AWS Identity and Access Management endpoints and quotas - AWS General Reference

AWS Identity and Access Management endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Service endpoints

Region Name Region Endpoint Protocol
US East (Ohio) us-east-2 iam.amazonaws.com HTTPS
US East (N. Virginia) us-east-1

iam.amazonaws.com

iam-fips.amazonaws.com

iam-fips.amazonaws.com

HTTPS

HTTPS

HTTPS

US West (N. California) us-west-1 iam.amazonaws.com HTTPS
US West (Oregon) us-west-2 iam.amazonaws.com HTTPS
Africa (Cape Town) af-south-1 iam.amazonaws.com HTTPS
Asia Pacific (Hong Kong) ap-east-1 iam.amazonaws.com HTTPS
Asia Pacific (Jakarta) ap-southeast-3 iam.amazonaws.com HTTPS
Asia Pacific (Mumbai) ap-south-1 iam.amazonaws.com HTTPS
Asia Pacific (Osaka) ap-northeast-3 iam.amazonaws.com HTTPS
Asia Pacific (Seoul) ap-northeast-2 iam.amazonaws.com HTTPS
Asia Pacific (Singapore) ap-southeast-1 iam.amazonaws.com HTTPS
Asia Pacific (Sydney) ap-southeast-2 iam.amazonaws.com HTTPS
Asia Pacific (Tokyo) ap-northeast-1 iam.amazonaws.com HTTPS
Canada (Central) ca-central-1 iam.amazonaws.com HTTPS
Europe (Frankfurt) eu-central-1 iam.amazonaws.com HTTPS
Europe (Ireland) eu-west-1 iam.amazonaws.com HTTPS
Europe (London) eu-west-2 iam.amazonaws.com HTTPS
Europe (Milan) eu-south-1 iam.amazonaws.com HTTPS
Europe (Paris) eu-west-3 iam.amazonaws.com HTTPS
Europe (Stockholm) eu-north-1 iam.amazonaws.com HTTPS
Middle East (Bahrain) me-south-1 iam.amazonaws.com HTTPS
South America (São Paulo) sa-east-1 iam.amazonaws.com HTTPS
AWS GovCloud (US-East) us-gov-east-1 iam.us-gov.amazonaws.com HTTPS
AWS GovCloud (US-West) us-gov-west-1

iam.us-gov.amazonaws.com

iam.us-gov.amazonaws.com

iam.us-gov.amazonaws.com

HTTPS

HTTPS

HTTPS

Service quotas

Name Default Adjustable
Access keys per user Each supported Region: 2 No
Customer managed policies per account Each supported Region: 1,500 Yes
Groups per account Each supported Region: 300 Yes
IAM groups per user Each supported Region: 10 No
Identity providers per IAM SAML provider object Each supported Region: 10 No
Instance profiles per account Each supported Region: 1,000 Yes
Keys per SAML provider Each supported Region: 10 No
MFA devices per user Each supported Region: 1 No
Managed policies per group Each supported Region: 10 No
Managed policies per role Each supported Region: 10 Yes
Managed policies per user Each supported Region: 10 Yes
Managed policy length Each supported Region: 6,144 No
OpenId connect providers per account Each supported Region: 100 No
Role trust policy length Each supported Region: 2,048 Yes
Roles per account Each supported Region: 1,000 Yes
SAML providers per account Each supported Region: 100 No
SSH Public keys per user Each supported Region: 5 No
Server certificates per account Each supported Region: 20 Yes
Signing certificates per user Each supported Region: 2 No
Tags per role Each supported Region: 50 No
Tags per user Each supported Region: 50 No
Users per account Each supported Region: 5,000 No
Versions per managed policy Each supported Region: 5 No

For more information about IAM quotas, see IAM and AWS STS quotas in the IAM User Guide.