Amazon API Gateway quotas and important notes - Amazon API Gateway

Amazon API Gateway quotas and important notes

Unless noted otherwise, the quotas can be increased upon request. To request a quota increase, you can use Service Quotas or contact the AWS Support Center.

When authorization is enabled on a method, the maximum length of the method's ARN (for example, arn:aws:execute-api:{region-id}:{account-id}:{api-id}/{stage-id}/{method}/{resource}/{path}) is 1600 bytes. The path parameter values (whose size is determined at runtime) can cause the ARN length to exceed the limit. When this happens, the API client receives a 414 Request URI too long response.

Note

This limits URI length when resource policies are used. In the case of private APIs where a resource policy is required, this limits the URI length of all private APIs.

API Gateway account-level quotas, per Region

The following quotas apply per account, per Region in Amazon API Gateway.

Resource or operation Default quota Can be increased
Throttle quota per account, per Region across HTTP APIs, REST APIs, WebSocket APIs, and WebSocket callback APIs 10,000 requests per second (RPS) with an additional burst capacity provided by the token bucket algorithm, using a maximum bucket capacity of 5,000 requests. *
Note

The burst quota is determined by the API Gateway service team based on the overall RPS quota for the account in the Region. It is not a quota that a customer can control or request changes to.

Yes
Regional APIs 600 No
Edge-optimized APIs 120 No

* For the Africa (Cape Town) and Europe (Milan) Regions, the default throttle quota is 2500 RPS and the default burst quota is 1250 RPS.

HTTP API quotas

The following quotas apply to configuring and running an HTTP API in API Gateway.

Resource or operation Default quota Can be increased
Routes per API 300 Yes
Integrations per API 300 No
Maximum integration timeout 30 seconds No
Stages per API 10 Yes
Multi-level API mappings per domain 200 No
Tags per stage 50 No
Total combined size of request line and header values 10240 bytes No
Payload size 10 MB No
Custom domains per account per Region 120 Yes
Access log template size 3 KB No
Amazon CloudWatch Logs log entry 1 MB No
Authorizers per API 10 Yes
Audiences per authorizer 50 No
Scopes per route 10 No
Timeout for JSON Web Key Set endpoint 1500 ms No
Response size from JSON Web Key Set endpoint 150000 bytes No
Timeout for OpenID Connect discovery endpoint 1500 ms No
Timeout for Lambda authorizer response 10000 ms No
VPC links per account per Region 10 Yes
Subnets per VPC link 10 Yes
Stage variables per stage 100 No
Length, in characters, of the key in a stage variable 64 No
Length, in characters, of the value in a stage variable 512 No

API Gateway quotas for configuring and running a WebSocket API

The following quotas apply to configuring and running a WebSocket API in Amazon API Gateway.

Resource or operation Default quota Can be increased
New connections per second per account (across all WebSocket APIs) per Region 500 Yes
Concurrent connections Not applicable * Not applicable
AWS Lambda authorizers per API 10 Yes
AWS Lambda authorizer result size 8 KB No
Routes per API 300 Yes
Integrations per API 300 Yes
Integration timeout 50 milliseconds - 29 seconds for all integration types, including Lambda, Lambda proxy, HTTP, HTTP proxy, and AWS integrations. No
Stages per API 10 Yes
WebSocket frame size 32 KB No
Message payload size 128 KB ** No
Connection duration for WebSocket API 2 hours No
Idle Connection Timeout 10 minutes No
Length, in characters, of the URL for a WebSocket API 4096 No

* API Gateway doesn't enforce a quota on concurrent connections. The maximum number of concurrent connections is determined by the rate of new connections per second and maximum connection duration of two hours. For example, with the default quota of 500 new connections per second, if clients connect at the maximum rate over two hours, API Gateway can serve up to 3,600,000 concurrent connections.

** Because of the WebSocket frame-size quota of 32 KB, a message larger than 32 KB must be split into multiple frames, each 32 KB or smaller. This applies to @connections commands. If a larger message (or larger frame size) is received, the connection is closed with code 1009.

API Gateway quotas for configuring and running a REST API

The following quotas apply to configuring and running a REST API in Amazon API Gateway.

Resource or operation Default quota Can be increased
Custom domain names per account per Region 120 Yes
Multi-level API mappings per domain 200 No
Length, in characters, of the URL for an edge-optimized API 8192 No
Length, in characters, of the URL for a regional API 10240 No
Private APIs per account per Region 600 No
Length, in characters, of API Gateway resource policy 8192 Yes
API keys per account per Region 10000 No
Client certificates per account per Region 60 Yes
Authorizers per API (AWS Lambda and Amazon Cognito) 10 Yes
Documentation parts per API 2000 Yes
Resources per API 300 Yes
Stages per API 10 Yes
Stage variables per stage 100 No
Length, in characters, of the key in a stage variable 64 No
Length, in characters, of the value in a stage variable 512 No
Usage plans per account per Region 300 Yes
Usage plans per API key 10 Yes
VPC links per account per Region 20 Yes
API caching TTL 300 seconds by default and configurable between 0 and 3600 by an API owner. Not for the upper bound (3600)
Cached response size 1048576 Bytes. Cache data encryption may increase the size of the item that is being cached. No
Integration timeout 50 milliseconds - 29 seconds for all integration types, including Lambda, Lambda proxy, HTTP, HTTP proxy, and AWS integrations. Not for the lower or upper bounds.
Total combined size of all header values 10240 Bytes No
Total combined size of all header values for a private API 8000 Bytes No
Payload size 10 MB No
Tags per stage 50 No
Number of iterations in a #foreach ... #end loop in mapping templates 1000 No
ARN length of a method with authorization 1600 bytes No
Method-level throttling settings for a stage in a usage plan 20 Yes
Model size per API 400 KB No
Number of certificates in a truststore 1,000 certificates up to 1 MB total object size. No

For restapi:import or restapi:put, the maximum size of the API definition file is 6 MB.

All of the per-API quotas can only be increased on specific APIs.

API Gateway quotas for creating, deploying and managing an API

The following fixed quotas apply to creating, deploying, and managing an API in API Gateway, using the AWS CLI, the API Gateway console, or the API Gateway REST API and its SDKs. These quotas can't be increased.

Action Default quota Can be increased
CreateApiKey 5 requests per second per account No
CreateDeployment 1 request every 5 seconds per account No
CreateDocumentationVersion 1 request every 20 seconds per account No
CreateDomainName 1 request every 30 seconds per account No
CreateResource 5 requests per second per account No
CreateRestApi
Regional or private API
  • 1 request every 3 seconds per account

Edge-optimized API
  • 1 request every 30 seconds per account

No
CreateVpcLink (V2) 1 request every 15 seconds per account No
DeleteApiKey 5 requests per second per account No
DeleteDomainName 1 request every 30 seconds per account No
DeleteResource 5 requests per second per account No
DeleteRestApi 1 request every 30 seconds per account No
GetResources 5 requests every 2 seconds per account No
DeleteVpcLink (V2) 1 request every 30 seconds per account No
ImportDocumentationParts 1 request every 30 seconds per account No
ImportRestApi
Regional or private API
  • 1 request every 3 seconds per account

Edge-optimized API
  • 1 request every 30 seconds per account

No
PutRestApi 1 request per second per account No
UpdateAccount 1 request every 20 seconds per account No
UpdateDomainName 1 request every 30 seconds per account No
UpdateUsagePlan 1 request every 20 seconds per account No
Other operations No quota up to the total account quota. No
Total operations 10 requests per second with a burst quota of 40 requests per second. No