Hard Limits & Numbers

Answer: 30 days

• Objects must be stored in S3 Standard for at least 30 days before transitioning to Standard-IA
• Minimum storage duration charge for IA storage classes is 30 days (if deleted earlier, you're charged for 30 days)

Answer: 30 days

• Same as Standard-IA: 30-day minimum
• Minimum storage duration charge for One Zone-IA is 30 days

Answer: 90 days

• Objects must be stored for at least 90 days before transitioning to Glacier Flexible Retrieval
• Minimum storage duration charge is 90 days

Answer: 180 days

• Objects must be stored for at least 180 days before transitioning to Deep Archive
• Minimum storage duration charge is 180 days

Answer: 5 TB (5,000 GB)

• Maximum object size: 5 TB
• For objects larger than 100 MB, use multipart upload (recommended)
• For objects larger than 5 GB, multipart upload is required

Answer: 5 GB

• Single PUT operation maximum: 5 GB
• For anything larger, you must use multipart upload

Answer: 100 buckets (soft limit, can be increased to 1,000)

• Default limit: 100 buckets per account
• Can request increase to 1,000 via Service Quotas

Answer: Milliseconds (same as S3 Standard)

• Retrieval time: Milliseconds
• Use case: Archive data that needs instant access when required

Answer:

• Expedited: 1-5 minutes
• Standard: 3-5 hours
• Bulk: 5-12 hours

Answer:

• Standard: 12 hours
• Bulk: 48 hours

Deep Archive is the cheapest but slowest retrieval option.

Answer: 15 minutes (900 seconds)

• Maximum timeout: 15 minutes
• Default timeout: 3 seconds (you must configure higher if needed)
• For longer-running tasks, use ECS/Fargate or Step Functions

Answer: 10,240 MB (10 GB)

• Minimum: 128 MB
• Maximum: 10,240 MB (10 GB)
• Memory is allocated in 1 MB increments
• CPU power scales with memory

Answer: 50 MB (zipped), 250 MB (unzipped)

• Zipped deployment package: 50 MB
• Unzipped deployment package: 250 MB
• For larger packages, use layers or container images (up to 10 GB)

Answer: 10 GB

• Container image size: up to 10 GB
• Must be stored in Amazon ECR

Answer: 5 layers

• Maximum layers: 5
• Total unzipped size of layers + deployment package: 250 MB

Answer: 1,000 concurrent executions

• Default: 1,000 concurrent executions per region
• This is a soft limit and can be increased via support ticket
• You can set reserved concurrency for critical functions

Answer: 6 MB (request and response)

• Synchronous invocation payload: 6 MB (request and response)
• Asynchronous invocation payload: 256 KB

Answer: 4 KB

• Total size of all environment variables: 4 KB

Answer: 4 days

• Default retention: 4 days
• Minimum: 1 minute
• Maximum: 14 days

Answer: 14 days

• Maximum retention: 14 days
• After 14 days, messages are automatically deleted

Answer: 256 KB

• Maximum message size: 256 KB
• For larger messages, use the SQS Extended Client Library (stores message in S3)

Answer: 30 seconds

• Default visibility timeout: 30 seconds
• Minimum: 0 seconds
• Maximum: 12 hours

Answer: 12 hours

• Maximum visibility timeout: 12 hours
• This is how long a message is hidden after being received (before it becomes visible again if not deleted)

Answer: 0 seconds (no delay by default)

• FIFO queues: 0-15 minutes delay
• Standard queues: 0-15 minutes delay
• Delay queues postpone delivery of new messages

Answer:

• Without batching: 300 transactions per second (TPS)
• With batching: 3,000 messages per second

FIFO queues have lower throughput than Standard queues.

Answer: 1-20 seconds

• Long polling wait time: 1-20 seconds
• Default (short polling): 0 seconds
• Long polling reduces costs and empty responses

Answer: 24 hours

• Default retention: 24 hours
• Can be extended up to 365 days (configurable)
• After retention period, data is deleted

Answer: 365 days (1 year)

• Maximum retention: 365 days
• Enables replay of data within this window

Answer: 1 MB

• Maximum record size: 1 MB
• For larger data, split into multiple records

Answer: 1 MB/sec or 1,000 records/sec

• Write capacity per shard: 1 MB/sec OR 1,000 records/sec (whichever is hit first)

Answer: 2 MB/sec

• Read capacity per shard: 2 MB/sec
• This applies to all consumers combined (classic mode)
• Enhanced fan-out provides 2 MB/sec per consumer

Answer: 500 (default soft limit)

• Default limit: 500 shards per region
• This is a soft limit and can be increased

Answer: 60 seconds

• Minimum buffer interval: 60 seconds
• Firehose is near real-time (not real-time like Data Streams)
• Delivers data based on buffer size or time interval (whichever is hit first)

Answer: 128 MB

• Maximum buffer size: 128 MB
• Firehose delivers when buffer size OR time interval is reached

Answer: 64 TiB (tebibytes)

• Maximum volume size: 64 TiB for all volume types
• 1 TiB = 1,024 GiB

Answer: 256,000 IOPS

• io2 Block Express: up to 256,000 IOPS
• io2 (non-Block Express): up to 64,000 IOPS
• io1: up to 64,000 IOPS

Answer: 4,000 MiB/s

• io2 Block Express: up to 4,000 MiB/s
• io2/io1: up to 1,000 MiB/s

Answer: 16,000 IOPS

• gp3: up to 16,000 IOPS
• gp2: up to 16,000 IOPS (but based on volume size: 3 IOPS per GiB)

Answer: 1,000 MiB/s

• gp3: up to 1,000 MiB/s (independently configurable)
• gp2: up to 250 MiB/s

Answer: Most instances support up to 28 volumes

• Depends on instance type
• Most instances: up to 28 volumes
• Nitro-based instances have higher limits

Answer: Up to 16 instances (io1/io2 Provisioned IOPS only)

• io1/io2 Multi-Attach: up to 16 instances
• Only available for Provisioned IOPS volumes
• All instances must be in the same AZ

Answer: 64 TiB

• Maximum RDS storage: 64 TiB (for MySQL, PostgreSQL, MariaDB, Oracle, SQL Server)
• Aurora: Auto-scales up to 128 TiB

Answer: 128 TiB (auto-scaling)

• Aurora automatically scales storage from 10 GB to 128 TiB
• No need to provision storage upfront

Answer: 5 read replicas

• Standard RDS: up to 5 read replicas
• Aurora: up to 15 read replicas

Answer: 15 read replicas

• Aurora: up to 15 read replicas
• Aurora replicas have low-latency promotion (< 30 seconds)

Answer: 35 days

• Maximum automated backup retention: 35 days
• Point-in-time recovery (PITR) within this window
• Manual snapshots can be retained indefinitely

Answer: < 30 seconds

• Aurora failover: typically < 30 seconds
• Standard RDS Multi-AZ failover: 1-2 minutes

Answer: 5 secondary regions

• Aurora Global Database: up to 5 secondary regions
• Replication lag: typically < 1 second

Answer: 400 KB

• Maximum item size: 400 KB
• Includes both attribute names and values

Answer: 20 GSIs

• Maximum GSIs: 20 per table
• GSIs can be created/deleted after table creation

Answer: 5 LSIs

• Maximum LSIs: 5 per table
• LSIs must be created at table creation time (cannot be added later)

Answer: 100 items

• BatchGetItem: up to 100 items
• BatchWriteItem: up to 25 items

Answer: 25 items

• BatchWriteItem: up to 25 items
• Total request size: up to 16 MB

Answer: 35 days

• PITR retention: 35 days
• Allows you to restore to any point in time within the last 35 days

Answer: 5 VPCs per region

• Default limit: 5 VPCs per region
• Soft limit (can be increased)

Answer: 200 subnets

• Maximum subnets per VPC: 200
• Soft limit (can be increased)

Answer: 5 CIDR blocks

• Primary CIDR block: 1
• Additional secondary CIDR blocks: 4
• Total: 5 CIDR blocks per VPC

Answer: 5 Elastic IPs

• Default limit: 5 Elastic IPs per region
• Soft limit (can be increased)

Answer: 60 inbound + 60 outbound = 120 total

• Inbound rules: 60
• Outbound rules: 60

Answer: 5 security groups

• Maximum security groups per ENI: 5

Answer: 20 inbound + 20 outbound (default)

• Default: 20 inbound + 20 outbound
• Can be increased to 40 each (soft limit)

Answer: 45 Gbps (auto-scaling)

• NAT Gateway: up to 45 Gbps (scales automatically)
• NAT Instance: depends on instance type

Answer: 125 active peering connections

• Maximum peering connections per VPC: 125

Answer: 10 VPN connections (default soft limit)

• Default: 10 VPN connections per VPC
• Can be increased

Answer: 1,000 targets

• ALB: up to 1,000 targets per load balancer
• This includes all target groups combined

Answer: 50 listeners

• ALB/NLB: up to 50 listeners per load balancer

Answer: 100 rules (default)

• Default: 100 rules per listener
• Can be increased to 1,000 (soft limit)

Answer: 25 certificates (default)

• Default: 25 certificates per load balancer
• Can be increased to 100 (soft limit)

Answer: 60 seconds (default)

• Default idle timeout: 60 seconds
• Can be configured from 1 to 4,000 seconds

Answer: Varies by instance family (vCPU-based limits)

• EC2 uses vCPU limits per instance family
• Standard instances: typically 1,152 vCPUs per region (default)
• Limits vary by account age and usage

Answer: Varies by instance type

• Depends on instance size
• Example: t3.micro = 2 ENIs, m5.large = 3 ENIs, m5.24xlarge = 15 ENIs

Answer: 50 tags

• Maximum tags per resource: 50

Answer: No maximum (runs until interrupted or terminated)

• Spot Instances can run indefinitely
• Terminated by AWS when capacity is needed or price exceeds your bid

Answer: 5,000 IAM users

• Maximum IAM users: 5,000 per account
• For more users, use IAM Identity Center (SSO) or federation

Answer: 300 groups

• Maximum IAM groups: 300 per account

Answer: 10 groups

• Maximum groups per user: 10

Answer: 10 managed policies

• Maximum managed policies per principal: 10
• You can also have 1 inline policy per principal

Answer: 6,144 characters (for managed policies)

• Managed policies: 6,144 characters
• Inline policies (user): 2,048 characters
• Inline policies (role, group): 10,240 characters

Answer: 1,000 roles

• Maximum IAM roles: 1,000 per account

Answer: 12 hours

• Maximum session duration: 12 hours
• Default: 1 hour (configurable)

Answer: 256 KB

• Maximum message size: 256 KB
• For larger messages, store in S3 and send S3 link

Answer: 12,500,000 subscriptions (default)

• Default: 12.5 million subscriptions per topic

Answer: 100,000 topics

• Maximum SNS topics: 100,000 per account

Answer: 15 months

• Metric retention: 15 months
• You can retrieve metrics older than 2 weeks using GetMetricStatistics API

Answer: 10 dimensions

• Maximum dimensions per metric: 10

Answer: 5,000 alarms (default soft limit)

• Default: 5,000 alarms per region
• Can be increased

Answer: 1 second (high-resolution metrics)

• Standard resolution: 1 minute
• High-resolution: 1 second
• High-resolution metrics retained for 3 hours at 1-second resolution

Answer: 2,000 stacks (default)

• Default: 2,000 stacks per region
• Includes active and deleted stacks (within 90 days)

Answer: 51,200 bytes (when passed directly), 1 MB (when uploaded to S3)

• Direct upload: 51,200 bytes
• S3 upload: 1 MB

Answer: 200 parameters

• Maximum parameters: 200 per template

Answer: 200 outputs

• Maximum outputs: 200 per template

Answer: 500 hosted zones

• Default limit: 500 hosted zones per account
• Soft limit (can be increased)

Answer: 10,000 records

• Maximum records per hosted zone: 10,000
• Soft limit (can be increased)

Answer: 200 health checks (default)

• Default: 200 health checks
• Soft limit (can be increased to 1,000)

Answer: 0 seconds to 2,147,483,647 seconds

• Minimum TTL: 0 seconds (not recommended)
• Maximum TTL: 2,147,483,647 seconds (~68 years)
• Common TTLs: 60-300 seconds for frequently changing records

Answer: 1 year

• Standard workflow: up to 1 year
• Express workflow: up to 5 minutes

Answer: 5 minutes

• Express workflow: up to 5 minutes
• Express workflows are designed for high-volume, short-duration tasks

Answer: 25,000 events

• Standard workflow: 25,000 events in execution history

Answer: 5 TB

• Maximum file size: 5 TB (same as S3 object limit)

Answer: At least 150 GB, recommended to be 20% of your data set

• Minimum cache: 150 GB
• Recommended: 20% of total dataset size
• Maximum cache volume size: 64 TiB

Answer: 32 volumes (cached mode) or 32 volumes (stored mode)

• Maximum volumes: 32 per gateway
• Maximum size per volume: 32 TiB (cached), 16 TiB (stored)

Answer: 32 TiB

• Cached volume: up to 32 TiB
• Stored volume: up to 16 TiB

Answer: 10,000 tasks (default soft limit)

• Default: 10,000 tasks per cluster
• Can be increased

Answer: 5,000 services

• Maximum services: 5,000 per cluster

Answer: 10,000 instances (default soft limit)

• Default: 10,000 container instances per cluster

Answer: 64 KiB

• Maximum task definition size: 64 KiB (for the JSON document)

Answer: 200 distributions (default)

• Default: 200 distributions per account
• Soft limit (can be increased)

Answer: 100 CNAMEs

• Maximum CNAMEs: 100 per distribution

Answer: 25 cache behaviors (default)

• Default: 25 cache behaviors per distribution
• Can be increased to 1,000

Answer: 30 GB (for HTTP methods), 20 GB (for PUT/POST/PATCH)

• GET/HEAD: 30 GB
• PUT/POST/PATCH: 20 GB

Answer: 24 hours (86,400 seconds)

• Default TTL: 24 hours
• Can be configured (minimum 0 seconds, maximum 1 year)

Answer: 65,536 bytes (64 KB)

• Maximum secret size: 64 KB

Answer: ~100 versions (soft limit)

• Approximately 100 versions per secret
• Older versions are automatically removed

Answer: 29 seconds

• Maximum timeout: 29 seconds
• This applies to all integrations (Lambda, HTTP, etc.)

Answer: 10 MB

• Maximum request/response payload: 10 MB

Answer: 10,000 requests per second (steady-state), 5,000 burst

• Steady-state: 10,000 RPS
• Burst: 5,000 requests
• These are regional limits and can be increased

Answer: 10 stages

• Maximum stages: 10 per API
• Common stages: dev, test, prod

Answer: 256 KB

• Maximum event size: 256 KB

Answer: 300 rules (default)

• Default: 300 rules per event bus
• Can be increased

Answer: 5 targets

• Maximum targets: 5 per rule

Answer: 28 days

• Maximum training job duration: 28 days

Answer: 5 GB (or unlimited if using S3)

• Compressed model: 5 GB (if uploaded directly)
• For larger models, use S3

Answer: 50 tags

• Maximum tags: 50 per resource
• Applies to most AWS resources (EC2, S3, RDS, etc.)

Answer: 128 characters

• Tag key: up to 128 characters
• Tag value: up to 256 characters

Answer: 1 Gbps, 10 Gbps, or 100 Gbps (dedicated connections)

• Dedicated connections: 1 Gbps, 10 Gbps, 100 Gbps
• Hosted connections: 50 Mbps, 100 Mbps, 200 Mbps, 300 Mbps, 400 Mbps, 500 Mbps, 1 Gbps, 2 Gbps, 5 Gbps, 10 Gbps

Answer: 50 virtual interfaces (default)

• Default: 50 VIFs per connection
• Can be increased

Answer: 10 accounts (default), can be increased to thousands

• Default: 10 accounts
• Can request increase via support (typically approved for hundreds/thousands)

Answer: 5 levels deep

• Maximum OU hierarchy depth: 5 levels
• Root does not count as a level

Answer: 5 SCPs

• Maximum SCPs per OU/account: 5

Answer: 1,000 indices (default soft limit)

• Default: 1,000 indices
• Can be increased

Answer: 3 PB (petabytes)

• Maximum domain storage: 3 PB

Answer: 50 job queues

• Maximum job queues: 50 per region

Answer: 50 compute environments

• Maximum compute environments: 50 per region

Answer: 10 GB per layer, no limit on total image size

• Maximum layer size: 10 GB
• No limit on total image size (but practical limits apply)

Answer: 10,000 repositories (default soft limit)

• Default: 10,000 repositories per region

Answer: Varies by API and region (5,500 - 30,000 requests per second)

• Shared quota (most APIs): 5,500 RPS (varies by region)
• Some operations (like GenerateDataKey): up to 30,000 RPS
• These are soft limits

Answer: 4 KB

• Direct encryption: up to 4 KB
• For larger data, use envelope encryption (GenerateDataKey)

Answer: 50,000 grants (default soft limit)

• Default: 50,000 grants per key

Answer: 1 MB (default), can be increased to 10 MB

• Default: 1 MB
• Configurable up to 10 MB

Answer: No hard limit (limited by instance capacity)

• No specific limit (depends on instance types and data volume)
• Typically start with 3 brokers (one per AZ for HA)

Answer: 24 hours (default), can be increased to 7 years

• Default: 24 hours
• Can be configured up to 87,600 hours (10 years)

Answer: 5 concurrent connections

• Maximum readers: 5 concurrent connections per stream

Answer: 2 static Anycast IPs

• Global Accelerator provides 2 static Anycast IPs
• These IPs are fixed entry points to your application

Answer: 10 endpoints

• Maximum endpoints: 10 per endpoint group

Answer: 4 KB

• Standard tier: 4 KB
• Advanced tier: 8 KB

Answer: 10,000 parameters

• Standard tier: 10,000 parameters (free)
• Advanced tier: 100,000 parameters (charged)

Answer: 5 TB (same as S3)

• Maximum file size: 5 TB
• Same as underlying S3 object limit

Answer: 10,000 users (default soft limit)

• Default: 10,000 users per server

Answer: 50 million files

• Maximum files: 50 million per task

Answer: 10 Gbps per task

• Maximum throughput: 10 Gbps per task
• Can run multiple tasks in parallel for higher throughput