Limitations of Resource Management - Resource Management

This topic provides the limitations of Resource Management, including those on resource groups, resource directories, resource sharing, and tags.

Limitations on resource directories

Item	Upper limit	Adjustable	Remarks
Number of resource directories that you can create by using an Alibaba Cloud account	1	N/A	The members of a resource directory cannot be used to create resource directories.
Number of Root folders in a resource directory	1	N/A	N/A
Number of folders in a resource directory	100	Apply for a quota	The Root folder is not included.
Number of folder levels	5	N/A	The Root folder is not included.
Number of members in a resource directory	20	Apply for a quota	N/A
Number of valid invitations per day	20	Apply for a quota	Accepted invitations are not included.
Validity period of an invitation	14 days	N/A	N/A
Number of verification codes that can be sent per day when you bind a mobile phone number to a member for security purposes	100	N/A	N/A
Number of custom access control policies that can be created in a resource directory	1,500	N/A	N/A
Number of custom access control policies that can be attached to each folder or member	10	Apply for a quota	N/A
Number of characters that each custom access control policy can contain	4,096	N/A	N/A
Number of members that can be deleted every 30 calendar days	A period of 30 calendar days starts from the time when the first member deletion task is initiated. The following descriptions provide the upper limits for the number of members that can be deleted in each period: If the `Number of members < 100` condition is met, up to 10 members can be deleted. If the `100 ≤ Number of members ≤ 10,000` condition is met, up to 10% of members can be deleted. If the `Number of members > 10,000` condition is met, up to 1,000 members can be deleted.	Apply for a quota	N/A
Number of contacts in a resource directory	10	Apply for a quota	N/A

Limitations on resource sharing

Item	Upper limit	Adjustable
Number of resource shares that can be created by using each account	1,000	Apply for a quota
Number of resources that can be shared with other accounts by using each account	1,000	Apply for a quota

Limitations on resource groups

Item	Upper limit	Adjustable
Number of resource groups	30	Apply for a quota
Number of characters for a resource group identifier	50	N/A
Number of characters for a resource group name	50	N/A
Number of custom transfer rules	10	N/A
Number of transfer conditions in each custom transfer rule	10	N/A

Limitations on tags

Item	Limit	Adjustable	Remarks
Maximum number of tags that can be added to a single resource	20	Apply for a quota	The quota varies based on the resource type. This indicates that the maximum number of tags that can be added to a single resource depends on the type of the resource. You need to go to the Quota Center console to check whether you can adjust the quota for a type of resource. After you apply for a quota increase for a type of resource and the application is approved, the new quota takes effect within one hour. If you want to increase the quota for ECS instances, we recommend that you apply for a quota increase for ECS disks and ECS elastic network interfaces (ENIs) when you apply for a quota increase for ECS instances. The disks and ENIs are created together with ECS instances.
Maximum number of predefined tags that can be created within a single Alibaba Cloud account	1,000	N/A	N/A
Maximum number of tag values that can be specified for a single predefined tag key	1,000	N/A	N/A
Tag key	A tag key can be up to 128 characters in length and can contain letters, numbers, space characters, and the following special characters: `_ . # / = + - @`. Tag keys cannot start with `aliyun` or `acs:` and cannot contain `http://` or `https://`. Note Character constraints for tag keys can differ between cloud services. Please consult the documentation for the specific service you are using.	N/A	N/A
Tag value	A tag value can be up to 128 characters in length and can contain letters, numbers, space characters, and the following special characters: `_ . # / = + - @`. Tag values cannot start with `aliyun` or `acs:` and cannot contain `http://` or `https://`. Note Character constraints for tag values can differ between cloud services. Please consult the documentation for the specific service you are using.	N/A	N/A
Adding tags to resources	Each tag key on a resource can have only one tag value. If you attempt to add a tag that has the same key as an existing tag, the value of the existing tag is overwritten. For example, the `city:shanghai` tag is added to a resource. If you add the `city:newyork` tag to the resource, the `city:shanghai` tag is automatically removed from the resource.	N/A	N/A

Note

The number of policies that can be attached to a RAM user, RAM user group, or RAM role is not affected by authorization scope. In other words, you can apply the same number of policies whether you grant permissions on a single resource group or on your Alibaba Cloud account.
RAM roles with names prefixed by AliyunReservedSSO are provisioned by CloudSSO when an access configuration is deployed. For these roles, the limits on the number of attachable custom and system policies are configured centrally in the CloudSSO console. For more information, see Limitations of CloudSSO.