Quotas and limits

This document lists the quotas and limits that apply to Artifact Registry.

A quota restricts how much of a shared Google Cloud resource your Google Cloud project can use, including hardware, software, and network components. Therefore, quotas are a part of a system that does the following:

  • Monitors your use or consumption of Google Cloud products and services.
  • Restricts your consumption of those resources for reasons, which include ensuring fairness and reducing spikes in usage.
  • Maintains configurations that automatically enforce prescribed restrictions.
  • Provides a means to request or make changes to the quota.

In most cases, when a quota is exceeded, the system immediately blocks access to the relevant Google resource, and the task that you're trying to perform fails. In most cases, quotas apply to each Google Cloud project and are shared across all applications and IP addresses that use that Google Cloud project.

There are also limits on Artifact Registry resources. These limits are unrelated to the quota system. Limits cannot be changed unless otherwise stated.

Artifact Registry limits the maximum rate of incoming requests and enforces quotas on a per-project and per-user basis.

See Working with quotas for information on quota policies, viewing your quota, and managing your quota.

Go to the API dashboard for your current API activity.

Quotas

Artifact Registry enforces the following quotas.

Per-project request quota

Quota Value Additional information
Requests per minute in each region or multi-region 60,000
Write requests per minute in each region or multi-region 18,000 In most cases, a single HTTP request or API call counts as a single request. However, some operations count as multiple requests. For example, a batch request like `ImportAptArtifacts` might charge quota for each item in the batch. A Docker pull or push usually makes multiple HTTP requests, so quota is charged for each request.
Delete requests per minute in each region or multi-region 18,000 Deletions requested by cleanup policies count towards the delete requests quota and deletions per day, per repository limit.

Per-user request quota

By default, projects have unlimited per-user quota. You can optionally cap per-user quota within a project. Per-user quota applies per authenticated user or per client IP address for unauthenticated requests to a public repository.

Cloud KMS quotas and Artifact Registry

When you use CMEK in Artifact Registry, your projects can consume Cloud KMS cryptographic requests quotas. For example, CMEK-encrypted repositories can consume these quotas for each upload or download. Encryption and decryption operations using CMEK keys affect Cloud KMS quotas only if you use hardware (Cloud HSM) or external (Cloud EKM) keys. Confirm that you have enough quota to enable application-layer secrets encryption for your applications and workflows. For more information, see Cloud KMS quotas.

Artifact Analysis quotas

See Artifact Analysis quotas and limits for information on scanning usage policies.

Public upstream quotas

If you use remote repositories to cache public upstream repositories, you might be subject to the upstream repositories' read and write quotas.

Usage Limits

Artifact Registry enforces the following usage limits.

Usage limit Value
Cleanup policy deletions per repository, per day 300,000
Cleanup policies per repository 10
Max data retrieval per request 9.9 GB
Max upstream policies for virtual repositories 30
Max number of upstream resolutions per request for virtual repositories 60
Repository creation and deletion operations, per region, per minute 30

Remote Repository Limits

When you request an artifact from your remote repository, and the artifact hasn't already been cached in your remote, the artifact is requested from the upstream repository, and then stored in your remote repository. Requests to upstream hosts count against your organization’s upstream host read request limit, and caching the artifact in your remote repository uses your project’s write and request quotas. Once the artifact has been cached to your remote, requests for that artifact only count against your project's request quota.

Artifact Registry enforces the following usage limits for remote repositories.

Limit Public upstream Value
Public upstream host reads per organization, per region, per minute Default 600
Docker Hub 600
Maven Central 3000
NpmJS 1800
PyPI 1200

Limit for listing container images in a repository

The Docker Registry API method to list container images returns an incomplete list if a repository has more than 10,000 images or tags. This limitation applies to Docker clients that use the Docker Registry API to interact with registries. The limitation does not apply to the gcloud artifacts docker images list command or Artifact Registry API requests.

Request a quota increase

To increase or decrease most quotas, use the Google Cloud console. For more information, see Request a higher quota.