SpecterOps
Feature: Make rate limit runtime-configurable
Feature Description
Add a configuration to control the middleware's default rate limiter.
Are you intending to implement this feature?
No
Current Behavior
BHCE currently uses a single rate limiter value to protect all paths not related to authentication. This rate limiter is set at 55 requests per second in the code. The only way to change it is to recompile the application.
Desired Behavior
A runtime configuration item, preferably in the administrative UI, would allow the administrator of the BHCE instance to modify the value of the middleware's default rate limiter.
Use Case
Running automation through the REST API on large instances can take a very long time. The current rate limiter value was found to have a strong negative effect and leave a lot of hardware unused.
Implementation Suggestions
I have identified the following item which would need to be plumbed into a configuration item.
At cmd/api/src/api/middleware/rate_limit.go#L36:
const DefaultRateLimit = 55
