Account Limits in Amazon Web Services

Account Limits in Amazon Web Services

For a variety of reasons, account security being one (find out what happens when AWS security get neglected), account limits in Amazon Web Services are applied to the number of items that you can create per region. These limits are as follows:

Amazon VPC
Amazon VPC Icon

VPC and Subnet Limits

  • 5 VPC’s per region
  • 200 subnets per VPC
  • 5 IPv4 CIDR blocks per VPC
  • 1 IPv6 CIDR blocks per VPC (this limit can not be increased).

Elastic IP Addresses

  • Limited to 5 elastic IP addresses per region.


Amazon NAT Gateway
Amazon NAT Gateway Icon
  • 50 Customer gateways per region. Customer gateways are used to set up VPN connections
  • 5 Internet gateways per region
  • 5 NAT gateways per availability zone. Remember, if the state of the NAT is pending, active or deleting it counts as 1 towards your total gateways
  • 5 virtual private gateways per region.

Network Access Control Lists (NACL)

  • 200 Network ACLs per VPC. NACL’s  can be associated with one or more VPC’s
  • 20 rules per NACL.

Network Interfaces

  • 350 network interfaces are permitted.

Route Tables

AWS route table image
Amazon Route Table Icon
  • 200 route tables per VPC including the main route table
  • 50 routes per route table (non-propagated routes).

Security Groups

  • 2500 security groups per region
  • 60 inbound or outbound rules per security group
  • A maximum of 5 security groups can be applied per network interface.

Most account limits in Amazon Web Services can be lifted upon request based upon your needs. This guide gives a brief outline to the limits in Amazon Web Services, the full list can be viewed on AWS. Find out more about me and my Amazon Web Services certification or drop me a line on Twitter.


Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.