Quick Answer
# Check current VPC count
aws ec2 describe-vpcs --query 'length(Vpcs)'
# Check quota
aws service-quotas get-service-quota \
--service-code vpc \
--quota-code L-F678F1CE
The Error
Error: creating VPC: VpcLimitExceeded: The maximum number of VPCs has been reached.
status code: 400
What Causes This
AWS limits VPCs to 5 per region by default. Common quota consumers:
- Default VPC (1, created automatically)
- Dev/staging/prod VPCs
- Test VPCs that were never cleaned up
- Each Terraform workspace creating its own VPC
Solution 1: Find and Delete Unused VPCs
# List all VPCs with name and resource count
aws ec2 describe-vpcs \
--query 'Vpcs[].{ID:VpcId,CIDR:CidrBlock,Name:Tags[?Key==`Name`].Value|[0],Default:IsDefault}' \
--output table
-----------------------------------------------------------------
| DescribeVpcs |
+----------+-----------------+-----------+----------------------+
| CIDR | Default | ID | Name |
+----------+-----------------+-----------+----------------------+
| 172.31.0 | True | vpc-aaa | None (default) |
| 10.0.0.0 | False | vpc-bbb | prod |
| 10.1.0.0 | False | vpc-ccc | staging |
| 10.2.0.0 | False | vpc-ddd | dev |
| 10.3.0.0 | False | vpc-eee | test-old | ← Delete?
+----------+-----------------+-----------+----------------------+
Check if a VPC has resources before deleting:
VPC_ID="vpc-eee"
# Check for instances
aws ec2 describe-instances --filters "Name=vpc-id,Values=$VPC_ID" \
--query 'length(Reservations[].Instances[])'
# Check for subnets
aws ec2 describe-subnets --filters "Name=vpc-id,Values=$VPC_ID" \
--query 'length(Subnets)'
# Check for NAT Gateways
aws ec2 describe-nat-gateways --filter "Name=vpc-id,Values=$VPC_ID" \
--query 'length(NatGateways[?State!=`deleted`])'
If empty, delete via Terraform or AWS CLI:
terraform destroy -target=module.test_vpc
Solution 2: Request Quota Increase
# Check current limit
aws service-quotas get-service-quota \
--service-code vpc \
--quota-code L-F678F1CE \
--query 'Quota.Value'
# Request increase to 10
aws service-quotas request-service-quota-increase \
--service-code vpc \
--quota-code L-F678F1CE \
--desired-value 10
Or via Console: Service Quotas → VPC → VPCs per Region → Request increase
Increases to 10-20 are usually approved within hours.
Solution 3: Consolidate Into Fewer VPCs
Instead of one VPC per workload, use subnets:
# One VPC, multiple subnet groups
resource "aws_vpc" "shared" {
cidr_block = "10.0.0.0/16"
}
# App A subnets
resource "aws_subnet" "app_a" {
count = 2
vpc_id = aws_vpc.shared.id
cidr_block = cidrsubnet("10.0.0.0/16", 8, count.index) # 10.0.0.0/24, 10.0.1.0/24
}
# App B subnets
resource "aws_subnet" "app_b" {
count = 2
vpc_id = aws_vpc.shared.id
cidr_block = cidrsubnet("10.0.0.0/16", 8, count.index + 10) # 10.0.10.0/24, 10.0.11.0/24
}
Use security groups for isolation between workloads in the same VPC.
Solution 4: Check All Regions
VPC limits are per-region. Your other regions may have leftover VPCs:
for region in us-east-1 us-west-2 eu-west-1 eu-central-1 ap-southeast-1; do
count=$(aws ec2 describe-vpcs --region $region --query 'length(Vpcs)')
echo "$region: $count VPCs"
done
Solution 5: Clean Up Default VPCs
If you don’t use EC2-Classic or need the default VPC:
# The default VPC uses 1 of your 5 slots
# You can delete it (but can recreate later)
aws ec2 delete-vpc --vpc-id vpc-default123
To recreate later: aws ec2 create-default-vpc
Hands-On Courses
- Terraform for Beginners on CopyPasteLearn
- Terraform By Example — practical code examples
Conclusion
AWS limits VPCs to 5 per region. Delete unused test VPCs, request a quota increase (usually approved quickly), or consolidate workloads into fewer VPCs with separate subnet groups. Check all regions for forgotten VPCs.
