Amazon PrivateLink quotas - Amazon Virtual Private Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon PrivateLink quotas

The following tables list the quotas, formerly referred to as limits, for Amazon PrivateLink resources per Region for your account. Unless indicated otherwise, you can request an increase for these quotas. For more information, see Requesting a quota increase in the Service Quotas User Guide.

If you request a quota increase that applies per resource, we increase the quota for all resources in the Region.

Name Default Adjustable Comments
Interface and Gateway Load Balancer endpoints per VPC 50 Yes This is a combined quota for interface endpoints and Gateway Load Balancer endpoints
Gateway VPC endpoints per Region 20 Yes You can create up to 255 gateway endpoints per VPC
Characters per VPC endpoint policy 20,480 No The maximum size of a VPC endpoint policy, including white space

The following considerations apply to traffic that passes through a VPC endpoint:

  • By default, each VPC endpoint can support a bandwidth of up to 10 Gbps per Availability Zone, and automatically scales up to 100 Gbps. The maximum bandwidth for a VPC endpoint, when distributing the load across all Availability Zones, is the number of Availability Zones multiplied by 100 Gbps. If your application needs higher throughput, contact Amazon support.

  • The maximum transmission unit (MTU) of a network connection is the size, in bytes, of the largest permissible packet that can be passed through a VPC endpoint. The larger the MTU, the more data that can be passed in a single packet. A VPC endpoint supports an MTU of 8500 bytes. Packets with a size larger than 8500 bytes that arrive at the VPC endpoint are dropped.

  • Path MTU Discovery (PMTUD) is not supported. VPC endpoints do not generate the following ICMP message: Destination Unreachable: Fragmentation needed and Don't Fragment was Set (Type 3, Code 4).

  • VPC endpoints enforce Maximum Segment Size (MSS) clamping for all packets. For more information, see RFC879.