Quick Start Guide
For a smooth experience, please read the guide below and pay attention to the highlighted text.
Quick note on IAM roles
EC2LabRole supports both PutRolePolicy and PassRole permissions.
SecretsManagerRDSMySQLRot-* too could be utilised for RDS-specific scenarios
EC2 Instances (Virtual Machines / Servers)
EC2 instances are virtual servers. They are elastic, meaning they can easily scale up or down.
- Use nano, micro, small, or medium sizes for t1, t2, and t3 instances.
- Use gp2 (General Purpose) volumes with a maximum storage size of 30GB.
- Maximum of 3 stopped instances. If exceeded, all are terminated.
- EC2 instances stop behavior is set to "terminate."
- Total number of EC2 instances is limited to 5.
- Ensure a default VPC exists, creating one if necessary.
S3 - Object Storage
S3 buckets store files for easy upload and download.
- Bucket names must be unique. Add random numbers to ensure uniqueness.
RDS - Relational Database Service
RDS supports MySQL, MariaDB, PostgreSQL, Oracle, Microsoft SQL Server, and Amazon Aurora.
- Use the Free tier for MySQL, MariaDB, and PostgreSQL.
- For other engines, use a Single DB Instance, Burstable Class, micro or small instance, and General Purpose SSD (gp2).
EKS - Elastic Kubernetes Service
EKS quickly sets up a Kubernetes cluster.
- Cluster service role name: eksClusterRole
- CloudFormation stack name: eks-cluster-stack
- Limit of 3 EC2 nodes per node group.
- Allowed EC2 instance types: t2.micro, t2.nano, t2.small, t2.medium, t3.micro, t3.nano, t3.small, t3.medium.
- Limit of 3 Fargate profiles per cluster.
ECR - Elastic Container Registry
Create and manage container repositories, similar to Docker Hub.
Lambda - Serverless Computing
Run code without managing servers.
- Memory size is limited to 256 MB, and timeout to 10 seconds. Violations are updated to 128 MB and 3 seconds.
- If a function is invoked over 300 times in the last hour, it is deleted.
CodePipeline - CI/CD Service
Automates build, test, and deploy phases.
- Compute types limited to t3.micro, t3.small, t3.medium. Violations updated to t3.micro.
CodeDeploy - Deployment Service
Automates application releases.
- Allowed EC2 instance types: t2.micro, t3.micro, t3.nano. Violations updated to t2.micro.
ECS - Elastic Container Service
Manages containerized applications.
- Limit of 3 container instances (EC2) per cluster. Violations result in cluster deletion.
- Allowed EC2 instance types same as EKS.
- Limit of 3 Fargate tasks per cluster.
DynamoDB - NoSQL Database Service
Provides fast, scalable NoSQL databases.
- Provisioned throughput set to 1 read and 1 write capacity unit.
- Billing mode set to "PAY_PER_REQUEST."
Restrictions
- CodeBuild Projects -> Project Creation/ Updation denied for compute types other than these
"BUILD_GENERAL1_SMALL", "BUILD_LAMBDA_1GB", "BUILD_LAMBDA_2GB"
| Restriction |
Threshold |
Action on Violation |
| Allowed Compute Types |
BUILD_GENERAL1_SMALL, BUILD_LAMBDA_1GB, BUILD_LAMBDA_2GB |
Delete non-compliant projects |
| Max Projects Per Account |
5 |
Delete oldest projects (by creation time) |
| Max Total Memory |
20 GB (across all projects) |
Delete projects with largest compute first |
| Max Total vCPU |
10 vCPU (across all projects) |
Delete projects with largest compute first |
| Max Build Duration |
10 minutes |
Stop builds, delete project |
| Max Concurrent Builds (account-wide) |
2 |
Stop oldest builds, delete those projects |
| Restriction |
Threshold |
Action on Violation |
| Max Execution Time |
15 minutes |
Stop execution |
| Max Concurrent Executions (account-wide) |
2 |
Stop oldest executions, delete pipelines |
| Max Executions Per Hour (per pipeline) |
5 |
Stop all executions, delete pipeline |
| Max Pipelines Per Account |
3 |
Delete oldest pipelines (by update time) |
.svg)
.svg)
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
