I have an Azure Logic App that provides a publicly accessible HTTPS URL to trigger the Azure logic app. The Logic App does a number of data manipulations and so on and then sends a response back to the requester. This is working well but I am concerned about escalating costs if some one intentionally calls this HTTPS URL (ie: a DDOS attack or something along those lines)
What is the best way to stop this? I know Azure has a limit of 100 000 runs per 5 minutes but that still adds up quickly. Is there a better way to put a threshold in place to stop a situation like this? Some thoughts I had:
Any advise or thoughts would be very helpful. The through put on the Logic App would be relatively low and anything over say 5000 calls in 10 minutes would be out of the norm. For this reason the costs are relatively low and things like Azure DDOS protection are just too expensive. So the approach definitely needs to be cost efficient.
The best solution is to use some form of API management to securely expose your API's. Here's a good blog post on how to secure your API's with Azure API Management:
using-azure-api-management-to-prevent-denial-of-wallet-attacks