This repository has been archived by the owner on Aug 30, 2024. It is now read-only.
Network ACL tests - limits #221
Labels
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add tests for these points...
Network ACLs
Euca defined limits per properties...
In [8]: tc.sysadmin.show_properties('networkacl', description=False)
[2017-01-06 14:47:09,056][INFO][SystemConnection]:
+----------------------------+--------------+-------+--+
|PROPERTY NAME |PROPERTY VALUE|DEFAULT|RO|
+----------------------------+--------------+-------+--+
|cloud.vpc.networkaclspervpc |200 |200 |F |
+----------------------------+--------------+-------+--+
|cloud.vpc.rulespernetworkacl|20 |20 |F |
+----------------------------+--------------+-------+--+
AWS limits...
Resource Default limit Comments
Network ACLs per VPC
200
You can associate one network ACL to one or more subnets in a VPC. This limit is not the same as the number of rules per network ACL.
Rules per network ACL
20
This is the one-way limit for a single network ACL, where the limit for ingress rules is 20, and the limit for egress rules is 20. This limit includes both IPv4 and IPv6 rules, and includes the default deny rules (rule number 32767 for IPv4 and 32768 for IPv6, or an asterisk * in the Amazon VPC console).
This limit can be increased upon request up to a maximum of 40; however, network performance may be impacted due to the increased workload to process the additional rules.
The text was updated successfully, but these errors were encountered: