AWS Identity and Access Management endpoints and quotas - AWS General Reference

AWS Identity and Access Management endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Service Endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2 HTTPS
US East (N. Virginia) us-east-1



US West (N. California) us-west-1 HTTPS
US West (Oregon) us-west-2 HTTPS
Africa (Cape Town) af-south-1 HTTPS
Asia Pacific (Hong Kong) ap-east-1 HTTPS
Asia Pacific (Mumbai) ap-south-1 HTTPS
Asia Pacific (Osaka) ap-northeast-3 HTTPS
Asia Pacific (Seoul) ap-northeast-2 HTTPS
Asia Pacific (Singapore) ap-southeast-1 HTTPS
Asia Pacific (Sydney) ap-southeast-2 HTTPS
Asia Pacific (Tokyo) ap-northeast-1 HTTPS
Canada (Central) ca-central-1 HTTPS
China (Beijing) cn-north-1 HTTPS
China (Ningxia) cn-northwest-1 HTTPS
Europe (Frankfurt) eu-central-1 HTTPS
Europe (Ireland) eu-west-1 HTTPS
Europe (London) eu-west-2 HTTPS
Europe (Milan) eu-south-1 HTTPS
Europe (Paris) eu-west-3 HTTPS
Europe (Stockholm) eu-north-1 HTTPS
Middle East (Bahrain) me-south-1 HTTPS
South America (São Paulo) sa-east-1 HTTPS
AWS GovCloud (US-East) us-gov-east-1 HTTPS
AWS GovCloud (US-West) us-gov-west-1



Service Quotas

AWS allows you to request an increase to default quotas for IAM entities. You can use Service Quotas to manage your IAM quotas. For adjustable IAM quotas, you can request a quota increase. Smaller increases are automatically approved in Service Quotas and are completed within a few minutes. Larger requests above the maximum autoapproved increase are submitted to AWS Support. Some adjustable quotas can't be increased above the maximum autoapproved increase amount. You can track your request case in the AWS Support console.

To request a quota increase, sign in to the AWS Management Console and open the Service Quotas console at In the navigation pane, choose AWS services. On the navigation bar, choose the US East (N. Virginia) Region. Then search for IAM. Choose AWS Identity and Access Management (IAM), choose a quota, and follow the directions to request a quota increase. For more information, see Requesting a Quota Increase in the Service Quotas User Guide.

The following quotas are adjustable.

Resource Default Maximum autoapproval
ACL (Assume role policy) size per role 2048 characters 4096 characters
Customer managed policies in an AWS account 1500 5000
Groups in an AWS account 300 500
Roles in an AWS account 1000 5000
Managed policies attached to an IAM role 10 20
Managed policies attached to an IAM user 10 20
Virtual MFA devices (assigned or unassigned) in an AWS account Equal to the user quota for the account Not applicable
Instance profiles in an AWS account 1000 5000
Server certificates stored in an AWS account 20 1000

These quotas can be changed. For information about other quotas that cannot be changed, see IAM and STS Quotas in the IAM User Guide.