System and method for global rate limiting

What is claimed is: 1 . A system for global rate limiting, comprising: a local envoy associated with a protectable service configured to: receive a request for access to the protectable service from a user; convert the received request, the converting including applying a mapping configuration file to header information of the received request to generate descriptor keys usable by a global rate limiting service; forward the converted request to the global rate limiting service; receive a response message from the global rate limiting service; and allow or reject access to the protectable service by the user based on the received response message. 2 . The system of claim 1 , further comprising the global rate limiting service configured to: receive the converted request from the local envoy; determine whether the request is rate limited based on a stored set of rules; and transmit the response message to the local envoy. 3 . The system of claim 2 , wherein the converting of the received request includes: extracting header information from the received request; and generating, from the extracted header information and based on information stored in a mapping config file, the descriptor keys associated with the request. 4 . The system of claim 3 , wherein the determining further includes comparing the received descriptor keys to a plurality of rules stored in a rule config file. 5 . The system of claim 2 , further comprising a customer resource definition collocated with the local envoy. 6 . The system of claim 5 , wherein the local envoy is further configured to receive an update, and wherein the customer resource definition is configured to: receive the update data related to the mapping config file; determine necessary changes to the rule config file of the global rate limiting service based on the received update data; and dynamically inject the changes to the global rate limiting service without restarting the envoy or the global rate limiting service. 7 . The system of claim 6 , wherein the global rate limiting service is configured to store the changes in association with the local envoy from which the update was received. 8 . A method for performing global rate limiting in an application programming interface (API) environment, comprising: converting, by one or more computing devices at a local envoy, information about a request for access from a requestor to a protectable service at the local envoy to generate a descriptor key, the converting including applying a mapping configuration file to header information of the request to generate descriptor keys usable by a global rate limiting service; requesting, by the one or more computing devices at the local envoy, an access determination from the global rate limiting service based on the descriptor key; controlling, by the one or more computing devices at the local envoy, access to the protectable service by the requestor based on the access determination. 9 . The method of claim 8 , further comprising: receiving the converted request at the global rate limiting service; determining whether the request is rate limited based on a stored set of rules; and transmit a response message in response to the determining. 10 . The method of claim 9 , wherein the converting of the received request includes: extracting header information from the received request; and generating, from the extracted header information and based on information stored in a mapping config file, the descriptor keys associated with the request. 11 . The method of claim 10 , wherein the determining further includes comparing the received descriptor keys to a plurality of rules stored in a rule config file. 12 . The method of claim 9 , further comprising receiving an update that includes update data related to the mapping config file. 13 . The method of claim 12 , further comprising: determining, by a customer resource definition, necessary changes to a rule config file based on the received update data; and dynamically inject the changes to the global rate limiting service without restarting the protectable service. 14 . The method of claim 13 , further comprising storing separate update for each of a plurality of protectable services. 15 . A global rate limiting system comprising: a local server having one or more processors configured to: receive a request for a service located at the local server; perform a local rate limiting check of the request to determine whether the request can be processed according to local rate limiting rules; in response to the request passing the local rate limiting check: convert the request based on a local conversion file, the converting including applying a mapping configuration file to header information of the received request to generate descriptor keys usable by a global rate limiting service; transmit a global rate limiting check to the global rate limiting service that includes the converted request; receive a response from the global rate limiting service that indicates whether the request is rate limited; and process or reject the request based on the received response. 16 . The system of claim 15 , wherein, in response to the request failing the local rate limiting check, rejecting and not processing the request. 17 . The system of claim 15 , wherein the converting includes: extracting header information from the received request. 18 . The system of claim 17 , wherein the global rate limiting check includes a plurality of descriptor keys. 19 . The system of claim 15 , wherein the local server is configured to receive and install an update. 20 . The system of claim 19 , wherein the local server further includes a customer resource definition configured to: identify changes to the global rate limiting service that are required from the received update; and dynamically inject the identified changes into the global rate limiting service without restarting the service of the local server.