When you create each subnet, you provide the VPC ID and IPv4 CIDR block
for the subnet. After you create a subnet, you can't change its CIDR
block. The size of the subnet's IPv4 CIDR block can be the same as a
VPC's IPv4 CIDR block, or a subset of a VPC's IPv4 CIDR block. If you
create more than one subnet in a VPC, the subnets' CIDR blocks must not
overlap. The smallest IPv4 subnet (and VPC) you can create uses a /28
netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536
IPv4 addresses).
If you've associated an IPv6 CIDR block with your VPC, you can create a
subnet with an IPv6 CIDR block that uses a /64 prefix length.
AWS reserves both the first four and the last IPv4 address in each
subnet's CIDR block. They're not available for use.
If you add more than one subnet to a VPC, they're set up in a star
topology with a logical router in the middle.
If you launch an instance in a VPC using an Amazon EBS-backed AMI, the
IP address doesn't change if you stop and restart the instance (unlike
a similar instance launched outside a VPC, which gets a new IP address
when restarted). It's therefore possible to have a subnet with no
running instances (they're all stopped), but no remaining IP addresses
available.
For more information about subnets, see Your VPC and Subnets
in the Amazon Virtual Private Cloud User Guide.