Menu
Amazon Web Services
General Reference (Version 1.0)

AWS Service Limits

The following tables provide the default limits for AWS services for an AWS account. Unless otherwise noted, each limit is region specific. Many services contain limits that cannot be changed. For more information about the limits for a specific service, see the documentation for that service.

If your support plan includes Trusted Advisor, you can use it to display your usage and limits for each service in a specific region. For more information, see Trusted Advisor.

You can take the following steps to request an increase for limits. These increases are not granted immediately, so it may take a couple of days for your increase to become effective.

To request a limit increase

  1. Open the AWS Support Center page, sign in, if necessary, and then choose Create Case.

  2. Under Regarding, choose Service Limit Increase.

  3. Under Limit Type, choose the type of limit to increase, fill in the necessary fields in the form, and then choose your preferred method of contact.

Default Limits

Amazon API Gateway Limits

The following limits apply to configuring and running an API in Amazon API Gateway and can be increased upon request to optimize performances of a deployed API in Amazon API Gateway.

Resource or OperationDefault Limit
Throttle rate per account1000 request per second (rps) with a burst limit of 2000 rps.
APIs per account60
API keys per account500
Custom authorizers per API10
Client certificates per account60
Documentation parts per account2000
Resources per API 300
Stages per API10
Usage plans per account300

For information about additional documented limits, see Limits in Amazon API Gateway in the API Gateway Developer Guide.

AWS Application Discovery Service Limits

ResourceDefault Limit
Inactive agents heartbeating but not collecting data10,000
Active agents sending data to the service250
Total collected data for all agents, per day10 GB
Data storage duration before being purged90 days

Amazon AppStream Limits

An Amazon AppStream account has a service limit of up to five concurrent streaming sessions:

  • Up to two concurrent streaming application deployments using the interactive wizard.

  • Up to three streaming applications in the Building, Active, or Error states.

For more information, see Amazon AppStream Application Lifecycle in the Amazon AppStream Developer Guide.

Amazon AppStream 2.0 Limits

Default Limits Per Region

ResourceDefault Limit
Stacks5 per account
Fleets5 per account
Streaming Instances5 per account
Images5 per account
Users5 per account

Application Auto Scaling Limits

ResourceDefault Limit
Scalable targets500
Scaling policies per scalable target50
Step adjustments per scaling policy20

Athena Limits

ResourceDefault Limit
Number of concurrent queries5
Query timeout30 minutes
Number of databases100
Number of tables per database100
Number of partitions per table20,000

Auto Scaling Limits

ResourceDefault Limit
Launch configurations100
Auto Scaling groups20
Scaling policies per Auto Scaling group50
Scheduled actions per Auto Scaling group125
Lifecycle hooks per Auto Scaling group50
SNS topics per Auto Scaling group10
Load balancers per Auto Scaling group50
Target groups per Auto Scaling group50
Step adjustments per scaling policy20

For information about additional documented limits, see Auto Scaling Limits in the Auto Scaling User Guide.

AWS Certificate Manager (ACM) Limits

ItemDefault Limit
Number of ACM-provided certificates100
Number of imported certificates100
Number of domain names per ACM-provided certificate10

For more information about these limits, see Limits in the AWS Certificate Manager User Guide.

AWS CloudFormation Limits

ResourceDefault Limit
Stacks200

For information about additional documented limits, see AWS CloudFormation Limits in the AWS CloudFormation User Guide.

Amazon CloudFront Limits

ResourceDefault Limit
Data transfer rate per distribution40 Gbps
Requests per second per distribution100,000
Web distributions per account200
RTMP distributions per account100
Alternate domain names (CNAMEs) per distribution100
Origins per distribution25
Cache behaviors per distribution25
Whitelisted headers per cache behavior10
Whitelisted cookies per cache behavior10
SSL certificates per account when serving HTTPS requests using dedicated IP addresses (no limit when serving HTTPS requests using SNI)2
Custom headers that you can have Amazon CloudFront forward to the origin10 name–value pairs

For information about additional documented limits, see Limits in the Amazon CloudFront Developer Guide.

AWS CloudHSM Limits

ResourceDefault Limit
HSM appliances3
High-availability partition groups20
Clients800

Amazon CloudSearch Limits

ResourceDefault Limit
Partitions10
Search instances50

For information about additional documented limits, see Understanding Amazon CloudSearch Limits in the Amazon CloudSearch Developer Guide.

Amazon CloudWatch Limits

ResourceDefault LimitComments

DescribeAlarms

3 transactions per second (TPS)

The maximum number of operation requests you can make per second without being throttled.

You can request a limit increase.

GetMetricStatistics

400 transactions per second (TPS)

The maximum number of operation requests you can make per second without being throttled.

You can request a limit increase.

ListMetrics

25 transactions per second (TPS)

The maximum number of operation requests you can make per second without being throttled.

You can request a limit increase.

PutMetricAlarm

3 transactions per second (TPS)

The maximum number of operation requests you can make per second without being throttled.

You can request a limit increase.

PutMetricData

150 transactions per second (TPS)

The maximum number of operation requests you can make per second without being throttled.

You can request a limit increase.

For information about additional documented limits, see CloudWatch, CloudWatch Events, and CloudWatch Logs Limits in the Amazon CloudWatch User Guide.

Amazon CloudWatch Events Limits

ResourceDefault LimitComments

Rules

50/account

You can request a limit increase.

Before requesting a limit increase, examine your rules. You may have multiple rules each matching to very specific events. Consider broadening their scope by using fewer identifiers in your Events and Event Patterns. In addition, a rule can invoke several targets each time it matches an event. Consider adding more targets to your rules.

For information about additional documented limits, see CloudWatch, CloudWatch Events, and CloudWatch Logs Limits in the Amazon CloudWatch User Guide.

Amazon CloudWatch Logs Limits

ResourceDefault LimitComments

CreateLogGroup

500 log groups/account/region

If you exceed your log group limit, you get a ResourceLimitExceeded exception.

You can request a limit increase.

DescribeLogStreams

5 transactions per second (TPS)/account/region

If you experience frequent throttling, you can request a limit increase.

FilterLogEvents

5 transactions per second (TPS)/account/region

This limit can be changed only in special circumstances. If you experience frequent throttling, contact AWS Support.

GetLogEvents

5 transactions per second (TPS)/account/region

We recommend subscriptions if you are continuously processing new data. If you need historical data, we recommend exporting your data to Amazon S3. This limit can be changed only in special circumstances. If you experience frequent throttling, contact AWS Support.

For information about additional documented limits, see CloudWatch, CloudWatch Events, and CloudWatch Logs Limits in the Amazon CloudWatch User Guide.

AWS CodeBuild Limits

ResourceDefault Limit
Maximum number of build projects1,000
Maximum number of concurrent running builds20

For information about additional documented limits, see Limits for AWS CodeBuild in the AWS CodeBuild User Guide.

AWS CodeCommit Limits

ResourceDefault Limit
Number of repositories1,000 per AWS account

For information about additional documented limits, see Limits in AWS CodeCommit in the AWS CodeCommit User Guide.

AWS CodeDeploy Limits

ResourceDefault Limit
Number of applications under an account in a single region40
Number of concurrent deployments under an account10
Number of deployment groups associated with a single application50
Number of instances in a single deployment50

For information about additional documented limits, see Limits in AWS CodeDeploy in the AWS CodeDeploy User Guide.

AWS CodePipeline Limits

ResourceDefault Limit

Number of pipelines per AWS account

20

Number of stages in a pipeline

Minimum of 2, maxi­mum of 10

Number of actions in a stage

Minimum of 1, maxi­mum of 20

Number of parallel actions in a stage5
Number of sequential actions in a stage5

Number of custom actions per AWS account

20

Maximum number of revisions running across all pipelines

20

Maximum size of source artifacts

500 megabytes (MB)

Maximum number of times an action can be run per month

1,000 per calendar month

It may take up to two weeks to process requests for a limit increase.

For information about additional documented limits, see Limits in AWS CodePipeline in the AWS CodePipeline User Guide.

AWS Config Limits

AttributeDefault LimitNotes
Number of AWS Config rules per region in your account50If you need to increase this limit, contact AWS Support.

AWS Data Pipeline Limits

AttributeLimitAdjustable
Number of pipelines100Yes
Number of objects per pipeline100Yes
Number of active instances per object5Yes
Number of fields per object50No
Number of UTF8 bytes per field name or identifier256No
Number of UTF8 bytes per field10,240No
Number of UTF8 bytes per object15,360 (including field names)No
Rate of creation of a instance from an object1 per 5 minutesNo
Retries of a pipeline activity5 per taskNo
Minimum delay between retry attempts2 minutesNo
Minimum scheduling interval15 minutesNo
Maximum number of roll-ups into a single object32No
Maximum number of EC2 instances per Ec2Resource object1No

For additional limits, see AWS Data Pipeline Limits in the AWS Data Pipeline Developer Guide.

AWS Database Migration Service Limits

ResourceDefault Limit
Replication instances 20
Total amount of storage 6 TB
Replication subnet groups 20
Subnets per replication subnet group 20
Endpoints 100
Tasks 200
Endpoints per instance 20

AWS Device Farm Limits

ResourceDefault LimitComments

App file size you can upload

4 GB

Number of devices AWS Device Farm can test during a run

5

This limit can be increased to 100 upon request.

Number of devices you can include in a test run

None

Number of runs you can schedule

None

 
Duration of a remote access session

60 minutes

 

AWS Direct Connect Limits

ResourceDefault LimitComment
Virtual interfaces per AWS Direct Connect connection50If you need to increase this limit, submit a request.
Active AWS Direct Connect connections per region per account50If you need to increase this limit, submit a request.
Routes per Border Gateway Protocol (BGP) session100This limit cannot be increased.

AWS Directory Service Limits

ResourceDefault Limit
AD Connector directories10
AWS Directory Service for Microsoft Active Directory (Enterprise Edition) directories10
Simple AD directories10
Manual snapshots5 per Microsoft AD
Manual snapshots5 per Simple AD

Amazon DynamoDB Limits

ResourceDefault Limit
US East (N. Virginia) Region:

Maximum capacity units per table or global secondary index

40,000 read capacity units and 40,000 write capacity units
US East (N. Virginia) Region:

Maximum capacity units per account

80,000 read capacity units and 80,000 write capacity units
All other regions:

Maximum capacity units per table or global secondary index

10,000 read capacity units and 10,000 write capacity units
All other regions:

Maximum capacity units per account

20,000 read capacity units and 20,000 write capacity units
Maximum number of tables 256

For information about additional documented limits, see Limits in Amazon DynamoDB in the Amazon DynamoDB Developer Guide.

Amazon EC2 Container Registry (Amazon ECR) Limits

ResourceDefault Limit
Maximum number of repositories per account1,000
Maximum number of images per repository1,000

For information about additional documented limits, see Amazon ECR Service Limits in the Amazon EC2 Container Registry User Guide.

Amazon EC2 Container Service (Amazon ECS) Limits

ResourceDefault Limit
Number of clusters per region per account1000
Number of container instances per cluster1000
Number of services per cluster500

For information about additional documented limits, see Amazon ECS Service Limits in the Amazon EC2 Container Service Developer Guide.

Amazon EC2 Systems Manager Limits

ResourceDefault LimitComment
Managed instances500Each AWS account can register/activate a maximum of 500 managed instances in a region.
SSM documents200Each AWS account can create a maximum of 200 documents.
Privately shared SSM document20A single SSM document can be shared with a maximum of 20 AWS accounts.
Publicly shared SSM document5Each AWS account can publicly share a maximum of five documents.
Associations10,000Each SSM document can be associated with a maximum of 10,000 instances.

AWS Elastic Beanstalk Limits

ResourceDefault Limit
Applications75
Application Versions1000
Environments200

Amazon Elastic Block Store (Amazon EBS) Limits

ResourceDefault Limit
Number of EBS volumes5,000
Number of EBS snapshots10,000
Total volume storage of General Purpose SSD (gp2) volumes20 TiB
Total volume storage of Provisioned IOPS SSD (io1) volumes20 TiB
Total volume storage of Throughput Optimized HDD (st1)20 TiB
Total volume storage of Cold HDD (sc1)20 TiB
Total volume storage of Magnetic volumes20 TiB
Total provisioned IOPS40,000 

For information about additional documented limits, see Amazon EC2 Service Limits in the Amazon EC2 User Guide for Linux Instances.

Amazon Elastic Compute Cloud (Amazon EC2) Limits

ResourceDefault Limit
Elastic IP addresses for EC2-Classic5
Security groups for EC2-Classic per instance500
Rules per security group for EC2-Classic100
Key pairs5,000
Throttle on the emails that can be sent from your Amazon EC2 accountThrottle applied
On-Demand instancesLimits vary depending on instance type. For more information, see How many instances can I run in Amazon EC2.
Spot InstancesLimits vary depending on instance type, region, and account. For more information, see Spot Instance Limits.
Reserved Instances20 instance reservations per Availability Zone, per month.
Dedicated HostsUp to 2 Dedicated Hosts per instance family, per region can be allocated.
AMI CopiesDestination regions are limited to 50 concurrent AMI copies at a time, with no more than 25 of those coming from a single source region.

For information about related limits for EC2-VPC, see Amazon Virtual Private Cloud (Amazon VPC) Limits.

For information about viewing your current limits, see Amazon EC2 Service Limits in the Amazon EC2 User Guide for Linux Instances.

Amazon Elastic File System Limits

ResourceDefault Limit
Total throughput per file system3 GB/s for all connected clients

For information about additional documented limits, see Amazon EFS Limits in the Amazon Elastic File System User Guide.

Elastic Load Balancing Limits

Elastic Load Balancing supports two types of load balancers: Application load balancers and Classic load balancers.

Application Load Balancers

ResourceDefault Limit
Load balancers per region20
Target groups per region200
Listeners per load balancer10
Targets per load balancer1000
Subnets per Availability Zone per load balancer1
Security groups per load balancer5
Rules per load balancer (not counting default rules)10
Number of times a target can be registered per load balancer100
Load balancers per target group1
Targets per target group1000

Classic Load Balancers

ResourceDefault Limit
Load balancers per region20
Listeners per load balancer100
Security groups per load balancer5
Subnets per Availability Zone per load balancer1

This limit includes both your Application load balancers and your Classic load balancers. This limit can be increased upon request.

Amazon Elastic Transcoder Limits

ResourceDefault Limit
Pipelines per region4
User-defined presets50
Maximum number of jobs processed simultaneously by each pipeline

US East (N. Virginia) Region – 20

US West (N. California) Region – 12

US West (Oregon) Region – 20

Asia Pacific (Mumbai) Region – 12

Asia Pacific (Singapore) Region – 12

Asia Pacific (Sydney) Region – 12

Asia Pacific (Tokyo) Region – 12

EU (Ireland) Region – 20

It may take up to two weeks to process requests for a limit increase.

For information about additional documented limits, see Amazon Elastic Transcoder limits in the Amazon Elastic Transcoder Developer Guide.

Amazon ElastiCache Limits

ResourceDefault LimitDescription
Nodes per region100The maximum number of nodes across all clusters in a region.
Nodes per cluster (Memcached)20The maximum number of nodes in an individual Memcached cluster.
Nodes per cluster (Redis)1The maximum number of nodes in an individual Redis cluster.
Clusters per replication group (Redis)6The maximum number of clusters in a Redis replication group. One is the read/write primary. All others are read only replicas.
Parameter groups per region20The maximum number of parameters groups you can create in a region.
Security groups per region50The maximum number of security groups you can create in a region.
Subnet groups per region50The maximum number of subnet groups you can create in a region.
Subnets per subnet group20The maximum number of subnets you can define for a subnet group.

These limits are global limits per customer account. If you need to exceed these limits, make your request using the ElastiCache Node request form.

Amazon Elasticsearch Service Limits

ResourceDefault Limit
Number of Amazon ES instances per cluster20

Amazon GameLift Limits

ResourceDefault Limit
Aliases20
Fleets20
Builds1000
Total size of builds100 GB
Log upload size per game session 200 MB
On-demand instancesLimits vary depending on instance type;

20 instances per account, regardless of instance type

Server processes per instance

1 with GameLift SDK v2.x

50 with GameLift SDK v3.x and up

Player sessions per game session200

For information about additional documented limits, see Scaling Amazon Elastic Compute Cloud (Amazon EC2) Instances in the Amazon GameLift Developer Guide.

AWS Identity and Access Management (IAM) Limits

ResourceDefault Limit
Groups per account100
Instance profiles100
Roles250
Server certificates20
Users5000

For information about additional documented limits, see Limitations on IAM Entities and Objects in the IAM User Guide.

AWS Import/Export Limits

AWS Snowball (Snowball)

ResourceDefault LimitComments
Snowball1

If you need to increase this limit, contact AWS Support.

Amazon Inspector Limits

ResourceDefault Limit
Running agents500
Assessment runs50,000
Assessment templates500
Assessment targets50

For more information, see the Amazon Inspector User Guide.

AWS IoT Limits

The following limits apply to the message broker:

Topic length limit The topic passed to the message broker when publishing a message cannot exceed 256 bytes encoded in UTF-8.
Restricted topic prefix Topics beginning with '$' are considered reserved and are not supported for publishing and subscribing except when working with the Thing Shadows service.
Maximum number of slashes in topic and topic filter

A topic provided while publishing a message or a topic filter provided while subscribing can have no more than eight forward slashes (/).

Client ID size limit 128 bytes encoded in UTF-8.
Restricted client ID prefix '$' is reserved for internally generated client IDs.
Message size limit

The payload for every publish message is limited to 128 KB. The AWS IoT service will reject messages larger than this size.

Throughput per connection

AWS IoT limits the ingress and egress rate on each client connection to 512 KB/s. Data sent or received at a higher rate will be throttled to this throughput.

Maximum subscriptions per subscribe call

A single subscribe call is limited to request a maximum of eight subscriptions.

Subscriptions per session

The message broker limits each client session to subscribe to up to 50 subscriptions. A subscribe request that pushes the total number of subscriptions past 50 will result in the connection being disconnected.

Connection inactivity (keep-alive) limits

By default, an MQTT client connection is disconnected after 30 minutes of inactivity. When the client sends a PUBLISH, SUBSCRIBE, PING, or PUBACK message, the inactivity timer is reset.

A client can request a shorter keep-alive interval by specifying a keep-alive value between 5-1,200 seconds in the MQTT CONNECT message sent to the server. If a keep-alive value is specified, the server will disconnect the client if it does not receive a PUBLISH, SUBSCRIBE, PINGREQ, or PUBACK message within a period 1.5 times the requested interval. The keep-alive timer starts after the sender sends a CONNACK.

If a client sends a keep-alive value of zero, the default keep-alive behavior will remain in place.

If a client request a keep-alive shorter than 5 seconds, the server will treat the client as though it requested a keep-alive interval of 5 seconds.

The keep-alive timer begins immediately after the server returns a CONNACK to the client. There may be a brief delay between the client's sending of a CONNECT message and the start of keep-alive behavior.

Maximum inbound unacknowledged messages The message broker allows 100 in-flight unacknowledged messages (limit is across all messages requiring ACK). When this limit is reached, no new messages will be accepted until an ACK is returned by the server.
Maximum outbound unacknowledged messages The message broker only allows 100 in-flight unacknowledged messages (limit is across all messages requiring ACK). When this limit is reached, no new messages will be sent to the client until the client acknowledges the in-flight messages.
Maximum retry interval for delivering QoS 1 messages If a connected client is unable to receive an ACK on a QoS 1 message for one hour, the message broker will drop the message. The client may be unable to receive the message if it has 100 in-flight messages, it is being throttled due to large payloads, or other errors.
WebSocket connection durationWebSocket connections are limited to 24 hours. If the limit is exceeded, the WebSocket connection will automatically be closed when an attempt is made to send a message by the client or server. If you need to maintain an active WebSocket connection for longer than 5 minutes, simply close and re-open the WebSocket connection from the client side before the 5 minutes elapses.

The following limits apply to thing shadows:

Maximum size of a JSON state documentThe maximum size of a JSON state document is 8 KB.
Maximum number of JSON objects per AWS accountThere is no limit on the number of JSON objects per AWS account.
Shadow lifetimeA thing shadow is deleted by AWS IoT if it has not been updated or retrieved in more than 1 year.
Maximum number of in-flight, unacknowledged messagesThe Thing Shadows service supports up to 10 in-flight unacknowledged messages. When this limit is reached, all new shadow requests will be rejected with a 429 error code.
Maximum depth of JSON device state documentsThe maximum number of levels in the "desired" or "reported" section of the JSON device state document is 5. For example:
"desired": {
    "one": {
        "two": {
            "three": {
                "four": {
                    "five":{
                    }
                 }
             }
        }
    }
}

The following limits apply to security and identity:

  • You can attach up to 10 policies to an AWS IoT certificate.

  • You can keep up to 5 versions of a named policy.

  • Policy document size is limited to 2048 characters (excluding white space).

Throttling Limits

The following table lists the throttling limits for AWS IoT API:

APITransaction per Second
AcceptCertificateTransfer10
AttachThingPrincipal15
CancelCertificateTransfer10
CreateCertificateFromCsr15
CreatePolicy10
CreatePolicyVersion10
CreateThing15
DeleteCertificate10
DeleteCACertificate10
DeletePolicy10
DeletePolicyVersion10
DeleteThing10
DescribeCertificate10
DescribeCACertificate10
DescribeThing10
DetachThingPrincipal10
DetachPrincipalPolicy15
DeleteRegistrationCode10
GetPolicy10
GetPolicyVersion15
GetRegistrationCode10
ListCertificates10
ListCertificatesByCA10
ListPolicies10
ListPolicyVersions10
ListPrincipalPolicies15
ListPrincipalThings10
ListThings10
ListThingPrincipals10
RegisterCertificate10
RegisterCACertificate10
RejectCertificateTransfer10
SetDefaultPolicyVersion10
TransferCertificate10
UpdateCertificate10
UpdateCACertificate10
UpdateThing10

AWS IoT Rules Engine Limits

The following limit applies to the AWS IoT rules engine

  • There is a limit of 1000 rules per AWS account.

AWS Key Management Service (AWS KMS) Limits

ResourceDefault Limit
Customer Master Keys (CMKs)1000
Aliases1100
Grants per CMK2500
Grants for a given principal per CMK30
Requests per secondVaries by API operation; see Limits in the AWS Key Management Service Developer Guide.

All limits in the preceding table apply per region and per AWS account.

For information about additional documented limits, see Limits in the AWS Key Management Service Developer Guide.

Amazon Kinesis Firehose Limits

ResourceDefault Limit
Delivery streams per region

20

Delivery stream capacity †

2,000 transactions/second

5,000 records/second

5 MB/second

† The three capacity limits scale proportionally. For example, if you increase the throughput limit to 10MB/second, the other limits increase to 4,000 transactions/second and 10,000 records/second.

For information about additional documented limits, see Amazon Kinesis Firehose Limits in the Amazon Kinesis Firehose Developer Guide.

Amazon Kinesis Streams Limits

ResourceDefault Limit
Shards per region

US East (N. Virginia) Region – 50

US West (Oregon) Region – 50

EU (Ireland) Region – 50

All other supported regions – 25

For information about additional documented limits, see Amazon Kinesis Streams Limits in the Amazon Kinesis Streams Developer Guide.

AWS Lambda Limits

ResourceLimit
Concurrent requests safety throttle per account100

For information about additional documented limits, see AWS Lambda Limits in the AWS Lambda Developer Guide.

Amazon Lightsail Limits

ResourceDefault LimitComment
Number of instances20 per accountThis limit cannot be increased.
Number of elastic IP addresses5 per accountThis limit cannot be increased.
Number of parallel SSH connections3 x the number of instances in the accountThis limit cannot be increased.
Number of hosted zones3 per accountThis limit cannot be increased.

Amazon Machine Learning (Amazon ML) Limits

ResourceDefault Limit
Data file size*100 GB
Batch prediction input size1 TB
Batch prediction input (number of records)100 million
Number of variables in a data file (schema)1,000
Recipe complexity (number of processed output variables)10,000
Transactions Per Second for each real-time prediction endpoint200
Total Transactions Per Second for all real-time prediction endpoints10,000
Total RAM for all real-time prediction endpoints10 GB
Number of simultaneous jobs5
Longest run time for any job7 days
Number of classes for multiclass ML models100
ML model size2 GB

Note

The size of your data files is limited to ensure that jobs finish in a timely manner. Jobs that have been running for more than seven days will be automatically terminated, resulting in a FAILED status.

For information about additional documented limits, see Amazon ML Limits in the Amazon Machine Learning Developer Guide.

AWS OpsWorks for Chef Automate Limits

ResourceDefault Limit
Chef servers5
User-initiated (manual) backup generations10
Automated (scheduled) backup generations30

AWS OpsWorks Stacks Limits

ResourceDefault Limit
Stacks40
Layers per stack40
Instances per stack40
Apps per stack40

Amazon Polly Limits

  • Throttle rate per IP address: 20 requests per second (rps) with a burst limit of 40 rps.

  • Throttle rate per account: 10 requests per second (rps) with a burst limit of 20 rps.

  • Throttle rate per operation:

    Operation

    Limit

    Lexicon

     

    DeleteLexicon

    PutLexicon

    GetLexicon

    ListLexicons

    Any 2 requests per second (rps) from these operations combined.

    Maximum allowed burst of 4 rps.

    Speech

    DescribeVoices

    10 rps with a burst limit of 20 rps

    SynthesizeSpeech

    10 rps with a burst limit of 20 rps


Amazon Pinpoint Limits

ResourceDefault Limit
Active campaigns per account100
Apps per account100
Concurrent endpoint import jobs per account2
Custom event types per app1500
Endpoint custom attributes per app40
Endpoints per mobile app user10
Message sends per campaign activity100 million
Segments per app200
Total file size per endpoint import job1 GB

Amazon Redshift Limits

ResourceDefault Limit
Nodes per cluster101
Nodes200
Reserved Nodes200
Snapshots20
Parameter Groups20
Security Groups20
Subnet Groups20
Subnets per Subnet Group20
Event Subscriptions20

For information about additional documented limits, see Limits in Amazon Redshift in the Amazon Redshift Cluster Management Guide.

Amazon Relational Database Service (Amazon RDS) Limits

ResourceDefault Limit
Clusters40
Cluster parameter groups50
DB Instances40
Event subscriptions20
Manual snapshots50
Manual cluster snapshots50
Option groups20
Parameter groups50
Read replicas per master5
Reserved instances (purchased per month)40
Rules per security group20
Security groups25
Security groups (VPC)5
Subnet groups20
Subnets per subnet group20
Tags per resource50
Total storage for all DB instances100 TB

Amazon Route 53 Limits

ResourceDefault Limit
Hosted zones500
Domains50
Resource record sets per hosted zone10,000
Reusable delegation sets100
Hosted zones that can use the same reusable delegation set100
Amazon VPCs that you can associate with a private hosted zone100
Health checks50
Traffic policies50
Policy records5

For information about additional documented limits, see Amazon Route 53 Limits in the Amazon Route 53 Developer Guide.

AWS Service Catalog Limits

ResourceDefault Limit
Portfolios25 per account
Users, groups, and roles25 per portfolio
Products25 per portfolio, 25 total per account
Product versions50 per product
Constraints25 per product per portfolio
Tags20 per product, 20 per portfolio, 50 per provisioned product
Stacks200 (AWS CloudFormation limit)

AWS Shield Advanced Limits

AWS Shield Advanced offers advanced monitoring and protection for up to 100 CloudFront distributions, Amazon Route 53 hosted zones or Elastic Load Balancing resources combined.

Amazon Simple Email Service (Amazon SES) Limits

The following are the default limits for Amazon SES in the sandbox environment.

ResourceDefault Limit
Daily sending quota200 messages per 24 hour period.
Maximum send rate1 email per second.

Note

The rate at which Amazon SES accepts your messages might be less than the maximum send rate.

Recipient address verificationAll recipient addresses must be verified.

For information about additional documented limits, see Limits in Amazon SES in the Amazon Simple Email Service Developer Guide.

Amazon Simple Notification Service (Amazon SNS) Limits

ResourceDefault Limit
Topics100,000
Account spend threshold for SMS50 USD
Delivery rate for promotional SMS messages20 messages per second
Delivery rate for transactional SMS messages20 messages per second

If you need to increase any of these limits, submit a request.

Amazon Simple Queue Service (Amazon SQS)

For information about additional documented limits, see Limits, Restrictions in the Amazon SQS FAQs and Amazon SQS Limits in the Amazon Simple Queue Service Developer Guide.

Amazon Simple Storage Service (Amazon S3) Limits

ResourceDefault Limit
Buckets100 per account

For information about additional documented limits, see Amazon S3 limits in the Amazon Simple Storage Service Developer Guide.

Amazon Simple Workflow Service (Amazon SWF) Limits

For information about additional documented limits, see Amazon SWF Service Limits in the Amazon Simple Workflow Service Developer Guide.

Amazon SimpleDB Limits

ResourceDefault Limit
Domains250

For information about additional documented limits, see Amazon SimpleDB Limits in the Amazon SimpleDB Developer Guide.

Amazon Virtual Private Cloud (Amazon VPC) Limits

ResourceDefault limitComments

VPCs per region

5

The limit for Internet gateways per region is directly correlated to this one. Increasing this limit will increase the limit on Internet gateways per region by the same amount. If you need to increase this limit, submit a request.

Subnets per VPC

200

If you need to increase this limit, submit a request.

Internet gateways per region

5

This limit is directly correlated with the limit on VPCs per region. You cannot increase this limit individually; the only way to increase this limit is to increase the limit on VPCs per region. Only one Internet gateway can be attached to a VPC at a time.

Egress-only Internet gateways per region5This limit is directly correlated with the limit on VPCs per region. You cannot increase this limit individually; the only way to increase this limit is to increase the limit on VPCs per region. Only one egress-only Internet gateway can be attached to a VPC at a time.

Virtual private gateways per region

5

If you need to increase this limit, contact AWS Support; however, only one virtual private gateway can be attached to a VPC at a time.

Customer gateways per region

50

If you need to increase this limit, contact AWS Support.

VPN connections per region

50

If you need to increase this limit, submit a request.

VPN connections per VPC (per virtual private gateway)

10

If you need to increase this limit, submit a request.

Route tables per VPC

200

Including the main route table. You can associate one route table to one or more subnets in a VPC.

Routes per route table (non-propagated routes)

50

This is the limit for the number of non-propagated entries per route table. You can submit a request for an increase of up to a maximum of 100; however, network performance may be impacted. This limit is enforced separately for IPv4 routes and IPv6 routes (50 each, and a maximum of 100 each).

BGP advertised routes per route table (propagated routes)

100

You can have up to 100 propagated routes per route table; however, the total number of propagated and non-propagated entries per route table cannot exceed 100. For example, if you have 50 non-propagated entries (the default limit for this type of entry), you can only have 50 propagated entries. This limit cannot be increased. If you require more than 100 prefixes, advertise a default route.

Elastic IP addresses per region for each AWS account

5

This is the limit for the number of VPC Elastic IP addresses you can allocate within a region. This is a separate limit from the Amazon EC2 Elastic IP address limit. If you need to increase this limit, submit a request.

Security groups per VPC

500

If you need to increase this limit, you can submit a request.

Inbound or outbound rules per security group

50

You can have 50 inbound and 50 outbound rules per security group (giving a total of 100 combined inbound and outbound rules). If you need to increase or decrease this limit, you can contact AWS Support — a limit change applies to both inbound and outbound rules. However, the multiple of the limit for inbound or outbound rules per security group and the limit for security groups per network interface cannot exceed 250. For example, if you want to increase the limit to 100, we decrease your number of security groups per network interface to 2. This limit includes both IPv4 and IPv6 rules.

Security groups per network interface

5

If you need to increase or decrease this limit, you can contact AWS Support. The maximum is 16. The multiple of the limit for security groups per network interface and the limit for rules per security group cannot exceed 250. For example, if you want 10 security groups per network interface, we decrease your number of rules per security group to 25.

Network interfaces per instance

-

This limit varies by instance type. For more information, see IP Addresses Per ENI Per Instance Type.

Network interfaces per region

350

This limit is the greater of either the default limit (350) or your On-Demand instance limit multiplied by 5. The default limit for On-Demand instances is 20. If your On-Demand instance limit is below 70, the default limit of 350 applies. You can increase the number of network interfaces per region by contacting AWS Support, or by increasing your On-Demand instance limit.

Network ACLs per VPC

200

You can associate one network ACL to one or more subnets in a VPC. This limit is not the same as the number of rules per network ACL.

Rules per network ACL

20

This is the one-way limit for a single network ACL, where the limit for ingress rules is 20, and the limit for egress rules is 20. This limit includes both IPv4 and IPv6 rules, and includes the default deny rules (rule number 32767 for IPv4 and 32768 for IPv6, or an asterisk * in the Amazon VPC console).

This limit can be increased upon request up to a maximum if 40; however, network performance may be impacted due to the increased workload to process the additional rules.

Active VPC peering connections per VPC

50

If you need to increase this limit, contact AWS Support . The maximum limit is 125 peering connections per VPC. The number of entries per route table should be increased accordingly; however, network performance may be impacted.

Outstanding VPC peering connection requests

25

This is the limit for the number of outstanding VPC peering connection requests that you've requested from your account. If you need to increase this limit, contact AWS Support.

Expiry time for an unaccepted VPC peering connection request

1 week (168 hours)

If you need to increase this limit, contact AWS Support.

VPC endpoints per region

20

If you need to increase this limit, contact AWS Support. The maximum limit is 255 endpoints per VPC, regardless of your endpoint limit per region.

Flow logs per single network interface, single subnet, or single VPC in a region

2You can effectively have 6 flow logs per network interface if you create 2 flow logs for the subnet, and 2 flow logs for the VPC in which your network interface resides. This limit cannot be increased.
NAT gateways per Availability Zone5If you need to increase this limit, submit a request. A NAT gateway in the pending, active, or deleting state counts against your limit.

For information about additional documented limits, see Amazon VPC Limits in the Amazon VPC User Guide.

AWS WAF Limits

ResourceDefault Limit
Web ACLs per account10
Rules per account50
Conditions per account50
Requests per Second10,000 per web ACL

These limits are the same for all regions in which AWS WAF is available. Each region is subject to these limits individually. That is, the limits are not cumulative across regions.

For information about additional documented limits, see AWS WAF Limits in the AWS WAF Developer Guide.

Amazon WorkSpaces Limits

ResourceDefault LimitComments
WorkSpaces 5To prevent denial of service attacks, accounts new to the Amazon WorkSpaces service are limited to five WorkSpaces.

For information about additional documented limits, see Amazon WorkSpaces Limits in the Amazon WorkSpaces Administration Guide.

On this page: