Suppose I gave multiple policies in a session object for a user, which one will be chosen? What is the criteria for it? How will be it applied?
A policy is a template for a key and that key is what is used in the session. How a policy is chosen in the keys is determined by their partitions and the API being accessed. I have not tried but I assume you might get a weird behavior if you enable
rate_limit for all the policies. Or it could just select one (probably the first) out of all the policies to enforce. Generally you want to abstain from setting a configuration that could cause unintended behaviors.
Hope this helps.