By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How do I modify the IPv4 CIDR block of my Amazon VPC?

3 minute read
2

I want to change the IPv4 CIDR block of my Amazon Virtual Private Cloud (Amazon VPC).

Short description

It's not possible to change or modify the IP address range of an existing virtual private cloud (VPC) or subnet. However, you can do one of the following:

  • Add an additional IPv4 CIDR block as a secondary CIDR to your VPC.
  • Create a new VPC with your preferred CIDR block and then migrate the resources from your old VPC to the new VPC (if applicable).

Resolution

Add a secondary IPv4 CIDR block to your VPC

To extend the IPv4 address range of your VPC, see Add an IPv4 CIDR block to your VPC. Make sure that you follow the CIDR block association restrictions.

If your depleted CIDR block is a secondary CIDR block, then associate another CIDR block with a new IP address range.

Note: By default, a local route is added to all routing tables in the VPC for every CIDR block associated with the VPC. This allows you to route traffic between the primary and secondary CIDR resources without additional routing. To restrict unintended traffic, use security groups and network access control lists (network ACLs).

Create a new VPC with a different IPv4 CIDR block and migrate your resources (if applicable)

If extending your VPC's IP address range with an additional IPv4 CIDR block isn't an option, you can create a new VPC with your preferred IPv4 CIDR block. Then, manually migrate all of your existing resources to the new VPC (if applicable).

Note: After you complete migrating all of the resources to your new VPC, you can delete all underlying resources in your old VPC. You can delete all of the following:

  • Terminating all instances running in the VPC.
  • Deleting all security groups associated with the VPC (except the default one).
  • Deleting all route tables associated with the VPC (except the default one),
  • Deleting any other resources as needed.

After you delete the underlying resources, you can delete your old VPC.

Related information

How do I move my EC2 instance to another subnet, Availability Zone, or VPC?

How do I change the VPC for an Amazon RDS DB instance?

I tried to delete my Amazon VPC, but I received a dependency error. How can I delete my Amazon VPC?

Topics
Networking & Content Delivery
Tags
Amazon VPC
Language
English
AWS OFFICIAL
AWS OFFICIALUpdated 2 years ago
2 Comments

Blocked using option 1

I was following the first option Add an additional IPv4 CIDR block as a secondary CIDR. Where in current VPC we have AZ1 and AZ2, so I added a secondary CIDR block to have a AZ3, but here I'm running into an issue in exportVpc function, its not able to update the subnet IDs for the AZ3, as it says that the export VpcSubnetIds cannot be updated as it is already in use by Load balancer.

As we are doing changes in production, we cannot delete the existing Load balancer. So is there a way where we can export the AZ3 and update load balancer to have all the 3 AZs.

Anupama Singh
replied 23 days ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
AWS Official
replied 22 days ago

Relevant content