En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

"Exceeded" VPC security groups limit when launching instances with one sg

0

Dear Forum,

I am trying to launch EC2 instances on a managed account (i.e. I am not the admin), and I received this message when attempting to launch six (6) instances in the same request.

"You have exceeded the number of VPC security groups allowed per instance."

There are two things odd about that message:
1/ The request "fails", but I actually get five 5 instances in the EC2 console. If I amend the request to launch five (5) instances instead of 6 while holding everything else the same, the request succeeds and I get 5 instances.
2/ The request contains only one (1) security group per instance. And the instances in both attempts (ask for 6 get error and 5 instances; ask for 5, no errors and get 5 instances) all have the correct (just one) security group attached.

As far as I can see in the EC2 Limits pane: the limit of "Security Group per instance" (the terminology doesn't say "VPC", I don't know if that matters) is eight (8).

So it feels to me that I am hitting an account limit somewhere, but the error message doesn't feel right. I have only one group per instance, less than the limit of eight. I feel that I got the message from a catch call "throw", but it's not the real cause. But in order to discuss the limit with the admin, I have to figure out what's the real limit I have hit.

Has anyone seen this error before and any advice? TIA

Sujets
Calcul
Balises
Amazon EC2
Langue
English
threedot14
demandé il y a 3 ans2591 vues
3 réponses
0

Hi there,

It sounds like you’ve simply hit your VPC quota limit. In most cases you can simply request a limit increase. First, I’d recommend taking a look at this page in our VPC docs which goes over limits:

https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-security-groups

Here’s how to check your limits in the EC2 console:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html

AWS-Nate

AWS
AWS-User-2032475
répondu il y a 3 ans
0

Any advice on which limit I have hit?
I have read the limits documentation and the limits page in the AWS Console for this account. My problem is that it's not immediately obvious which of the 30+ limits I have hit.

I am fairly certain it's not the stated "Security Group per instance" but I don't have any evidence for the others... My gut feel is that I hit the "vCPU for running instance" but the math didn't work out...

threedot14
répondu il y a 3 ans
0

Want to close the loop on this: the problem has been identified in our application that uses SDK.
We failed to clear the Security Group list in between loops, so while I thought I was launching 6 instance with 1 group each; I am in reality launching 1 instance with 1 group, 1 instance with 2 groups... And the 6th instance with 6 groups fails.

The only complaint is that the error message was a little misleading:
This is the error:
"errorCode": "Client.SecurityGroupLimitExceeded",
"errorMessage": "You have exceeded the number of VPC security groups allowed per instance.",

But in reality, we didn't hit the "Security groups per instance" limit (which is 8); we hit the "VPC security groups per elastic network interface" limit (which is 5).

Thanks

threedot14
répondu il y a 3 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents