Menu
Amazon Virtual Private Cloud
User Guide (API Version 2015-04-15)

Amazon VPC Limits

The following table lists the limits related to Amazon VPC. Unless indicated otherwise, you can request an increase for any of these limits by using the Amazon VPC Limits form.

ResourceDefault limitComments

VPCs per region

5

This limit can be increased upon request. The limit for Internet gateways per region is directly correlated to this one. Increasing this limit will increase the limit on Internet gateways per region by the same amount.

Subnets per VPC

200

This limit can be increased upon request.

Internet gateways per region

5

This limit is directly correlated with the limit on VPCs per region. You cannot increase this limit individually; the only way to increase this limit is to increase the limit on VPCs per region. Only one Internet gateway can be attached to a VPC at a time.

Virtual private gateways per region

5

This limit can be increased upon request; however, only one virtual private gateway can be attached to a VPC at a time.

Customer gateways per region

50

This limit can be increased upon request.

VPN connections per region

50

This limit can be increased upon request.

VPN connections per VPC (per virtual private gateway)

10

This limit can be increased upon request.

Route tables per VPC

200

Including the main route table. You can associate one route table to one or more subnets in a VPC.

Routes per route table

50

This is the limit for the number of non-propagated entries per route table. This limit can be increased upon request; however, network performance may be impacted.

BGP advertised routes per VPN connection (propagated routes)

100

You can have up to 100 propagated routes per route table; however, the total number of propagated and non-propagated entries per route table cannot exceed 100. For example, if you have 50 non-propagated entries (the limit for this type of entry), you can only have 50 propagated entries. This limit cannot be increased. If you require more than 100 prefixes, advertise a default route.

Elastic IP addresses per region for each AWS account

5

This is the limit for the number of VPC Elastic IPs you can allocate within a region. This is a separate limit from the EC2 Elastic IP address limit. This limit can be increased upon request.

Security groups per VPC

100

You can request an increase for this limit; however, an increase is not guaranteed. Network performance may be impacted, depending on the way the security groups are configured. We may reject a request if such a performance risk exists.

Rules per security group

50

This limit can be increased or decreased upon request, however, the multiple of the limit for rules per security group and the limit for security groups per network interface cannot exceed 250. For example, if you want 100 rules per security group, we decrease your number of security groups per network interface to 2.

Security groups per network interface

5

This limit can be increased or decreased upon request; up to a maximum of 16. The multiple of the limit for security groups per network interface and the limit for rules per security group cannot exceed 250. For example, if you want 10 security groups per network interface, we decrease your number of rules per security group to 25.

Network interfaces per instance

-

This limit varies by instance type. For more information, see Private IP Addresses Per ENI Per Instance Type.

Network interfaces per VPC

100

This limit is calculated by multiplying your On-Demand instance limit by 5. The default limit for On-Demand instances is 20. You can increase the number of network interfaces per VPC by request, or by increasing your On-Demand instance limit.

Network ACLs per VPC

200

You can associate one network ACL to one or more subnets in a VPC. This limit is not the same as the number of rules per network ACL.

Rules per network ACL

20

This is the one-way limit for a single network ACL, where the limit for ingress rules is 20, and the limit for egress rules is 20.

Active VPC peering connections per VPC

50

This limit can be increased via special request to AWS Support. The maximum limit is 125 peering connections per VPC. The number of entries per route table should be increased accordingly; however, network performance may be impacted.

Outstanding VPC peering connection requests

25

This is the limit for the number of outstanding VPC peering connection requests that you've requested from your account. This limit can be increased via special request to AWS Support.

Expiry time for an unaccepted VPC peering connection request

1 week (168 hours)

This limit can be increased via special request to AWS Support.

VPC endpoints per region

20

This limit can be increased upon request; up to a maximum of 255 endpoints per VPC.

Flow logs per single network interface, single subnet, or single VPC in a region

2You can effectively have 6 flow logs per network interface if you create 2 flow logs for the subnet, and 2 flow logs for the VPC in which your network interface resides. This limit cannot be increased.