Binary Authorization also enforces the following limits:
Limit
Value
Number of attestor resources per project
200
Number of attestor references per Policy
200
Number of keys per attestor
1000
Number of Binary Authorization platform policy bindings per cluster
10
Number of attestation projects allowed per check
10
Quota increases
If you would like to increase any of the limits, we might
like to understand more about your needs. You can submit a Binary Authorization quota request for your project
in the
Google Cloud console.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-04 UTC."],[[["Binary Authorization imposes rate limits on various request types, such as 100 read requests, 20 update/delete requests, and 10 create requests per user-project-minute."],["AdmissionReview requests, which occur whenever a Pod is created or updated in GKE, are limited to 500 per user-project-minute, and each pod triggers an Admission Review."],["There are resource limits, including a maximum of 200 attestor resources per project, 200 attestor references per Policy, and 1000 keys per attestor."],["Binary Authorization platform policy bindings per cluster are limited to 10, while the number of attestation projects allowed per check is also limited to 10."],["Quota increase requests for Binary Authorization can be submitted through the Google Cloud console, to have the project needs reviewed."]]],[]]
