Posted On: Aug 27, 2021

Amazon Virtual Private Cloud (VPC) now allows you to resize your VPC prefix list, making it easier to manage your security posture and routing behavior as your network grows. Prefix lists allow you to group multiple CIDR blocks into a single object, and use it as a reference to simplify network configuration. You can share your prefix list with other AWS accounts using Resource Access Manager (RAM) and use it to configure VPC routes tables, security groups, and AWS Transit Gateway (TGW) route tables.

Prior to this feature, the size of a prefix list or the amount of CIDRs it could contain was fixed and was specified by you at the time of its creation. As your network grew and the number of CIDRs needed increased beyond your prefix list's size, you had to create a new prefix list to replace the previous one. Now, you can simply resize your prefix list and add new CIDRs, eliminating the need to create a new prefix list.

Customers often have a common set of CIDR blocks for security group and route table configurations. Prefix list makes it easier for you to roll out changes and maintain consistency in security groups and route tables across multiple VPCs, TGWs, and accounts. For example, you can create a prefix list to represent all your branch office CIDR blocks and use it to configure your security groups and route tables. When you add a new branch office, you simply add its CIDR block to the prefix list, and this will automatically establish connectivity from all the corresponding VPCs and accounts.

Support for prefix list and resize is available in all AWS Regions, except Asia Pacific (Osaka), GovCloud (US-East), GovCloud (US-West), China (Beijing), and China (Ningxia).

To get started, use the AWS CLI or SDK to create and resize prefix list. There is no additional charge to use this feature. For more information about this feature, visit prefix list’s public documentation.