Understanding the limits on Azure Key Vault

When you are designing the architecture for your application on Azure, I always revisit the Azure Subscription Service Limits to see if all the requirements are not over the Azure Limits.

Although, this time after evaluating and discussing with the team the Key Vault Limits, to be more precise the number key transactions that application is allowing to use regarding each type of key, I have to say that was a bit confusing.

So, this are the Key Vault limits that Azure have at the present moment:

After reading sometimes, and clarify within the team, I finally got it. Each number of transactions is for a period of 10 seconds.

What is that means?

Lets take the example of RSA-HSM-4k, in a 10 secs interval you are allow only 125 transactions. On the 126th transaction on the same 10 sec period, you will get a Key Vault exception. But this counter it will reset every 10 secs of the first transaction. All those limits are per region. In this case if you need more than what is set as a limit, it’s recommended that you deploy your application and your Key Vault key in different regions, so you can have load balance and not cause any error on your application with an Key Vault exception.


Marcos Nogueira
Azure MVP

Twitter: @mdnoga

Marcos Nogueira

With more than 18 years experience in Datacenter Architectures, Marcos Nogueira is currently working as a Principal Cloud Solution Architect. He is an expert in Private and Hybrid Cloud, with a focus on Microsoft Azure, Virtualization and System Center. He has worked in several industries, including Aerospace, Transportation, Energy, Manufacturing, Financial Services, Government, Health Care, Telecoms, IT Services, and Gas & Oil in different countries and continents. Marcos was a Canadian MVP in System Center Cloud & Datacenter Managenment and he has +14 years as Microsoft Certified, with more than 100+ certifications (MCT, MCSE, and MCITP, among others). Marcos is also certified in VMware, CompTIA and ITIL v3. He assisted Microsoft in the development of workshops and special events on Private & Hybrid Cloud, Azure, System Center, Windows Server, Hyper-V and as a speaker at several Microsoft TechEd/Ignite and communities events around the world.

Leave a Reply

Your email address will not be published. Required fields are marked *