremented or none is).

The proposal is to scan expressions on these policies and have the resulting Action be first in the wasm-shim's config ActionSet, when nothing from the auth root binding is read.
@alexsnaps alexsnaps added the kind/enhancement New feature or request label Nov 7, 2024
@alexsnaps alexsnaps self-assigned this Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexsnaps alexsnaps

Labels
kind/enhancement New feature or request
Projects
Kuadrant
Status: In Progress
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alexsnaps