Quotas and limits in Identity and Access Management

Written by

Updated at June 16, 2025

Yandex Identity and Access Management has the following limits:

Quotas are organizational constraints that can be changed by support on request.
Limits are technical constraints due to the Yandex Cloud architecture. You cannot change the limits.

If you need more resources, you can increase your quotas in one of the following ways:

To have your request processed, you must have the quota-manager.requestOperator role or higher, e.g., editor or admin.

You can manage quotas with Cloud Quota Manager.

Type of limitation	Value
Number of workload identity federations `iam.oidcWLIFederations.count`	50
Number of service accounts linked to federations `iam.saFederatedCredentials.count`	200
Maximum number of service accounts per cloud `iam.serviceAccounts.count`	100
Maximum number of API keys per cloud `iam.apiKeys.count`	1,000
Maximum number of authorized keys per cloud `iam.authorizedKeys.count`	1,000
Maximum number of static access keys per cloud `iam.accessKeys.count`	1,000

There are no limits for Identity and Access Management.