We have a requirement to limit the number of requests a user can make on a particular service to 5000/day for inbound traffic.
API Gateway: 9.4
Use the Apply Throughput Quota Assertion:
Attached are two sample policies of the ATPQ Assertion for:
1. Requests made by an authenticated user
2. Requests made by an IP address