This topic lists the limits of Resource Access Management (RAM).
Category | Item | Upper limit |
---|---|---|
RAM user | The number of RAM users that can be created for an Alibaba Cloud account | 1,000 |
The number of characters that the name of a RAM user can contain | 64 | |
The number of groups that a RAM user can join | 5 | |
The number of AccessKey pairs that a RAM user can create | 2 | |
The number of multi-factor authentication (MFA) devices that can be enabled for a RAM user | 1 | |
The number of system policies that can be attached to a RAM user | 20 | |
The number of custom policies that can be attached to a RAM user | 10 | |
RAM user group | The number of RAM user groups that can be created for an Alibaba Cloud account | 50 |
The number of characters that the name of a RAM user group can contain | 64 | |
The number of system policies that can be attached to a RAM user group | 20 | |
The number of custom policies that can be attached to a RAM user group | 5 | |
RAM role | The number of RAM roles that can be created for an Alibaba Cloud account | 1,000 |
The number of characters that the name of a RAM role can contain | 64 | |
The number of system policies that can be attached to a RAM role | 20 | |
The number of custom policies that can be attached to a RAM role | 5 | |
Alibaba Cloud account alias | The number of characters that an account alias can contain | 64
Note An account alias must be 3 to 64 characters in length.
|
Policy | The number of characters that the name of a policy can contain | 128 |
MFA | The number of MFA devices that can be created for an Alibaba Cloud account | 1,000 |
Custom policy | The number of custom policies that can be created for an Alibaba Cloud account | 1,500 |
The number of characters that a custom policy can contain | 2,048 | |
The number of versions that a custom policy can have | 5 | |
Identity provider (IdP) | The number of IdPs that can be created for an Alibaba Cloud account | 100 |
The number of IdP descriptors that an IdP metadata file can contain | 1 | |
The number of certificates that an IdP descriptor in an IdP metadata file can contain | 2 |