AWS Network Firewall increases quota for stateful rules

Posted on: May 28, 2024

The AWS Network Firewall service quota limit for stateful rules is now adjustable. The default limit is still 30,000 stateful rules per firewall policy in a Region, but you can request an increase up to 50,000. This firewall rule limit increase helps customers strengthen their security posture on AWS and mitigate emerging threats more effectively.

A higher rule limit provides flexibility to customers with large-scale deployments to define their firewall policy with different combinations of AWS managed and customer defined rules. Starting today, you can implement a broader range of rules to defend against various threats and scale as you grow on AWS.

The quota increase for stateful firewall rules per policy is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions and China Regions. Each quota applies to a specific AWS Region and is not cumulative across Regions.

There is no additional cost to increase your quota for stateful rules. You can request a quota increase up to 50,000 stateful rules at the account level. To learn more about AWS Network Firewall quotas and request a stateful rule limit increase, please refer to the service documentation.