AWS Service Limits

New services provisioned in a VPC may be assigned IP addresses or other resources, but Amazon puts limits on VPC resources per Region. Before provisioning a new resource, make sure to check these limits.

The following tables list the limits for Amazon VPC resources per Region. Unless indicated otherwise, requests can be made to increase these limits using the Amazon VPC limits form. For some of these limits, the current limit applied can be viewed using the Limits page of the Amazon EC2 console.

Note

If a limit increase is requested that applies per resource, AWS increases the limit for all resources in the Region. For example, the limit for security groups per VPC applies to all VPCs in the Region.

VPC and Subnets

Resource

Default limit

Comments

VPCs per Region

5

The limit for
Internet gateways per
Region is directly
correlated to this
one. Increasing this
limit increases the
limit on internet
gateways per Region
by the same amount.

Subnets per VPC

200

IPv4 CIDR blocks per VPC

5

This limit is made up
of the primary CIDR
block plus 4
secondary CIDR
blocks.

IPv6 CIDR blocks per VPC

1

This limit cannot be
increased.

DNS

For more information, see DNS Limits.

Elastic IP Addresses (IPv4)

Resource

Default limit

Comments

Elastic IP addresses per Region

5

This is the limit for
the number of Elastic
IP addresses for use
in EC2-VPC. For
Elastic IP addresses
for use in
EC2-Classic, see
in the Amazon Web
Services General
Reference.

Flow Logs

Resource

Default limit

Comments

Flow logs per single
network interface,
single subnet, or
single VPC in a
Region

2

This limit cannot be
increased. There can
effectively be 6 flow
logs per network
interface by creating
2 flow logs for the
subnet, and 2 flow
logs for the VPC in
which the network
interface resides.

Gateways

Resource

Default limit

Comments

Customer gateways per Region

50

Egress-only internet gateways per Region

5

This limit is
directly correlated
with the limit on
VPCs per Region. To
increase this limit,
increase the limit on
VPCs per Region. Only
one egress-only
internet gateway can
attach to a VPC at a
time.

Internet gateways per Region

5

This limit is
directly correlated
with the limit on
VPCs per Region. To
increase this limit,
increase the limit on
VPCs per Region. Only
one internet gateway
can be attached to a
VPC at a time.

NAT gateways per Availability Zone

5

A NAT gateway in the
pending, active, or
deleting state counts
against the limit.