Quotas - Amazon Route 53 (original) (raw)
Amazon Route 53 API requests and entities are subject to the following quotas (formerly referred to as "limits").
Topics
Using Service Quotas to view and manage quotas
You can use the Service Quotas service to view quotas and to request quota increases for many AWS services. For more information, see the Service Quotas User Guide. (You can currently use Service Quotas to view and manage domains, Route 53 ,and Route 53 Resolver quotas.)
Note
To view quotas and request higher quotas for Route 53, you must change the Region to US East (N. Virginia). To view quotas and request higher quotas for Resolver, change to the applicable Region.
Quotas on entities
Amazon Route 53 entities are subject to the following quotas.
For information on getting current quotas (formerly referred to as "limits"), see the following Route 53 actions:
- GetAccountLimit – Gets quotas on health checks, hosted zones, reusable delegation sets, traffic flow policies, and traffic flow policy records
- GetHostedZoneLimit – Gets quotas on records in a hosted zone and on Amazon VPCs that you can associate with a private hosted zone
- GetReusableDelegationSetLimit – Gets the quota on the number of hosted zones that you can associate with a reusable delegation set
Topics
- Quotas on domains
- Quotas on hosted zones
- Quotas on records
- Quotas on Route 53 Resolver
- Quotas on health checks
- Quotas on query log configurations
- Quotas on traffic flow policies and policy records
- Quotas on reusable delegation sets
- Quotas on Route 53 Profiles
Quotas on domains
*****The limit is 20 for new customers as of March 2021.
If you have an existing account and your default limit is 50 now, it will remain at 50.
Quotas on hosted zones
Entity | Quota |
---|---|
Hosted zones | Initial quota of 500 per AWS account, but you can request a higher quota as needed. Request a higher quota. |
Hosted zones that can use the same reusable delegation set | 100 Request a higher quota. |
Amazon VPCs that you can associate with a private hosted zone per hosted zone | 300 If you want more than 300 associations, we recommend you use Route 53 Profiles. For more information, see What are Amazon Route 53 Profiles?. |
Private hosted zones that you can associate a VPC with | No quota * |
Authorizations that you can create so you can associate VPCs that were created by one account with a hosted zone that was created by another account | 1000 |
The number of key signing keys (KSK) that you can create per hosted zone | 2 |
* You can associate a VPC with any or all of the private hosted zones that you control through your AWS accounts. For example, suppose you have three AWS accounts and all three have the default quota of 500 hosted zones. If you create 500 private hosted zones for all three accounts, you can associate a VPC with all 1,500 private hosted zones.
Quotas on records
Entity | Quota |
---|---|
Records | 10,000 per hosted zone Request a higher quota. For a quota greater than 10,000 records in a hosted zone, an additional charge applies.For more information, see Amazon Route 53 Pricing. |
Records in a record set | 400 per record set |
Geolocation, latency, multivalue answer, weighted, and IP-based records | 100 records that have the same name and type |
Geoproximity records | 30 records that have the same name and type |
CIDR collections | 5 per AWS account. Request a higher quota. |
CIDR blocks | 1000 per CIDR collection. Request a higher quota. |
Quotas on Route 53 Resolver
This section includes all the Route 53 Resolver quotas
Quotas on Route 53 Resolver
Use the following procedure to increase quotas for Route 53 Resolver.
To increase Resolver quotas
- Open the Service Quotas console at https://console.aws.amazon.com/servicequotas/home/services/route53resolver/quotas.
- Go to the region where you want to increase the limit.
- Select the Route 53 Resolver Quota name you want to increase.
- Select Request quota increase, enter the quota value, and then select Request.
Quotas on Route 53 Resolver endpoints
Entity | Quota |
---|---|
Endpoints per AWS Region | 4 per AWS account Request a higher quota. |
IP addresses per endpoint | 6 Request a higher quota. |
IP addresses per rule | 6 |
Rules per AWS Region | 1000 per AWS account Request a higher quota. |
Associations between rules and VPCs per AWS Region | 2000 per AWS account Request a higher quota. |
UDP Queries per second per IP address in an endpoint | 10,000* |
* Each IP address in an endpoint can process up to 10,000 UDP DNS queries per second (QPS). The number of DNS QPS varies by the type of query, size of the response, health of the target name servers, query response times, round trip latency, and the protocol in use. For example, queries to a target name server that is slow to respond can significantly reduce the capacity of the network interface. Additionally, to ensure high availability, Route 53 Resolver generates redundant outbound queries for each DNS request that it receives. As a result, the QPS for each outbound network interface will not match the QPS sent to Route 53 Resolver. Use CloudWatch metrics to measure how many queries are being sent to each network interface. For more information, seeMetrics for Resolver IP addresses. If your maximum query rate exceeds 50% of the capacity for any network interface in the endpoint, you can add more network interfaces to increase the endpoint capacity.
Connections made through applications like Network Load Balancer and AWS Lambda (for a full list see Automatically tracked connections ) are automatically tracked, even if the security group configuration does not otherwise require tracking.
If the connection tracking is enforced either by using restrictive security group rules or queries are routed through Network Load Balancer, the overall maximum queries per second per IP address for an inbound endpoint can be as low as 1500.
Quotas on Route 53 Resolver query logs
Entity | Quota |
---|---|
Query log configurations per AWS Region | 20 |
Query log configuration VPC associations per AWS Region* | 100 |
Query log configuration VPC associations per account per AWS Region (shared using RAM) for the account that the configuration was shared to. | 100 |
* This is a hard limit. You can't create another query log configuration in the same AWS Region and associate additional 100 VPCs to it.
Quotas on Route 53 Resolver DNS Firewall
Entity | Quota |
---|---|
Number of rule groups associated to a VPC for a single account per AWS Region | 5 |
Number of DNS Firewall domains in a single Amazon S3 file for a single account per AWS Region | 250,000 Request a higher quota. |
Number of DNS Firewall rule groups for a single account per AWS Region | 1,000 Request a higher quota. |
Number of rules within a rule group for a single account per AWS Region | 100 Request a higher quota. |
Number of domain lists for a single account per AWS Region | 1000 Request a higher quota. |
The maximum number of domains that you can specify across all of the domain lists for a single account per AWS Region | 100,000 Request a higher quota. |
Quotas on Resolver on Outpost
Entity | Quota |
---|---|
Resolver on Outpost instance limit | 6 (with a minimum of 4 required) |
Resolver on Outpost instance types and the number of DNS queries per second each instance type can accommodate:
Instance type | Queries per second |
---|---|
c5.large | Up to 7,000 |
c5.xlarge | Up to 12,000 |
c5.2xlarge | Up to 24,000 |
c5.4xlarge | Up to 56,000 |
c5d.large | Up to 7,000 |
c5d.xlarge | Up to 12,000 |
c5d.2xlarge | Up to 24,000 |
c5d.4xlarge | Up to 56,000 |
m5.large | Up to 7,000 |
m5.xlarge | Up to 12,000 |
m5.2xlarge | Up to 24,000 |
m5.4xlarge | Up to 56,000 |
m5d.large | Up to 7,000 |
m5d.xlarge | Up to 12,000 |
m5d.2xlarge | Up to 24,000 |
m5d.4xlarge | Up to 56,000 |
r5.large | Up to 7,000 |
r5.xlarge | Up to 12,000 |
r5.2xlarge | Up to 24,000 |
r5.4xlarge | Up to 56,000 |
r5d.large | Up to 7,000 |
r5d.xlarge | Up to 12,000 |
r5d.2xlarge | Up to 24,000 |
r5d.4xlarge | Up to 56,000 |
Resolver on Outpost endpoint instance types and the number of DNS queries per second each instance type can accommodate:
Instance type | Queries per second |
---|---|
c5.large | Up to 5,000 |
c5.xlarge | Up to 10,000 |
c5.2xlarge | Up to 18,000 |
c5.4xlarge | Up to 30,000 |
c5d.large | Up to 5,000 |
c5d.xlarge | Up to 10,000 |
c5d.2xlarge | Up to 18,000 |
c5d.4xlarge | Up to 30,000 |
m5.large | Up to 5,000 |
m5.xlarge | Up to 10,000 |
m5.2xlarge | Up to 18,000 |
m5.4xlarge | Up to 30,000 |
m5d.large | Up to 5,000 |
m5d.xlarge | Up to 10,000 |
m5d.2xlarge | Up to 18,000 |
m5d.4xlarge | Up to 30,000 |
r5.large | Up to 5,000 |
r5.xlarge | Up to 10,000 |
r5.2xlarge | Up to 18,000 |
r5.4xlarge | Up to 30,000 |
r5d.large | Up to 5,000 |
r5d.xlarge | Up to 10,000 |
r5d.2xlarge | Up to 18,000 |
r5d.4xlarge | Up to 30,000 |
Quotas on health checks
Entity | Quota |
---|---|
Health checks | 200 active health checks per AWS account Request a higher quota. |
Child health checks that a calculated health check can monitor | 255 |
Maximum total length of headers in the response to a health check request | 16,384 bytes (16K) |
Quotas on query log configurations
Entity | Quota |
---|---|
Query log configurations | 1 per hosted zone |
Quotas on traffic flow policies and policy records
Quotas on reusable delegation sets
Quotas on Route 53 Profiles
Entity | Quota |
---|---|
Number of Route 53 Profiles per AWS account in a Region | 5 Request a higher quota. |
Number of VPCs that can be associated to a Profile | 1000 Request a higher quota. |
Number of DNS Firewall rule groups per Profile | 5 |
Number of Resolver rules per Profile | 1000 Request a higher quota. |
Number of private hosted zones per a Profile | 1,000 Request a higher quota. |
Maximums on API requests
Amazon Route 53 API requests are subject to the following maximums.
Topics
- Number of elements and characters in ChangeResourceRecordSets requests
- Frequency of Amazon Route 53 API requests
- Frequency of Route 53 Resolver API requests
Number of elements and characters in ChangeResourceRecordSets
requests
ResourceRecord
elements
A request cannot contain more than 1,000 ResourceRecord
elements (including alias records). When the value of the Action
element isUPSERT
, each ResourceRecord
element is counted twice.
Maximum number of characters
The sum of the number of characters (including spaces) in all Value
elements in a request cannot exceed 32,000 characters. When the value of the Action
element is UPSERT
, each character in a Value
element is counted twice.
Frequency of Amazon Route 53 API requests
All Amazon Route 53 API requests
For the Amazon Route 53 APIs five requests per second per AWS account. If you submit more than five requests per second, Amazon Route 53 returns an HTTP 400 error (Bad request
). The response header also includes a Code
element with a value of Throttling
and a Message
element with a value of Rate exceeded
.
Note
If your application exceeds this limit, we recommend that you implement exponential backoff for retries. For more information, see Error Retries and Exponential Backoff in AWS in the Amazon Web Services General Reference.
ChangeResourceRecordSets
requests
If Route 53 can't process a request before the next request arrives, it will reject subsequent requests for the same hosted zone and return an HTTP 400 error (Bad request
). The response header also includes a Code
element with a value of PriorRequestNotComplete
and a Message
element with a value of The request was rejected because Route 53 was still processing a prior request.
CreateHealthCheck
requests
You can submit one CreateHealthCheck
request every 2 seconds per AWS account.
Frequency of Route 53 Resolver API requests
All requests
Five requests per second per AWS account per Region. If you submit more than five requests per second in a Region, Resolver returns an HTTP 400 error (Bad request
). The response header also includes a Code
element with a value of Throttling
and a Message
element with a value of Rate exceeded
.
Note
If your application exceeds this limit, we recommend that you implement exponential backoff for retries. For more information, see Error Retries and Exponential Backoff in AWS in the Amazon Web Services General Reference.