Amazon Virtual Private Cloud endpoints and quotas - AWS General Reference

Amazon Virtual Private Cloud endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Service endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2 HTTPS
US East (N. Virginia) us-east-1 HTTPS
US West (N. California) us-west-1 HTTPS
US West (Oregon) us-west-2 HTTPS
Africa (Cape Town) af-south-1 HTTPS
Asia Pacific (Hong Kong) ap-east-1 HTTPS
Asia Pacific (Mumbai) ap-south-1 HTTPS
Asia Pacific (Osaka) ap-northeast-3 HTTPS
Asia Pacific (Seoul) ap-northeast-2 HTTPS
Asia Pacific (Singapore) ap-southeast-1 HTTPS
Asia Pacific (Sydney) ap-southeast-2 HTTPS
Asia Pacific (Tokyo) ap-northeast-1 HTTPS
Canada (Central) ca-central-1 HTTPS
Europe (Frankfurt) eu-central-1 HTTPS
Europe (Ireland) eu-west-1 HTTPS
Europe (London) eu-west-2 HTTPS
Europe (Milan) eu-south-1 HTTPS
Europe (Paris) eu-west-3 HTTPS
Europe (Stockholm) eu-north-1 HTTPS
Middle East (Bahrain) me-south-1 HTTPS
South America (São Paulo) sa-east-1 HTTPS
AWS GovCloud (US-East) us-gov-east-1 HTTPS
AWS GovCloud (US-West) us-gov-west-1 HTTPS

If you specify the general endpoint (, Amazon VPC directs your request to the us-east-1 endpoint.

Service quotas

Name Default Adjustable
Active VPC peering connections per VPC 50 Yes
Characters per VPC endpoint policy 20,480 No
Egress-only internet gateways per Region 5 Yes
Gateway VPC endpoints per Region 20 Yes
IPv4 CIDR blocks per VPC 5 Yes
IPv6 CIDR blocks per VPC 1 No
Inbound or outbound rules per security group 60 Yes
Interface VPC endpoints per VPC 50 Yes
Internet gateways per Region 5 Yes
NAT gateways per Availability Zone 5 Yes
Network ACLs per VPC 200 Yes
Network interfaces per Region 5,000 Yes
Outstanding VPC peering connection requests 25 Yes
Participant accounts per VPC 100 Yes
Route tables per VPC 200 Yes
Routes per route table 50 Yes
Rules per network ACL 20 Yes
Security groups per network interface 5 Yes
Subnets per VPC 200 Yes
Subnets that can be shared with an account 100 Yes
VPC peering connection request expiry hours 168 No
VPC security groups per Region 2,500 Yes
VPCs per Region 5 Yes

The following quotas are for VPC Reachability Analyzer.

Name Default Adjustable
Reachability Analyzer Analyses 1,000 Yes
Reachability Analyzer Paths 100 Yes
Reachability Analyzer concurrent Analyses 6 Yes

For more information, see the following: