Quotas and limits

This page lists the quotas and limits that apply to Certificate Authority Service.

Resource limits

CA Service enforces the following usage limits:

Resource limit Unit Value
Pending CAs per Location per Project 100
CAs with service-managed resources per Project 1024

A pending Certificate Authority (CA) is a subordinate CA that has been created but not yet activated, and is thus in the PENDING_ACTIVATION state.

Request quotas

The following request quotas apply to CA Service requests:

Request Unit Maximum requests per second
CreateCertificate (Enterprise tier) per Certificate Authority 7*
CreateCertificate (DevOps tier) per Certificate Authority 25*
CreateCertificateAuthority per Location per Project 10*
ListCertificates per Location per Project 10*
All other mutation requests per Location per Project 40*
All requests per Location per Project 400*

* Even if you have available quota, other factors can result in reduced throughput.

Quota increases

If you want to increase any of your quotas for CA Service, you can use the Google Cloud Console to request a quota increase. For details, see Requesting higher quota.