/sys/quotas/config
Restricted endpoint
The API path can only be called from the root namespace.The /sys/quotas/config
endpoint is used to configure rate limit quotas.
Create or update the rate limit configuration
Method | Path |
---|---|
POST | /sys/quotas/config |
Parameters
rate_limit_exempt_paths
([]string: [])
- Specifies the list of exempt paths from all rate limit quotas. If empty no paths will be exempt.enable_rate_limit_audit_logging
(bool: false)
- If set, starts audit logging of requests that get rejected due to rate limit quota rule violations.enable_rate_limit_response_headers
(bool: false)
- If set, additional rate limit quota HTTP headers will be added to responses.
Sample payload
{ "rate_limit_exempt_paths": [ "sys/internal/ui/mounts", "sys/generate-recovery-token/attempt", "sys/generate-recovery-token/update", "sys/generate-root/attempt", "sys/generate-root/update", "sys/health", "sys/seal-status", "sys/unseal" ], "enable_rate_limit_audit_logging": true, "enable_rate_limit_response_headers": true}
Sample request
$ curl \ --request POST \ --header "X-Vault-Token: ..." \ --data @payload.json \ http://127.0.0.1:8200/v1/sys/quotas/config
Get the rate limit configuration
Method | Path |
---|---|
GET | /sys/quotas/config |
Sample request
$ curl \ --request GET \ --header "X-Vault-Token: ..." \ http://127.0.0.1:8200/v1/sys/quotas/config
Sample response
{ "request_id": "259801bd-a0c9-9350-8eb9-26c91afd19c6", "lease_id": "", "lease_duration": 0, "renewable": false, "data": { "enable_rate_limit_audit_logging": false, "enable_rate_limit_response_headers": false, "rate_limit_exempt_paths": [ "sys/internal/ui/mounts", "sys/generate-recovery-token/attempt", "sys/generate-recovery-token/update", "sys/generate-root/attempt", "sys/generate-root/update", "sys/health", "sys/seal-status", "sys/unseal" ] }, "warnings": null}