Quotas and limits Smart Web Security

Written by

Updated at September 3, 2025

Smart Web Security has the following limits:

Quotas are organizational constraints that can be changed by support on request.
Limits are technical constraints of the Yandex Cloud architecture. You cannot change the limits.

If you need more resources, you can increase your quotas in one of the following ways:

To have your request processed, you must have the quota-manager.requestOperator role or higher, e.g., editor or admin.

You can manage your quotas with Cloud Quota Manager.

Type of limit	Value
Maximum number of security profiles per cloud `smart-web-security.securityProfiles.count`	5
Maximum number of ARL profiles per cloud `smart-web-security.advancedRateLimiterProfiles.count`	5
Maximum number of WAF profiles per cloud `smart-web-security.wafProfiles.count`	10
Maximum total number of security profile rules per cloud `smart-web-security.securityProfileRules.count`	250
Maximum total number of WAF exclusion rules per cloud `smart-web-security.wafProfileExclusionRules.count`	250
Maximum total number of ARL profile rules per cloud `smart-web-security.advancedRateLimiterProfileRules.count`	250
Maximum total number of IP address mapping conditions per cloud `smart-web-security.ipMatchers.count`	2,500
Maximum total number of IP address lists in Smart Web Security `smart-web-security.matchLists.count`	20
Maximum total number of proxy servers per cloud `smart-web-security.loadBalancers.count`	1
Maximum total number of domains per cloud `smart-web-security.loadBalancerDomains.count`	10

Type of limit	Value
Maximum number of `HTTP header` conditions per rule	20
Maximum number of `Query Match` conditions per rule	20
Maximum number of IP addresses, prefixes, or IP address ranges per condition	10,000
Maximum number of `HTTP method` conditions per rule	20
Maximum number of `Host` conditions per rule	20
Maximum length of a string in a regular expression	255 characters
Maximum number of requests per second (RPS) in total for all load balancer virtual hosts connected to the same security profile¹	20,000
Maximum total number of domains per proxy server	20
Maximum total number of target resource IP addresses per domain	20

¹ If you expect more requests per second, contact your Yandex Cloud account manager.