Request throttling for the Amazon EC2 API - Amazon Elastic Compute Cloud
How throttling is appliedThrottling limitsMonitor API throttlingRequest a limit increase
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Request throttling for the Amazon EC2 API

Amazon EC2 throttles EC2 API requests for each Amazon account on a per-Region basis. We do this to help the performance of the service, and to ensure fair usage for all Amazon EC2 customers. Throttling ensures that calls to the Amazon EC2 API do not exceed the maximum allowed API request limits. API calls are subject to the request limits whether they originate from:

  • A third-party application

  • A command line tool

  • The Amazon EC2 console

If you exceed an API throttling limit, you get the RequestLimitExceeded error code. For more information, see Query API request rate.

Note

The limits described here apply only to Amazon EC2. For information about Auto Scaling limits, see API request rate in the Amazon EC2 Auto Scaling API Reference.

How throttling is applied

Amazon EC2 uses the token bucket algorithm to implement API throttling. With this algorithm, your account has a bucket that holds a specific number of tokens. The number of tokens in the bucket represents your throttling limit at any given second.

Amazon EC2 implements two types of API throttling:

Request rate limiting

With request rate limiting, you are throttled on the number of API requests you make. Each request that you make removes one token from the bucket. For example, the bucket size for non-mutating (Describe*) API actions is 100 tokens, so you can make up to 100 Describe* requests in one second. If you exceed 100 requests in a second, you are throttled and the remaining requests within that second fail.

Buckets automatically refill at a set rate. If the bucket is below its maximum capacity, a set number of tokens is added back to it every second until it reaches its maximum capacity. If the bucket is full when refill tokens arrive, they are discarded. The bucket cannot hold more than its maximum number of tokens. For example, the bucket size for non-mutating (Describe*) API actions is 100 tokens, and the refill rate is 20 tokens per second. If you make 100 Describe* API requests in a second, the bucket is immediately reduced to zero (0) tokens. The bucket is then refilled by 20 tokens every second, until it reaches its maximum capacity of 100 tokens. This means that the previously empty bucket reaches its maximum capacity after 5 seconds.

You do not need to wait for the bucket to be completely full before you can make API requests. You can use tokens as they are added to the bucket. If you immediately use the refill tokens, the bucket does not reach its maximum capacity. For example, the bucket size for console non-mutating actions is 100 tokens, and the refill rate is 10 tokens per second. If you deplete the bucket by making 100 API requests in a second, you can continue to make 10 API requests per second. The bucket can refill to the maximum capacity only if you make fewer than 10 API requests per second.

Resource rate limiting

Some API actions, such as RunInstances and TerminateInstances, as described in the table that follows, use resource rate limiting in addition to request rate limiting. These API actions have a separate resource token bucket that depletes based on the number of resources that are impacted by the request. Like request token buckets, resource token buckets have a bucket maximum that allows you to burst, and a refill rate that allows you to sustain a steady rate of requests for as long as needed. If you exceed a specific bucket limit for an API, including when a bucket has not yet refilled to support the next API call, the action of the API is limited even though you have not reached the total API throttle limit.

For example, the resource token bucket size for RunInstances is 1000 tokens, and the refill rate is two tokens per second. Therefore, you can immediately launch 1000 instances, using any number of API requests, such as one request for 1000 instances or four requests for 250 instances. After the resource token bucket is empty, you can launch up to two instances every second, using either one request for two instances or two requests for one instance.

For more information, see Resource token bucket sizes and refill rates.

Throttling limits

The following sections describe the request token bucket and resource token bucket sizes and refill rates.

Request token bucket sizes and refill rates

For request rate limiting purposes, API actions are grouped into the following categories:

  • Non-mutating actions — API actions that retrieve data about resources. This category generally includes all Describe* actions, such as DescribeRouteTables, DescribeImages, and DescribeHosts. These API actions typically have the highest API throttling limits.

  • Unfiltered and unpaginated non-mutating actions — A specific subset of non-mutating API actions that, when called without specifying either pagination or a filter, use tokens from a smaller token bucket. It is recommended that you make use of pagination and filtering so that tokens are deducted from the standard (larger) token bucket.

  • Mutating actions — API actions that create, modify, or delete resources. This category generally includes all API actions that are not categorized as non-mutating actions, such as CreateVolume, ModifyHosts, and DeleteSnapshot. These actions have a lower throttling limit than non-mutating API calls.

  • Resource-intensive actions — Mutating API actions that take the most time and consume the most resources to complete. These actions have an even lower throttling limit than mutating actions. They are throttled separately from other mutating actions.

  • Console non-mutating actions — Non-mutating API actions that are called from the Amazon EC2 console. These API actions are throttled separately from other non-mutating API actions.

  • Uncategorized actions — These API actions receive their own token bucket sizes and refill rates, even though by definition they fit in one of the other categories.

The following table shows the request token bucket sizes and refill rates for all Amazon Regions.

API action category Actions Bucket maximum capacity Bucket refill rate
Non-mutating actions

  • Describe*

  • Get*

 100 20
Unfiltered and unpaginated non-mutating actions

  • DescribeInstances

  • DescribeNetworkInterfaces

  • DescribeVolumes

  • DescribeInstanceStatus

  • DescribeSnapshots

  • DescribeSecurityGroups

  • DescribeSpotInstanceRequests

 50 10
Mutating actions

API actions that are not categorized as non-mutating actions.

 200 5
Resource-intensive actions

  • AuthorizeSecurityGroupIngress

  • CancelSpotInstanceRequests

  • CreateKeyPair

  • RequestSpotInstances

  • RevokeSecurityGroupIngress

  • CreateVpcPeeringConnection

  • AcceptVpcPeeringConnection

  • RejectVpcPeeringConnection

  • DeleteVpcPeeringConnection

 50 5
Console non-mutating actions

  • Describe*

  • Get*

 100 10
Uncategorized actions RunInstances 5 2
StartInstances 5 2
CreateVpcEndpoint 4 0.3
ModifyVpcEndpoint 4 0.3
DeleteVpcEndpoints 4 0.3
AcceptVpcEndpointConnections 10 1
RejectVpcEndpointConnections 10 1
CreateVpcEndpointServiceConfiguration 10 1
ModifyVpcEndpointServiceConfiguration 10 1
DeleteVpcEndpointServiceConfigurations 10 1
CreateDefaultVpc 1 1
CreateDefaultSubnet 1 1
MoveAddressToVpc 1 1
RestoreAddressToClassic 1 1
DescribeMovingAddresses 1 1
AdvertiseByoipCidr 1 0.1
ProvisionByoipCidr 1 0.1
DescribeByoipCidrs 1 0.5
DeprovisionByoipCidr 1 0.1
WithdrawByoipCidr 1 0.1
DescribeReservedInstancesOfferings 10 10
PurchaseReservedInstancesOffering 5 5
DescribeSpotFleetRequests 50 3
DescribeSpotFleetInstances 100 5
DescribeSpotFleetRequestHistory 100 5
AssociateEnclaveCertificateIamRole 10 1
DisassociateEnclaveCertificateIamRole 10 1
GetAssociatedEnclaveCertificateIamRoles 10 1
GetConsoleScreenshot

5 per account

2 per instance

5 per account

1 per instance

Resource token bucket sizes and refill rates

The following table lists the resource token bucket sizes and refill rates for API actions that use resource rate limiting.

API action Bucket maximum capacity Bucket refill rate
RunInstances 1000 2
TerminateInstances 1000 20
StartInstances 1000 2
StopInstances 1000 20

Monitor API throttling

You can use Amazon CloudWatch to monitor your Amazon EC2 API calls and to collect and track metrics around API throttling. You can also create an alarm to warn you when you are close to reaching the API throttling limits. For more information, see Monitoring API requests using Amazon CloudWatch.

Request a limit increase

You can request an increase for API throttling limits for your Amazon Web Services account. Open Amazon Support Center Console and create a case to request a service limit increase for Amazon EC2.