For a variety of reasons, account security being one (find out what happens when AWS security get neglected), account limits in Amazon Web Services are applied to the number of items that you can create per region. These limits are as follows:
VPC and Subnet Limits
- 5 VPC’s per region
- 200 subnets per VPC
- 5 IPv4 CIDR blocks per VPC
- 1 IPv6 CIDR blocks per VPC (this limit can not be increased).
Elastic IP Addresses
- Limited to 5 elastic IP addresses per region.
Gateways
- 50 Customer gateways per region. Customer gateways are used to set up VPN connections
- 5 Internet gateways per region
- 5 NAT gateways per availability zone. Remember, if the state of the NAT is pending, active or deleting it counts as 1 towards your total gateways
- 5 virtual private gateways per region.
Network Access Control Lists (NACL)
- 200 Network ACLs per VPC. NACL’s can be associated with one or more VPC’s
- 20 rules per NACL.
Network Interfaces
- 350 network interfaces are permitted.
Route Tables
- 200 route tables per VPC including the main route table
- 50 routes per route table (non-propagated routes).
Security Groups
- 2500 security groups per region
- 60 inbound or outbound rules per security group
- A maximum of 5 security groups can be applied per network interface.
Most account limits in Amazon Web Services can be lifted upon request based upon your needs. This guide gives a brief outline to the limits in Amazon Web Services, the full list can be viewed on AWS. Find out more about me and my Amazon Web Services certification or drop me a line on Twitter.
Leave a Reply