Device Bootstrap - Limits and Throttling
Certificate requests from devices will be fulfilled by the Bootstrap API as usual, as long as the workflows are used normally. In order to prevent devices (misconfigured/faulty/rogue) from over utilizing the underlying Profiles/ IAM and IoT resources, the following quota limits and throttling will apply,
###Success Rotation Lock
-
Each device can make a maximum of 10 successful certificate requests in a 24 hour window.
-
Beyond which device’s configuration status will change to SuccessRotationLock and successive requests will receive below response.
Status Code: 400: BAD REQUESTResponse:{"error": {"errors": [{"code": null,"message": "Device reached certificate rotation limit. Next certificate rotation can be requested after 2023-04-07T12:13:18Z","type": "ValidationException"}]},"requestId": "3d4a507c-315b-4d11-a8b4-53c69d7473bf","statusCode": "400","timestamp": "2023-04-06T12:13:57.783104"} -
In ideal scenarios, devices usually make only 1 certificate request during initial provisioning or during certificate expiry(every 3 years).
-
Applications can still choose to PATCH the status of the device configuration to Active whenever needed to make the successive certificate requests work, without having to wait for the 24 hr window to elapse.
###Failure Rotation Lock
-
Device configuration will be locked after 10 consecutive failure requests in a 24 hour window.
-
Device’s configuration status will change to FailureRotationLock and successive requests will receive below response.
Status Code: 400: BAD REQUESTResponse:{"error": {"errors": [{"code": null,"message": "Device locked due to exceeding failure certificate rotation limit. Please unlock device or next certificate rotation can be requested after 2023-04-07T12:15:24Z","type": "ValidationException"}]},"requestId": "3d4a507c-315b-4d11-a8b4-53c69d7473bf","statusCode": "400","timestamp": "2023-04-06T12:13:57.783104"} -
In ideal scenarios, if a certificate request from devices fails due to reasons like misconfigured public key, invalid group, insufficient permissions, etc.,(other than throttling), a simple retry of request will not fix the problem.
-
After fixing the root cause of the issue, applications can PATCH the status of the device configuration to ‘Active’ immediately, to make the successive certificate requests work, without having to wait for the 24 hr window to elapse.
###Too Many Requests
Unusual high traffic from sources may get throttled with 429: Too Many Requests. Ensure to have retry for such cases in devices. 429: Too Many Requests failures will not be counted towards the failure rotation lock.