One of my biggest fears. What's to prevent trolls and competitors from just spamming your endpoints in a loop? How do people using pay-per-use infra deal with these problems?
I really want to use Lambda for public endpoints but it just scares me.
There are a lot of tools in AWS to deal with this. Api Gateway Rate Limiting, WAF, etc.
That said it does take a level of awareness to set these things up. Some of what we try to do at SST is turn on these for you automatically so you're not being punished for not knowing something
I really want to use Lambda for public endpoints but it just scares me.