Question 704 of 997

AZ-204 Practice Question: APIM rate-limit-by-key policy for per-subscriber…

This AZ-204 practice question tests your understanding of connect to and consume azure services and third-party services. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. A key principle to apply: rate-limit-by-key policy. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

Backend APIs exposed through Azure API Management are consumed by multiple subscribers. The product owner wants to prevent any single subscriber from sending more than 100 requests per minute, while allowing subscribers with heavier plans to have higher limits configured separately. Which APIM policy implements per-subscriber rate limiting?

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Apply the rate-limit-by-key policy using the subscription key as the counter key, with calls set to 100 and renewal-period to 60

Option A is correct because the `rate-limit-by-key` policy in Azure API Management enforces a per-key rate limit, and using the subscription key as the counter key ensures each subscriber is limited individually. The `calls` parameter set to 100 and `renewal-period` to 60 seconds matches the requirement of 100 requests per minute per subscriber, while allowing different limits for different plans by applying separate policies with different call counts.

Key principle: rate-limit-by-key policy

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Apply the rate-limit-by-key policy using the subscription key as the counter key, with calls set to 100 and renewal-period to 60

    Why this is correct

    rate-limit-by-key with counter-key='@(context.Subscription.Id)' (or the subscription key header) creates a separate 100-calls/60-second counter per subscriber. When a subscriber's counter reaches 100, APIM returns 429 Too Many Requests for that subscriber while other subscribers continue at full rate.

    Related concept

    rate-limit-by-key policy

  • Apply the quota policy to the product with a total of 100 calls per minute shared across all subscribers

    Why it's wrong here

    The quota policy enforces a cumulative call limit across all subscribers of the product. If one subscriber uses 90 calls, only 10 remain for all others in that minute. This is a global cap, not a per-subscriber limit.

  • Apply an ip-filter policy that blocks IP addresses making more than 100 requests per minute

    Why it's wrong here

    ip-filter allows or denies requests from specific IP ranges — it is an access control policy, not a rate-limiting policy. It cannot count requests per minute and cannot distinguish between subscribers sharing the same egress IP.

  • Configure a backend circuit breaker policy to return cached responses after 100 calls

    Why it's wrong here

    Circuit breaker policies detect backend failures and open the circuit to prevent cascading failures — they are not rate-limiting mechanisms. Returning cached responses after 100 calls would change response content, not enforce a per-subscriber call limit.

Common exam traps

Common exam trap: answer the scenario, not the keyword

The trap here is confusing the `quota` policy (which sets a total limit shared across all subscribers of a product) with the `rate-limit-by-key` policy (which enforces per-subscriber limits), leading candidates to pick Option B when they see 'product' and 'per minute' without recognizing the shared vs. individual distinction.

Detailed technical explanation

How to think about this question

The `rate-limit-by-key` policy uses a distributed token bucket algorithm, where each key (e.g., subscription key) has a bucket of tokens that refills at the renewal period. Under the hood, Azure API Management stores the counter in a shared cache across all gateway instances, ensuring consistent enforcement even in multi-region deployments. A real-world scenario is offering tiered plans (e.g., Basic: 100 req/min, Premium: 1000 req/min) by applying separate `rate-limit-by-key` policies with different `calls` values, each scoped to the appropriate subscription key.

KKey Concepts to Remember

  • rate-limit-by-key policy
  • Subscription key
  • Quota policy
  • Per-subscriber throttling

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

rate-limit-by-key policy

Real-world example

How this comes up in practice

A cloud solutions architect for a retail company is evaluating services for a new workload. The correct answer here reflects best practice for the specific scenario described — not a general cloud recommendation. rate-limit-by-key policy Cloud exam questions reward reading the constraint carefully: the same technology can be right or wrong depending on the use case.

What to study next

Got this wrong? Here's your next step.

Review rate-limit-by-key policy, then practise related AZ-204 questions on the same topic to reinforce the concept.

Related practice questions

Related AZ-204 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free AZ-204 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this AZ-204 question test?

Connect to and consume Azure services and third-party services — This question tests Connect to and consume Azure services and third-party services — rate-limit-by-key policy.

What is the correct answer to this question?

The correct answer is: Apply the rate-limit-by-key policy using the subscription key as the counter key, with calls set to 100 and renewal-period to 60 — Option A is correct because the `rate-limit-by-key` policy in Azure API Management enforces a per-key rate limit, and using the subscription key as the counter key ensures each subscriber is limited individually. The `calls` parameter set to 100 and `renewal-period` to 60 seconds matches the requirement of 100 requests per minute per subscriber, while allowing different limits for different plans by applying separate policies with different call counts.

What should I do if I get this AZ-204 question wrong?

Review rate-limit-by-key policy, then practise related AZ-204 questions on the same topic to reinforce the concept.

What is the key concept behind this question?

rate-limit-by-key policy

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Keep practising

More AZ-204 practice questions

Last reviewed: Jun 11, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This AZ-204 practice question is part of Courseiva's free Microsoft certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the AZ-204 exam.