I face a rate limit error from AWS, any idea on how to fix it? is there an option to throttle the requests from driftctl?
ThrottlingException: Rate exceeded
status code: 400
Tried driftctl on GitHub action, I expected it to work properly
Question posted in Amazon Web Sevices
The official Amazon Web Services documentation can be found here.
2
Answers
AWS rate limiting isn’t really controllable directly, and can’t be increased through AWS support. However, all of the AWS SDKs do automatic backoff and retry for throttling errors. It does partly depend on how driftctl is implemented too, and how it uses the AWS clients in the SDK.
Not having used the tool itself, but reading up on what it does, I suspect that it is just making a lot of API calls in a short period to try to scan all of your AWS infrastructure. I would start by configuring it not to do deep scans, and try it on a smaller terraform state file to see if you still get the problem.
It looks like it’s written in go, and probably uses the go AWS SDK. If it uses version 2.x then there are some standard environment variables you can see for that to increase the number of retries it performs by default, particularly setting
AWS_MAX_ATTEMPTS, which usually defaults to 3.https://docs.aws.amazon.com/sdkref/latest/guide/feature-retry-behavior.html
Bear in mind that when you hit these rate limits, often something is happening that may not be desirable. It’s worth turning on verbose logging for driftctl if possible, to see what the AWS API calls it’s making actually are, and if they are ones you would expect to see.
If you continue to get the problem, it’s worth logging an issue on their Github project, and trying to get someone who knows the code to help you debug it: https://github.com/snyk/driftctl
The issue with AWS API rate limiting is being discussed on
driftctlGitHub project https://github.com/snyk/driftctl/issues/1344You can try two approaches:
cpulimit -f -l 10 -- driftctl scan