AWS PrivateLink quotas - Amazon Virtual Private Cloud

AWS PrivateLink quotas

The following tables list the quotas, formerly referred to as limits, for AWS PrivateLink resources per Region for your account. Unless indicated otherwise, you can request an increase for these quotas. For more information, see Requesting a quota increase in the Service Quotas User Guide.

If you request a quota increase that applies per resource, we increase the quota for all resources in the Region.

Name Default Adjustable Comments
Gateway VPC endpoints per Region 20 Yes There is a limit of 255 gateway endpoints per VPC
Interface and Gateway Load Balancer endpoints per VPC 50 Yes This is the combined quota for interface endpoints and Gateway Load Balancer endpoints for a VPC
VPC endpoint policy size 20,480 characters No The size of a VPC endpoint policy includes white spaces

The following apply to traffic that passes through a VPC endpoint.

  • By default, each interface endpoint can support a bandwidth of up to 10 Gbps per Availability Zone. and bursts of up to 40Gbps. If your application needs higher bursts or sustained throughput, contact AWS support.

  • The maximum transmission unit (MTU) of a network connection is the size, in bytes, of the largest permissible packet that can be passed through the VPC endpoint. The larger the MTU, the more data that can be passed in a single packet. A VPC endpoint supports an MTU of 8500 bytes. Packets with a size larger than 8500 bytes that arrive at the VPC endpoint are dropped.

  • The VPC endpoint does not generate the FRAG_NEEDEDICMP packet, so Path MTU Discovery (PMTUD) is not supported.

  • The VPC endpoint enforces Maximum Segment Size (MSS) clamping for all packets. For more information, see RFC879.