diff --git a/api/envoy/service/ratelimit/v3/rls.proto b/api/envoy/service/ratelimit/v3/rls.proto
index 28dd52b9b019..18a7c507da7c 100644
--- a/api/envoy/service/ratelimit/v3/rls.proto
+++ b/api/envoy/service/ratelimit/v3/rls.proto
@@ -92,6 +92,12 @@ message RateLimitResponse {
 
       // The time unit representing a day.
       DAY = 4;
+
+      // The time unit representing a month.
+      MONTH = 5;
+
+      // The time unit representing a year.
+      YEAR = 6;
     }
 
     // A name or description of this limit.
diff --git a/changelogs/current.yaml b/changelogs/current.yaml
index 762a8a14551c..77d46dcac0b8 100644
--- a/changelogs/current.yaml
+++ b/changelogs/current.yaml
@@ -29,6 +29,9 @@ minor_behavior_changes:
 - area: oauth2
   change: |
     Requests which match the passthrough header now have their own metric ``oauth_passthrough`` and aren't included in ``oauth_success`` anymore.
+- area: rate_limit
+  change: |
+    add ``MONTH`` and ``YEAR`` to the unit of time for rate limit.
 
 bug_fixes:
 # *Changes expected to improve the state of the world and are unlikely to have negative effects*
diff --git a/source/extensions/filters/http/ratelimit/ratelimit_headers.cc b/source/extensions/filters/http/ratelimit/ratelimit_headers.cc
index 2bffd908f4cb..12aec52a88a9 100644
--- a/source/extensions/filters/http/ratelimit/ratelimit_headers.cc
+++ b/source/extensions/filters/http/ratelimit/ratelimit_headers.cc
@@ -75,6 +75,10 @@ uint32_t XRateLimitHeaderUtils::convertRateLimitUnit(
     return 60 * 60;
   case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::DAY:
     return 24 * 60 * 60;
+  case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::MONTH:
+    return 30 * 24 * 60 * 60;
+  case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::YEAR:
+    return 365 * 24 * 60 * 60;
   case envoy::service::ratelimit::v3::RateLimitResponse::RateLimit::UNKNOWN:
   default:
     return 0;