I have a questions (hopefully not dumb). I am the IT guy of a business hosting various applications with AWS and we currently have a Classic Load Balancer sitting in front of 2 to 3 EC2 instances which handle all our web traffic. It’s a pretty straight forward configuration. In the past 13 hours, we are being hit with what we believe is malicious activity. A single person (I think) is trying to send more than 500 requests per second, I guess a bad actor. Unfortunately, I am not well equipped with devops skills but I know that’s one area I need to invest in after this.
At the moment, I am looking to block/rate limit these requests as soon as possible. I have read online that an API gateway can do this. I would appreciate any advice on what type of API gateway to create. Is it also possible to create an API gateway and route all requests to that gateway to the Load Balancer? And is it also possible to limit requests based on the request body and not only IP address? Thanks and I do appreciate any response to this. I am also happy to improve on my question where necessary.