This document lists the quotas and system limits that apply to Artifact Registry.
- Quotas specify the amount of a countable, shared resource that you can use. Quotas are defined by Trusted Cloud by S3NS services such as Artifact Registry.
- System limits are fixed values that cannot be changed.
Trusted Cloud by S3NS uses quotas to help ensure fairness and reduce spikes in resource use and availability. A quota restricts how much of a Trusted Cloud resource your Trusted Cloud project can use. Quotas apply to a range of resource types, including hardware, software, and network components. For example, quotas can restrict the number of API calls to a service, the number of load balancers used concurrently by your project, or the number of projects that you can create. Quotas protect the community of Trusted Cloud users by preventing the overloading of services. Quotas also help you to manage your own Trusted Cloud resources.
The Cloud Quotas system does the following:
- Monitors your consumption of Trusted Cloud products and services
- Restricts your consumption of those resources
- Provides a way to request changes to the quota value and automate quota adjustments
In most cases, when you attempt to consume more of a resource than its quota allows, the system blocks access to the resource, and the task that you're trying to perform fails.
Quotas generally apply at the Trusted Cloud project level. Your use of a resource in one project doesn't affect your available quota in another project. Within a Trusted Cloud project, quotas are shared across all applications and IP addresses.
There are also system limits on Artifact Registry resources. System limits can't be changed.
Artifact Registry limits the maximum rate of incoming requests and enforces quotas on a per-project and per-user basis.
For more information about quota policies, viewing your quotas, and managing your quotas, see the Cloud Quotas documentation.
Go to the API dashboard for your current API activity.
Quotas
Artifact Registry enforces the following quotas.
Per-project request quota
| Quota | Value | Additional information |
|---|---|---|
| Requests per minute | 60,000 | |
| Write requests per minute | 18,000 | In most cases, a single HTTP request or API call counts as a single request. However, some operations count as multiple requests. For example, a batch request like `ImportAptArtifacts` might charge quota for each item in the batch. A Docker pull or push usually makes multiple HTTP requests, so quota is charged for each request. |
| Delete requests per minute | 18,000 |
Per-user request quota
By default, projects have unlimited per-user quotas. You can optionally cap these per-user quotas within a project. A per-user quota applies per authenticated user or per client IP address for unauthenticated requests to a public repository.
Cloud KMS quotas and Artifact Registry
When you use CMEK in Artifact Registry, your projects can consume Cloud KMS cryptographic requests quotas. For example, CMEK-encrypted repositories can consume these quotas for each upload or download. Encryption and decryption operations using CMEK keys affect Cloud KMS quotas only if you use external (Cloud EKM) keys. Confirm that you have enough quota to enable application-layer secrets encryption for your applications and workflows. For more information, see Cloud KMS quotas.
Usage Limits
Artifact Registry enforces the following usage limits.
| Usage limit | Value |
|---|---|
| Repository creation and deletion operations, per minute | 30 |
Limit for listing artifacts in a repository
Format-specific API requests to all formats are limited to 10,000. For example, the Docker Registry API method to list container images returns an incomplete list if a repository has more than 10,000 images or tags.
The limitation does not apply to the gcloud artifacts docker images list command or Artifact Registry API requests.
Request a quota increase
To adjust most quotas, use the Trusted Cloud console. For more information, see Request a quota adjustment.