localstack icon indicating copy to clipboard operation
localstack copied to clipboard
verified publisher icon localstack

enhancement request: service-quotas endpoint to allow adjustment of limits / quotas

Open markeganfuller opened this issue 2 years ago • 6 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Enhancement description

Currently if you hit the default quota for something there is no way to increase the quota as there is no service-quotas endpoint.

Example of Issue

IPv4 CIDR blocks per VPC is by default 5 but can be raised to a maximum of 50 see AWS Documentation

Currently the following error is received when the limit is reached:

╷
│ Error: creating EC2 VPC (vpc-d2218dcd) IPv4 CIDR Block Association: CidrLimitExceeded: This network 'vpc-d2218dcd' has met its maximum number of allowed CIDRs: 5
│ 	status code: 400, request id: 437f97ba-417b-41e9-b407-4e84631dcd1b
│ 
│   with aws_vpc_ipv4_cidr_block_association.Subnet-Public-B,
│   on main.tf line 32, in resource "aws_vpc_ipv4_cidr_block_association" "Subnet-Public-B":
│   32: resource "aws_vpc_ipv4_cidr_block_association" "Subnet-Public-B" {
│ 
╵

(This error comes from moto, so this would require changes there as well, but since I don't understand how moto and localstack fit together exactly I figured an issue here would be a better starting point and the localstack developers could ask for the appropriate interface on the moto side)

Attempting to raise the limit results in:

$ awslocal service-quotas request-service-quota-increase --service-code ec2 --quota-code L-83CA0A9D --desired-value 10
ERROR: Unable to find LocalStack endpoint for service "service-quotas"

It's useful to have the standard limits in place for testing, but it's also necessary to have the ability to increase them up to the hard limits AWS allow. In our specific case we have ~7 CIDRs per VPC so we can't test any of our stacks currently.

Obviously this issue also extends beyond CIDRs in VPCs and could apply to a lot of other services with quotas.

Proposed Feature

Add a service-quotas endpoint to allow increasing service quotas up to the hard limits AWS allow.

🧑‍💻 Implementation

No response

Anything else?

No response

markeganfuller avatar Jun 14 '23 12:06 markeganfuller

Welcome to LocalStack! Thanks for reporting your first issue and our team will be working towards fixing the issue for you or reach out for more background information. We recommend joining our Slack Community for real-time help and drop a message to LocalStack Pro Support if you are a Pro user! If you are willing to contribute towards fixing this issue, please have a look at our contributing guidelines and our contributing guide.

localstack-bot avatar Jun 14 '23 12:06 localstack-bot

see also http://docs.getmoto.org/en/latest/docs/services/service-quotas.html

hans-d avatar Oct 12 '23 21:10 hans-d

Hello 👋! It looks like this issue hasn’t been active in longer than five months. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one.

localstack-bot avatar Mar 10 '24 22:03 localstack-bot

This is still an feature that would be nice to see, as anyone who hits a default limit can't adjust the limit.

TF example to trigger limit:

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "5.2.0"
    }
  }
}

resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_vpc_ipv4_cidr_block_association" "example_cidr_vpc" {
  cidr_block = "10.1.0.0/16"
  vpc_id = resource.aws_vpc.example.id
}

resource "aws_vpc_ipv4_cidr_block_association" "example_cidr_vpc2" {
  cidr_block = "10.2.0.0/16"
  vpc_id = resource.aws_vpc.example.id
}

resource "aws_vpc_ipv4_cidr_block_association" "example_cidr_vpc3" {
  cidr_block = "10.3.0.0/16"
  vpc_id = resource.aws_vpc.example.id
}

resource "aws_vpc_ipv4_cidr_block_association" "example_cidr_vpc4" {
  cidr_block = "10.4.0.0/16"
  vpc_id = resource.aws_vpc.example.id
}


resource "aws_vpc_ipv4_cidr_block_association" "example_cidr_vpc5" {
  cidr_block = "10.5.0.0/16"
  vpc_id = resource.aws_vpc.example.id
}

Current output:

$ tflocal apply
...
╷
│ Error: creating EC2 VPC (vpc-056436e5) IPv4 CIDR Block Association: CidrLimitExceeded: This network 'vpc-056436e5' has met its maximum number of allowed CIDRs: 5
│ 	status code: 400, request id: 5f6f191a-7ad2-400f-bb56-531b27525b4c
│ 
...

Attempt to change quotas:

$ awslocal service-quotas request-service-quota-increase --service-code ec2 --quota-code L-83CA0A9D --desired-value 10
ERROR: Unable to find LocalStack endpoint for service "service-quotas"

markeganfuller avatar Mar 11 '24 10:03 markeganfuller

Hello 👋! It looks like this issue hasn’t been active in longer than five months. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one.

localstack-bot avatar Sep 26 '24 12:09 localstack-bot

Still an issue.

markeganfuller avatar Oct 01 '24 09:10 markeganfuller