This topic describes the limits on Elastic Compute Service (ECS) and how to apply for extensions on these limits.
Overview
ECS has the following limits:
Only ECS Bare Metal Instance families and Super Computing Cluster (SCC) instance families support secondary virtualization. Other ECS instance families do not support the installation of virtualization software and secondary virtualization.
ECS does not support sound card applications.
External hardware devices, such as hardware dongles, USB flash drives, external hard disks, and bank U keys, cannot be directly attached to ECS instances. Software verification methods, such as software dongles and two-factor authentication based on one-time passwords, can be used.
ECS does not support multicast protocols. We recommend that you use unicast protocols.
Simple Log Service does not support 32-bit Linux ECS instances.
For information about the ECS instances supported by Simple Log Service, see Install Logtail on a Linux server and Install Logtail on a Windows server.
Before you apply for Internet Content Provider (ICP) filings for websites that are deployed on your ECS instances, make sure that the instances meet ICP filing requirements. You can apply for only a limited number of ICP filing service identification numbers for each ECS instance. For more information, see Prepare and check the instance and access information.
Specific software or application licenses must be bound to the hardware of ECS instances. After data is migrated from one instance to another, hardware information may change and invalidate the licenses.
Instance limits
Item | Requirement or limit | Adjustable |
Permissions to create ECS instances | To create ECS instances within the Chinese mainland, you must first complete real-name verification. | N/A |
Instance quota by region, zone, instance type, billing method, and network type | You can view the instance quota in the ECS console. For more information, see View and increase instance quotas. | You can apply for a quota increase in the ECS console. For more information, see View and increase instance quotas. |
Maximum number of subscription instances that you can purchase at a time | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Maximum number of launch templates per region in an account | 30 | N/A |
Maximum number of versions of a single launch template | 30 | N/A |
Permissions to change the billing method from pay-as-you-go to subscription | You cannot change the billing method of instances of retired instance types from pay-as-you-go to subscription. For more information, see Retired instance types. | N/A |
Permissions to change the billing method from subscription to pay-as-you-go |
| N/A |
Reserved instance limits
Item | Requirement or limit | Adjustable |
Maximum number of regional reserved instances in an account | 20 | |
Maximum number of zonal reserved instances per zone in an account | 20 | |
Instance types that support reserved instances | The following instance families support reserved instances:
| N/A |
For more information about the reserved instance limits, see the Limits section in the "Overview" topic.
Savings plan limits
Item | Requirement or limit | Adjustable |
Maximum number of savings plans in an account | 40 | N/A |
Instance types that support savings plans | Retired instance types do not support savings plans. Instance types in the t1, s1, s2, s3, m1, m2, c1, and c2 instance families are retired. | N/A |
Block storage limits
Item | Requirement or limit | Adjustable |
Permissions to create pay-as-you-go disks | To create disks within the Chinese mainland, you must first complete real-name verification. | N/A |
Maximum number of pay-as-you-go disks | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Maximum number of system disks on a single instance | 1 | N/A |
Maximum number of data disks on a single instance | You can attach up to 64 data disks to a single ECS instance. The maximum number of disks that can be attached to an instance varies based on the instance type. For more information, see Overview of instance families. Note You can attach up to 16 data disks to an instance when you create the instance. If the instance requires additional data disks, attach more data disks after the instance is created. For more information, see Attach a data disk. | N/A |
Capacity of all pay-as-you-go ultra disks in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Capacity of all pay-as-you-go standard SSDs in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Capacity of all pay-as-you-go enhanced SSDs (ESSDs) in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Capacity of a single basic disk | 5 GiB to 2,000 GiB | N/A |
Capacity of a single standard SSD | 20 GiB to 32,768 GiB | N/A |
Capacity of a single ultra disk | 20 GiB to 32,768 GiB | N/A |
Capacity of a single ESSD |
| N/A |
Capacity of a single ESSD AutoPL disk | 40 GiB to 65,536 GiB | N/A |
Capacity of a single local SSD | 5 GiB to 800 GiB | N/A |
Capacity of all local SSDs on a single instance | 1,024 GiB | N/A |
Capacity of a single system disk |
Note Basic disks are the previous generation of disks that are unavailable for purchase. If you use basic disks as system disks, the capacity upper limit for each basic disk is 500 GiB. | N/A |
Permissions to attach new local disks to instances that are equipped with local disks | You cannot attach new local disks to instances that are already equipped with local disks. | N/A |
Permissions to change the configurations of instances that are equipped with local disks | You can change only the bandwidth configurations of instances that are equipped with local disks. | N/A |
Mount points of system disks | /dev/vda | N/A |
Mount points of data disks | The mount points are named based on the number of data disks:
| N/A |
Block storage capacity is measured in binary units. The multiple of two neighboring binary units is 1,024. For example, 1 GiB is equal to 1,024 MiB.
SCU limits
Item | Requirement or limit | Adjustable |
Maximum capacity that you can purchase for a storage capacity unit (SCU) | 50 TiB | |
Maximum number of SCUs that you can purchase in a region | 100 | N/A |
Resource types that support SCUs |
| N/A |
Snapshot limits
Item | Requirement or limit | Adjustable |
Maximum number of manual snapshots that can be retained for a single disk | 256 | N/A |
Maximum number of automatic snapshots that can be retained for a single disk | 1,000 | N/A |
Maximum number of automatic snapshot policies that can be retained per region in an account | 100 | N/A |
Image limits
Item | Requirement or limit | Adjustable |
Maximum number of images in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | You can apply for a quota increase in the ECS console. For more information, see View and increase resource quotas. |
Maximum number of users with whom a single image can be shared | In the ECS console, you can find Quota of users that can be shared per custom image on the Resource Quota tab to check the maximum number of users that each custom image can be shared with. For more information, see View and increase resource quotas. | You can apply for a quota increase in the ECS console. For more information, see View and increase resource quotas. |
Support of instance types for images | Instance types that have 4 GiB or more of memory do not support 32-bit images. | N/A |
SSH key pair limits
Item | Requirement or limit | Adjustable |
Maximum number of SSH key pairs per region in an account | 500 | N/A |
Instance types that support SSH key pairs | Non-I/O optimized instances of Generation I instance families do not support SSH key pairs. | N/A |
Images that support SSH key pairs | Linux images only. | N/A |
Public bandwidth limits
From November 27, 2020, the maximum bandwidth available to create ECS instances or change the configurations of ECS instances is subject to the throttling policy for your account. To increase the maximum bandwidth value, submit a ticket. The following throttling policies apply:
In a single region, the sum of actual maximum bandwidths of all ECS instances that use the pay-by-traffic billing method for network usage cannot exceed 5 Gbit/s.
In a single region, the sum of actual maximum bandwidths of all ECS instances that use the pay-by-bandwidth billing method for network usage cannot exceed 50 Gbit/s.
Item | Requirement or limit | Adjustable |
Maximum inbound bandwidth per instance |
| N/A |
Maximum outbound bandwidth per instance |
| N/A |
Changes of the assigned public IP address of an instance | The public IP address of an instance can be changed within 6 hours after the instance is created and can be changed up to three times. | N/A |
When the pay-by-traffic billing method for network usage is used, the maximum inbound and outbound bandwidth values are used as upper limits of bandwidths instead of guaranteed performance specifications. In scenarios where demand outstrips resource supplies, these maximum bandwidth values may not be reached. If you want guaranteed bandwidths for your instance, use the pay-by-bandwidth billing method for network usage.
Security group limits
Item | Requirement or limit on basic security groups | Requirement or limit on advanced security groups |
Maximum number of security groups in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | The limit is the same as the limit on basic security groups. |
Maximum number of ECS instances of the classic network type that can be contained in a security group of the classic network type | 1,000 Note If more than 1,000 instances of the classic network type require mutual access over the internal network, you can assign the instances to multiple security groups and allow mutual access among the security groups. | Advanced security groups do not support the classic network. |
Maximum number of ECS instances of the Virtual Private Cloud (VPC) type that can be contained in a security group of the VPC type | This limit varies based on the number of private IP addresses that can be contained in the security group. | No limit. |
Maximum number of security groups to which an ECS instance can belong | 5 You can submit a ticket to raise the limit to 4 or 10 security groups. In this case, the quota for the number of rules per security group is adjusted accordingly. | The limit is the same as the limit on basic security groups. |
Maximum number of security groups to which an elastic network interface (ENI) of an ECS instance can belong | ||
Maximum number of inbound and outbound rules in a security group | 200 Note
| The limit is the same as the limit on basic security groups. |
Maximum number of inbound and outbound rules in all security groups to which an ENI belongs | 1,000 | The limit is the same as the limit on basic security groups. |
Maximum number of rules that reference security groups as authorization objects (sources or destinations) in a security group | 20 | 0. You cannot add rules that reference security groups as authorization objects (sources or destinations) to an advanced security group, or reference advanced security groups as authorization objects (sources or destinations) in rules. |
Maximum number of private IP addresses that can be contained in a security group of the VPC type | 2,000. You can apply to raise the limit to 6,000. Note
| 65,536 |
Internet access port | For security purposes, port 25 is disabled on ECS instances by default. We recommend that you use the SSL port instead to send emails. In most cases, the SSL port is port 465. | The requirement is the same as the requirement on basic security groups. |
Prefix list limits
Item | Limit | Adjustable |
Maximum number of prefix lists per region in an account | 100 | N/A |
Maximum number of entries in a single prefix list | 200 | N/A |
Maximum number of resources that can be associated with a prefix list | 1,000 | N/A |
Network Connectivity Diagnostics limits
Item | Limit | Adjustable |
Maximum number of diagnostic paths in a single region | 100 | N/A |
Maximum number of diagnostic tasks in a single region | 1,000 | N/A |
Maximum number of diagnostic tasks that can be concurrently executed in a single region | 5 | N/A |
Deployment set limits
Item | Requirement or limit | Adjustable |
Maximum number of deployment sets in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | You can apply for a quota increase in the ECS console. For more information, see View and increase resource quotas. |
Maximum number of instances that can be contained in a single deployment set | Up to 20 instances can be contained in a deployment set within a single zone. The maximum number of instances that can be contained in a deployment set within a region is calculated by using the following formula: 20 × Number of zones in the region. | N/A |
Instance types that support deployment sets |
| N/A |
Cloud Assistant limits
Item | Limit | Adjustable |
Maximum number of Cloud Assistant commands in an account | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Retention period of a Cloud Assistant command execution record | 28 days | N/A |
Maximum number of Cloud Assistant command execution records that can be retained | 100,000 | N/A |
Maximum number of the activation codes that can be used to register Cloud Assistant managed instances. | 5,000 | N/A |
ENI limits
Item | Limit | Adjustable |
Maximum number of secondary ENIs that can be created | You can view the resource quota in the ECS console. For more information, see View and increase resource quotas. | N/A |
Tag limits
Item | Limit | Adjustable |
Maximum number of tags that can be added to a single instance | 20 | N/A |
API limits
Item | Limit | Adjustable |
Maximum number of calls of the CreateInstance operation | 200 calls per minute | N/A |
For information about the limits on VPCs, see Limits and quotas.