Current Approach: API Gateway after authorization proxies request to lambda function which calls a 3rd party service using Admin keys stored in session manager on behalf of the client.
Issue: There is a limit on the number of parallel requests that can be made using the Admin key.
New Approach: Create 10 Admin keys & store in Secrets manager and round robin b/w the keys for each API request to API gateway and prevent the throttling.
So, is there a way to handle the round robin approach by making sure each request doesn't make use the Admin key used in the previous request? Can this be achieved without making use of any additional resources other than the mentioned 3 resources viz API Gateway, Lambda function, Secrets Manager.
So, is there a way to handle the round robin approach by making sure each request doesn't make use the Admin key used in the previous request?
Not really. How would you handle concurrency when two requests from users come in at the same time? You could try some sort of distributed locking mechanism, but that's going to cause a severe bottleneck in your application.
I recommend simply configuring the Lambda function to load all 10 API keys on start, into an array. Then on each request, have it generate a random number between 0 and 9, and use the API key at that index.