I can understand imposing a limit. That's not the question.
The question is: is there a reason for the value of 500 or is it just some arbitrary number plucked out of the air?
Asked
Active
Viewed 57 times
1 Answers
0
The multiple of the number of VPCs in the region and the number of security groups per VPC cannot exceed 5000. Which is the hard limit even after requesting service increase from AWS.
The real reason is not stated in any documentation but it shouldn't be an arbitrary number. It makes sense for AWS to have Security Group soft limits to internally provision resources efficiently with predictable boundaries. Similarly hard limits also allows them to have predictable functionality for their platform.
In addition these limits direct users to make design choices accordingly so that people are following best practices.
In this scenario even having 500 security groups in a single VPC would be extremely difficult to manage.
Ashan
- 18,898
- 4
- 47
- 67