AWS Identity and Access Management endpoints and quotas
The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Service endpoints
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 | iam.amazonaws.com | HTTPS |
| US East (N. Virginia) | us-east-1 |
iam.amazonaws.com iam-fips.amazonaws.com |
HTTPS HTTPS |
| US West (N. California) | us-west-1 | iam.amazonaws.com | HTTPS |
| US West (Oregon) | us-west-2 | iam.amazonaws.com | HTTPS |
| Africa (Cape Town) | af-south-1 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Hong Kong) | ap-east-1 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Osaka) | ap-northeast-3 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | iam.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | iam.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 | iam.amazonaws.com | HTTPS |
| Europe (Frankfurt) | eu-central-1 | iam.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | iam.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | iam.amazonaws.com | HTTPS |
| Europe (Milan) | eu-south-1 | iam.amazonaws.com | HTTPS |
| Europe (Paris) | eu-west-3 | iam.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | iam.amazonaws.com | HTTPS |
| Middle East (Bahrain) | me-south-1 | iam.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | iam.amazonaws.com | HTTPS |
| AWS GovCloud (US-East) | us-gov-east-1 | iam.us-gov.amazonaws.com | HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 |
iam.us-gov.amazonaws.com iam.us-gov.amazonaws.com |
HTTPS HTTPS |
Service quotas
| Name | Default | Adjustable |
|---|---|---|
| Access keys per user | 2 | No |
| Customer managed policies per account | 1,500 |
Yes |
| Groups per account | 300 |
Yes |
| IAM groups per user | 10 | No |
| Identity providers per IAM SAML provider object | 10 | No |
| Instance profiles per account | 1,000 |
Yes |
| Keys per SAML provider | 10 | No |
| MFA devices per user | 1 | No |
| Managed policies per group | 10 | No |
| Managed policies per role | 10 |
Yes |
| Managed policies per user | 10 |
Yes |
| Managed policy length | 6,144 | No |
| OpenId connect providers per account | 100 | No |
| Role trust policy length | 2,048 |
Yes |
| Roles per account | 1,000 |
Yes |
| SAML providers per account | 100 | No |
| SSH Public keys per user | 5 | No |
| Server certificates per account | 20 |
Yes |
| Signing certificates per user | 2 | No |
| Tags per role | 50 | No |
| Tags per user | 50 | No |
| Users per account | 5,000 | No |
| Versions per managed policy | 5 | No |
For more information about IAM quotas, see IAM and AWS STS quotas in the IAM User Guide.
