Currently, they just 500 as an unexpected response status. Much better
would be S3's '503 Slow Down' response.
Of course, that's all dependent on where you place ratelimit in your
pipeline -- and we haven't really given clear guidance on that. I'm not
actually sure you *want* ratelimit to be after s3api and auth... but if
you *do*, let's at least handle it gracefully.
Change-Id: I36f0954fd9949d7d1404a0c381b917d1cfb17ec5
Related-Bug: 1669888
(cherry picked from commit f33c061ae9)