This document contains the content limits for the Access Context Manager API. The content limits specified in this document are subject to change.
For quotas and limits for service perimeters, a component of VPC Service Controls, see the VPC Service Controls documentation .
Access Context Manager enforces the following limits:
-
Read requests per minute: A read request is an operation that reads an Access Context Manager resource, such as an access level. The limit is 500 requests per minute per organization.
-
Write requests per minute: A write request is an operation that creates or modifies an Access Context Manager resource, such as an access level. The limit is 50 requests per minute per organization.
-
Access policies per organization: One organization-level policy and a maximum of 50 scoped policies can exist for an organization.
-
Access levels per organization: 500
-
Conditions per access level: 40
-
List items per access level attribute (for example, the number of CIDR ranges you can include for the IP Subnetworks attribute): 200
-
VPC networks across all access levels per access policy: 500
The following limits apply specifically to custom access levels:
- Maximum CEL list length: 200
