Allow whitelisted IPs to bypass API rate limits #1799

rileyhgrant · 2025-09-30T19:20:25Z

Overall the strategy to have a list of whitelisted IPs thats private is:

Store the IPs (and other details for readability) in a json file in GCS
Give the API kubernetes service account access to read from GCS
On API startup, load the IPs from the json file into memory
On each api call, check the IP against the array of whitelisted IPs in memory
- Skip the rate limiting if the IP is whitelisted

Curious as to a few things:

Does this approach seem reasonable?
Is completely bypassing rate limiting fine? Or should we just give a more lenient rate limit to whitelisted IPs

feat(graphql-api): add Google Cloud Storage as a dependency

b52b4c4

rileyhgrant force-pushed the add-whitelisted-ips branch from 0c6d7da to 00d0547 Compare September 30, 2025 19:39

rileyhgrant self-assigned this Sep 30, 2025

rileyhgrant force-pushed the add-whitelisted-ips branch 3 times, most recently from 7e899f9 to 5416d55 Compare September 30, 2025 21:36

feat(graphql-api): allow whitelisted IPs to bypass rate limits

2f6d596

rileyhgrant force-pushed the add-whitelisted-ips branch from 5416d55 to 2f6d596 Compare September 30, 2025 21:45

rileyhgrant requested review from phildarnowsky-broad and mattsolo1 October 1, 2025 18:51

mattsolo1 approved these changes Oct 1, 2025

View reviewed changes

phildarnowsky-broad approved these changes Oct 2, 2025

View reviewed changes

rileyhgrant merged commit dc9ca20 into main Oct 2, 2025
6 checks passed

rileyhgrant deleted the add-whitelisted-ips branch October 2, 2025 18:54

Provide feedback