New AWS accounts, quota limits and NACL rules
A customer asked: > I hit quota limits for the number of rules which could be attached to a network ACL, this seems odd because the new account is totally empty.
This is actually because your account is new. We've been seeing AWS become increasingly stingy with new account limits. Another example I can tell you off the top of my head -> lambda functions in new accounts may be constrained down to 50 concurrent executions (from the advertised standard 1,000). In addition, when you reach out to AWS support via your new account - you may not receive a positive response in your favor. AWS support seems to have changed policies at some point within the recent months to try to keep new accounts' resource usage as low as possible. For what it's worth - we do use cloud-nuke when performing a CIS Ref Arch deployment in order to delete all the default VPCs that are not in use currently - i.e. in regions you're not using. In any event - the issue of not having enough NACL rules in your quota is becoming pretty common for new accounts. My recommendation would be to programmatically request increased quota limits, either through the API or the console - or write in a new support request explaining that you're attempting to launch production services and are being constrained by the limits.