Quotas - Amazon Route 53 (original) (raw)

Amazon Route 53 API requests and entities are subject to the following quotas (formerly referred to as "limits").

Topics

Using Service Quotas to view and manage quotas

You can use the Service Quotas service to view quotas and to request quota increases for many AWS services. For more information, see the Service Quotas User Guide. (You can currently use Service Quotas to view and manage domains, Route 53 ,and Route 53 Resolver quotas.)

Note

To view quotas and request higher quotas for Route 53, you must change the Region to US East (N. Virginia). To view quotas and request higher quotas for Resolver, change to the applicable Region.

Quotas on entities

Amazon Route 53 entities are subject to the following quotas.

For information on getting current quotas (formerly referred to as "limits"), see the following Route 53 actions:

Topics

Quotas on domains

*****The limit is 20 for new customers as of March 2021.

If you have an existing account and your default limit is 50 now, it will remain at 50.

Quotas on hosted zones

Entity Quota
Hosted zones Initial quota of 500 per AWS account, but you can request a higher quota as needed. Request a higher quota.
Hosted zones that can use the same reusable delegation set 100 Request a higher quota.
Amazon VPCs that you can associate with a private hosted zone per hosted zone 300 If you want more than 300 associations, we recommend you use Route 53 Profiles. For more information, see What are Amazon Route 53 Profiles?.
Private hosted zones that you can associate a VPC with No quota *
Authorizations that you can create so you can associate VPCs that were created by one account with a hosted zone that was created by another account 1000
The number of key signing keys (KSK) that you can create per hosted zone 2

* You can associate a VPC with any or all of the private hosted zones that you control through your AWS accounts. For example, suppose you have three AWS accounts and all three have the default quota of 500 hosted zones. If you create 500 private hosted zones for all three accounts, you can associate a VPC with all 1,500 private hosted zones.

Quotas on records

Entity Quota
Records 10,000 per hosted zone Request a higher quota. For a quota greater than 10,000 records in a hosted zone, an additional charge applies.For more information, see Amazon Route 53 Pricing.
Records in a record set 400 per record set
Geolocation, latency, multivalue answer, weighted, and IP-based records 100 records that have the same name and type
Geoproximity records 30 records that have the same name and type
CIDR collections 5 per AWS account. Request a higher quota.
CIDR blocks 1000 per CIDR collection. Request a higher quota.

Quotas on Route 53 Resolver

This section includes all the Route 53 Resolver quotas

Quotas on Route 53 Resolver

Use the following procedure to increase quotas for Route 53 Resolver.

To increase Resolver quotas
  1. Open the Service Quotas console at https://console.aws.amazon.com/servicequotas/home/services/route53resolver/quotas.
  2. Go to the region where you want to increase the limit.
  3. Select the Route 53 Resolver Quota name you want to increase.
  4. Select Request quota increase, enter the quota value, and then select Request.

Quotas on Route 53 Resolver endpoints

Entity Quota
Endpoints per AWS Region 4 per AWS account Request a higher quota.
IP addresses per endpoint 6 Request a higher quota.
IP addresses per rule 6
Rules per AWS Region 1000 per AWS account Request a higher quota.
Associations between rules and VPCs per AWS Region 2000 per AWS account Request a higher quota.
UDP Queries per second per IP address in an endpoint 10,000*

* Each IP address in an endpoint can process up to 10,000 UDP DNS queries per second (QPS). The number of DNS QPS varies by the type of query, size of the response, health of the target name servers, query response times, round trip latency, and the protocol in use. For example, queries to a target name server that is slow to respond can significantly reduce the capacity of the network interface. Additionally, to ensure high availability, Route 53 Resolver generates redundant outbound queries for each DNS request that it receives. As a result, the QPS for each outbound network interface will not match the QPS sent to Route 53 Resolver. Use CloudWatch metrics to measure how many queries are being sent to each network interface. For more information, seeMetrics for Resolver IP addresses. If your maximum query rate exceeds 50% of the capacity for any network interface in the endpoint, you can add more network interfaces to increase the endpoint capacity.

Connections made through applications like Network Load Balancer and AWS Lambda (for a full list see Automatically tracked connections ) are automatically tracked, even if the security group configuration does not otherwise require tracking.

If the connection tracking is enforced either by using restrictive security group rules or queries are routed through Network Load Balancer, the overall maximum queries per second per IP address for an inbound endpoint can be as low as 1500.

Quotas on Route 53 Resolver query logs

Entity Quota
Query log configurations per AWS Region 20
Query log configuration VPC associations per AWS Region* 100
Query log configuration VPC associations per account per AWS Region (shared using RAM) for the account that the configuration was shared to. 100

* This is a hard limit. You can't create another query log configuration in the same AWS Region and associate additional 100 VPCs to it.

Quotas on Route 53 Resolver DNS Firewall

Entity Quota
Number of rule groups associated to a VPC for a single account per AWS Region 5
Number of DNS Firewall domains in a single Amazon S3 file for a single account per AWS Region 250,000 Request a higher quota.
Number of DNS Firewall rule groups for a single account per AWS Region 1,000 Request a higher quota.
Number of rules within a rule group for a single account per AWS Region 100 Request a higher quota.
Number of domain lists for a single account per AWS Region 1000 Request a higher quota.
The maximum number of domains that you can specify across all of the domain lists for a single account per AWS Region 100,000 Request a higher quota.

Quotas on Resolver on Outpost

Entity Quota
Resolver on Outpost instance limit 6 (with a minimum of 4 required)

Resolver on Outpost instance types and the number of DNS queries per second each instance type can accommodate:

Instance type Queries per second
c5.large Up to 7,000
c5.xlarge Up to 12,000
c5.2xlarge Up to 24,000
c5.4xlarge Up to 56,000
c5d.large Up to 7,000
c5d.xlarge Up to 12,000
c5d.2xlarge Up to 24,000
c5d.4xlarge Up to 56,000
m5.large Up to 7,000
m5.xlarge Up to 12,000
m5.2xlarge Up to 24,000
m5.4xlarge Up to 56,000
m5d.large Up to 7,000
m5d.xlarge Up to 12,000
m5d.2xlarge Up to 24,000
m5d.4xlarge Up to 56,000
r5.large Up to 7,000
r5.xlarge Up to 12,000
r5.2xlarge Up to 24,000
r5.4xlarge Up to 56,000
r5d.large Up to 7,000
r5d.xlarge Up to 12,000
r5d.2xlarge Up to 24,000
r5d.4xlarge Up to 56,000

Resolver on Outpost endpoint instance types and the number of DNS queries per second each instance type can accommodate:

Instance type Queries per second
c5.large Up to 5,000
c5.xlarge Up to 10,000
c5.2xlarge Up to 18,000
c5.4xlarge Up to 30,000
c5d.large Up to 5,000
c5d.xlarge Up to 10,000
c5d.2xlarge Up to 18,000
c5d.4xlarge Up to 30,000
m5.large Up to 5,000
m5.xlarge Up to 10,000
m5.2xlarge Up to 18,000
m5.4xlarge Up to 30,000
m5d.large Up to 5,000
m5d.xlarge Up to 10,000
m5d.2xlarge Up to 18,000
m5d.4xlarge Up to 30,000
r5.large Up to 5,000
r5.xlarge Up to 10,000
r5.2xlarge Up to 18,000
r5.4xlarge Up to 30,000
r5d.large Up to 5,000
r5d.xlarge Up to 10,000
r5d.2xlarge Up to 18,000
r5d.4xlarge Up to 30,000

Quotas on health checks

Entity Quota
Health checks 200 active health checks per AWS account Request a higher quota.
Child health checks that a calculated health check can monitor 255
Maximum total length of headers in the response to a health check request 16,384 bytes (16K)

Quotas on query log configurations

Entity Quota
Query log configurations 1 per hosted zone

Quotas on traffic flow policies and policy records

Quotas on reusable delegation sets

Quotas on Route 53 Profiles

Entity Quota
Number of Route 53 Profiles per AWS account in a Region 5 Request a higher quota.
Number of VPCs that can be associated to a Profile 1000 Request a higher quota.
Number of DNS Firewall rule groups per Profile 5
Number of Resolver rules per Profile 1000 Request a higher quota.
Number of private hosted zones per a Profile 1,000 Request a higher quota.

Maximums on API requests

Amazon Route 53 API requests are subject to the following maximums.

Topics

Number of elements and characters in ChangeResourceRecordSets requests

ResourceRecord elements

A request cannot contain more than 1,000 ResourceRecord elements (including alias records). When the value of the Action element isUPSERT, each ResourceRecord element is counted twice.

Maximum number of characters

The sum of the number of characters (including spaces) in all Value elements in a request cannot exceed 32,000 characters. When the value of the Action element is UPSERT, each character in a Value element is counted twice.

Frequency of Amazon Route 53 API requests

All Amazon Route 53 API requests

For the Amazon Route 53 APIs five requests per second per AWS account. If you submit more than five requests per second, Amazon Route 53 returns an HTTP 400 error (Bad request). The response header also includes a Code element with a value of Throttling and a Message element with a value of Rate exceeded.

Note

If your application exceeds this limit, we recommend that you implement exponential backoff for retries. For more information, see Error Retries and Exponential Backoff in AWS in the Amazon Web Services General Reference.

ChangeResourceRecordSets requests

If Route 53 can't process a request before the next request arrives, it will reject subsequent requests for the same hosted zone and return an HTTP 400 error (Bad request). The response header also includes a Code element with a value of PriorRequestNotComplete and a Message element with a value of The request was rejected because Route 53 was still processing a prior request.

CreateHealthCheck requests

You can submit one CreateHealthCheck request every 2 seconds per AWS account.

Frequency of Route 53 Resolver API requests

All requests

Five requests per second per AWS account per Region. If you submit more than five requests per second in a Region, Resolver returns an HTTP 400 error (Bad request). The response header also includes a Code element with a value of Throttling and a Message element with a value of Rate exceeded.

Note

If your application exceeds this limit, we recommend that you implement exponential backoff for retries. For more information, see Error Retries and Exponential Backoff in AWS in the Amazon Web Services General Reference.