AWS SandBox Playground
Get access to the cloud computing platform with one click
Launch now

What Is AWS (Amazon Web Services)?

AWS is the leading platform for cloud computing services. But what is cloud computing? Think of an app that lets people shop online: it needs a database to store user information, servers to process orders, and email services to notify users. AWS provides these resources and more.

Cloud Computing Explained

Cloud computing is like having your own datacenter in the cloud. You can add anything your app or website needs through AWS without worrying about the hardware. AWS manages the infrastructure, so you only focus on configuring and using the services.

KodeKloud AWS Playground

AWS offers a vast array of services which can be overwhelming for beginners. The KodeKloud AWS Playground provides a simplified learning environment where you can:

  • Experiment with AWS services hands-on
  • Learn by doing without creating an AWS account
  • Reset environment easily if mistakes are made

Supported AWS Regions

  • Region Code: us-east-1
  • Region Name: US East (N. Virginia)
  • Region Code: us-west-2
  • Region Name: US West (Oregon)

Compute Services

EC2 (Elastic Compute Cloud)
Allowed:
  • Instance Types:
    • t2.nano, t2.micro, t2.small
    • t3.nano, t3.micro, t3.small
    • t2.medium, t3.medium
  • Supported OS:-
    • RHEL, Amazon2, Windows, Ubuntu
View Limits
Launch now
AWS Lambda
Allowed:
  • Supported Languages:
    • All - Python, Java, NodeJs and more
  • Function Configuration:
    • Basic monitoring
    • Function URLs supported
    • Layer usage permitted
View Limits
Launch now
Elastic Beanstalk
Allowed:
  • Environments:
    • Web server supported
    • Worker supported
  • Platform:
    • Latest versions only
View Limits
Launch now
Image Builder
Allowed:
  • Valid schedules: "rate(1 day)" or "cron" with a daily frequency.
  • Allowed Instance Types:
    • t3.micro
    • t3.small
    • t3.medium
    • t4g.micro
    • t4g.small
    • t4g.medium
  • Components:
    • Basic build components
    • Standard OS support
  • Pipeline:
    • Basic build pipeline
    • Standard distribution
View Limits
Launch now
EC2 Instance Connect
Allowed:

Basic operations are supported.

Container Services

ECS (Elastic Container Service)
Allowed:
  • Basic operations are supported.
View Limits
Launch now
EKS (Elastic Kubernetes Service)
Allowed:
  • Basic operations are supported.
Limits
  • Pod Resource Limits
    • Maximum CPU per Pod: 256 millicores
    • Maximum Memory per Pod: 512 MiB
  • Pod Count per Namespace
    • Maximum Pods per Namespace: 3 pods
  • Cluster Resource Caps
    • Cumulative CPU Cap per Cluster: 2000 millicores
    • Cumulative Memory Cap per Cluster: 4096 MiB
  • Fargate Profiles
    • Maximum Fargate Profiles per Cluster: 3 profiles
  • Account-Level Resource Caps
    • Maximum Account-Wide CPU Cap: 6000 millicores (6 CPUs)
    • Maximum Account-Wide Memory Cap: 12288 MiB (12 GiB)
View LimitsHide Limits
Launch now
ECR/ECR Public
Allowed:

Basic operations are supported.

  • Repository Features:
    • Basic operations
    • Scanning enabled
    • Lifecycle policies
  • Access:
    • Standard authentication
    • Public repository support

Storage Services

S3 (Simple Storage Service)
Allowed:

Basic operations are supported.

  • Operations:
    • Standard bucket operations
    • Object management
    • Basic lifecycle rules
Limits
  • No compliance mode locks
  • Limited bucket policies
  • Standard encryption required
View LimitsHide Limits
Launch now
EBS (Elastic Block Storage)
Allowed:
  • Operations:
    • Basic snapshot management
    • Standard volume operations
    • Encryption supported
Resource Limits
  • Volume Types:
    • GP2/GP3 only
    • Max 30 GB per volume
View LimitsHide Limits
Launch now
EFS(Elastic File System)
Allowed:

Basic operations are supported.

  • Performance:
    • General Purpose only
    • Transition to IA after one day
    • Bursting throughput only
    • Standard IOPS limits
  • Features:
    • Lifecycle management
    • Basic access points
    • Standard encryption
Resource Limits
  • File Systems:
    • Max 2 per account
    • Max 5 GB per system
    • Growth: 1 GB/hour max
View LimitsHide Limits
Launch now

Database Services

RDS (Relational Database Service)
Allowed:
  • Instance Classes allowed:
    • *.micro, *.small, *.medium
  • Instance Types not allowed :-
    • db.t2.small, db.t3.small, db.t4g.small, db.t2.nano, db.t3.nano, db.t4g.nano, db.t2.micro, db.t3.micro, db.t4g.micro, db.t2.medium, db.t3.medium, and db.t4g.medium
  • Engines:
    • MariaDB, MySQL
    • PostgreSQL
    • Oracle SE
    • SQL Server SE
    • Aurora MySQL/PostgreSQL
  • Specificities:
    • Creating roles, attaching policies and passing roles specific to rds-monitoring-role, rds-proxy-role-* and  kk-rds-role
    • Creating policies that include rds-proxy or kk-rds-policy.
Resource Limits
  • Storage:
    • Max 30 GB
    • Standard IOPS only
  • No Provisioned IOPS for RDS Storage
View LimitsHide Limits
Launch now
DynamoDB
Allowed:
  • Capacity:
    • Provisioned Throughput
      • Read Capacity Units (RCU): 1
      • Write Capacity Units (WCU): 1
  • Table Class:
    • PAY_PER_REQUEST (On-Demand)
  • Features:
    • PartiQL supported
    • Point-in-time recovery
    • Basic backup features
Limits
  • No global tables
View LimitsHide Limits
Launch now
RDS Data API
Allowed:

Basic operations are supported.

Data Services

Athena
Allowed:

Workgroup Count:

  • Maximum 3 custom workgroups (excluding "primary")

Named Queries:

  • Maximum 5 named queries per account.

Query execution

  • Data Scanned cutoff is 1 GB (1073741824 bytes)

Long-running Query

  • Maximum execution time is 1 minute.

Output Configuration:

  • Output must use SSE-S3 encryption.

Query Results Retention:

  • Maximum retention time for S3 query results: 12 hours.
Redshift
Allowed:

Cluster Count:

  • Maximum: 1 cluster per account.

Node Count:

  • Maximum: 1 node per cluster.

Instance Types:

  • Allowed: dc2.large only.
Limits
  • Storage Capacity:
    • Minimum: 10 GB.
    • Maximum: 10 GB.
View LimitsHide Limits
Launch now
AWS Glue
Allowed:

Crawler Timeout

  • Maximum crawl time per crawler: 600 seconds

Maximum Table Count

  • Each database has a maximum allowed table count: 100
Target Limits
  • S3 Targets:
    • Maximum: 3
    • Sample size limit per target: 1000
  • JDBC Targets:
    • Maximum: 2
  • DynamoDB Targets:
    • Maximum: 3
  • Catalog Targets:
    • Maximum: 1
    • Maximum tables per catalog target: 2
  • Concurrent Limits
    • Jobs:
      • Maximum concurrent Glue jobs: 2
    • Crawlers:
      • Maximum concurrent Glue crawlers: 1
  • Job Limits
    • DPU Limit : 2
    • Job timeout: 300 Seconds
View LimitsHide Limits
Launch now
AWS EMR
Allowed:

Cluster Count

  • Maximum 1 cluster per account.

Node Count per Cluster

  • Maximum 1 node per cluster.

Allowed instance types

  • m5.xlarge
  • c1.medium

EBS Storage

  • Maximum 15 GB total EBS storage per cluster.

Developer Tools

CodeBuild
Allowed:

Compute:

  • Allowed Compute Types :
    • BUILD_GENERAL1_SMALL
    • BUILD_GENERAL2_SMALL
  • Allowed Compute Images:
    • aws/codebuild/amazonlinux2-x86_64-standard:3.0
    • aws/codebuild/amazonlinux2-x86_64-standard:4.0
  • Standard environments
  • Features:
    • Basic caching
    • Standard reports
    • VPC support
CodeDeploy
Allowed:
  • Allowed instance types:
    • t2.micro
    • t3.micro
    • t3.nano
  • EC2/On-premises
  • Basic configurations
  • Standard groups
  • Features:
    • Rolling updates
    • Basic rollbacks
    • Standard hooks
CodePipeline
Allowed:

Allowed instance types:

  • t3.micro
  • t3.small
  • t3.medium
CodeCommit
Allowed:

Basic operations are supported.

CodeStar
Allowed:

Basic operations are supported.

CodeArtifact
Allowed:

Basic operations are supported.

CloudShell
Allowed:

Basic operations are supported.

Monitoring & Management

CloudWatch
Allowed:
  • Metrics:
    • Standard collection
    • Custom metrics
    • Basic dashboards
  • Logs:
    • Log groups
    • Basic retention
    • Standard queries
  • Features:
    • Basic alarms
    • Standard actions
    • Log insights
CloudTrail
Allowed:
  • Trails:
    • Basic logging
    • Standard events
    • Organization trails
  • Features:
    • Log validation
    • Basic insights
    • Standard retention
Limits

Deletion Of CloudTrail Logs Not Allowed

View LimitsHide Limits
Launch now
AWS Config
Allowed:
  • Standard remediation
  • Recording:
    • Resource tracking
    • Basic history
    • Configuration snapshots
Limits
  • Maximum of 50 AWS Config rules per account.
  • Maximum of 1 active configuration recorder per account.
  • Delivery channels should only exist for active configuration recorders.
View LimitsHide Limits
Launch now
AWS Inspector
Allowed:
  • Inspector Findings
  • Inspector Classic - Active Assessment Runs
Limits
  • Maximum of 5 active assessment runs
  • Maximum of 100 findings.
View LimitsHide Limits
Launch now
CloudWatch RUM
Allowed:

Basic operations are supported.

Application Insights
Allowed:

Basic operations are supported.

CloudWatch Synthetics
Allowed:

Basic operations are supported.

CloudWatch Logs
Allowed:

Basic operations are supported.

Systems Manager (SSM)
Allowed:

Basic operations are supported.

X-Ray
Allowed:

Basic operations are supported.

Networking & Content Delivery

API Gateway
Allowed:
  • API Types:
    • REST APIs
    • HTTP APIs
    • WebSocket APIs
  • Features:
    • Basic throttling
    • Standard authorizers
    • Basic caching
    • VPC links
  • Security:
    • WAF integration
    • Standard encryption
    • Basic authentication
Route 53
Allowed:
  • Basic operations are supported.
Limits
  • Route 53 Resolver Firewall Rules Not Allowed
View LimitsHide Limits
Launch now
WAF and Shield
Allowed:
  • Rule Groups:
    • Custom rule groups supported
  • Protection Types:
    • SQL injection
    • Cross-site scripting
    • Rate limiting
    • Geo blocks
  • Integration:
    • ALB integration
    • CloudFront integration
    • API Gateway integration
CloudFront
Allowed:

Basic operations are supported.

Elastic Load Balancing
Allowed:

Basic operations are supported.

Service Discovery
Allowed:

Basic operations are supported.

Internet Monitor
Allowed:

Basic operations are supported.

Application Integration

Step Functions
Allowed:
  • All state machines must have logging enabled.
  • Activities must be associated with an active state machine or execution.
  • State Machines:
    • Standard workflows
    • Express workflows
  • Features:
    • Basic states
    • Standard transitions
    • Error handling
Kinesis
Allowed:
  • Basic operations are supported.
Limits
  • Data Streams:
    • Mode: Must be in PROVISIONED mode.
    • Shard Count: Limited to 1 shard per stream.
    • Retention Period: Maximum of 24 hours.
    • Stream Count: Maximum of 2 streams per account.
    • Data Throughput: Alerts generated for streams with more than 1 MB/s incoming data.
  • Firehose:
    • Delivery Systems: Maximum of 2 delivery streams per account.
    • Buffer Size and Interval: Maximum 5 MB buffer size, minimum 60 seconds interval.
    • Data Throughput: Alerts generated for streams with more than 1 MB/s.
  • Analytics:
    • SQL-based applications.
    • Basic Processing
View LimitsHide Limits
Launch now
EventBridge
Allowed:

Basic operations are supported.

SNS (Simple Notification Service)
Allowed:

Basic operations are supported.

SQS (Simple Queue Service)
Allowed:

Basic operations are supported.

Appmesh
Allowed:

Basic operations are supported.

AppSync
Allowed:

Basic operations are supported.

Apprunner
Allowed:

Basic operations are supported.

Security & Identity

Cognito
Allowed:
  • User Pools:
    • MFA required
    • Password must meet the following requirements:
      • Minimum length: 12 characters
      • Require uppercase letters
      • Require lowercase letters
      • Require numbers
      • Require symbols
    • Advanced security features
      • The AdvancedSecurityMode must be set to "ENABLED" in the UserPoolAddOns configuration.
      • User enumeration prevention must be enabled to prevent exposing valid user accounts during login attempts.
  • Identity Pools:
    • Ensure at least one identity provider (IdP) is configured for secure user authentication.
    • Unauthenticated access must be disabled for all resources.
    • IAM roles assigned to users must not have overly permissive policies.
Key Management Service
Allowed:

Basic operations are supported.

AWS Certificate Manager
Allowed:

Basic operations are supported.

Additional Tools / Services

Application Auto Scaling
Allowed:
  • Targets:
    • ECS services
    • DynamoDB tables
    • Aurora replicas
  • Policies:
    • Target tracking
    • Step scaling
    • Scheduled scaling
Auto Scaling
Allowed:
  • Groups:
    • EC2 instance limits apply
  • Policies:
    • Basic scaling rules
    • Standard metrics
    • Standard cooldown
Limits
  • Denies Auto Scaling actions involving large instance types:-
    • Instances ending in *large and *metal.
    • Specific medium instance families like a*medium, c*medium, i*medium, m*medium, r*medium, x*medium, and t3a.medium."
View LimitsHide Limits
Launch now
Secrets Manager
Allowed:
  • Secret Types:
    • Database credentials
    • API keys
    • OAuth tokens
  • Rotation:
    • Automatic rotation supported
    • Built-in RDS rotation
    • Custom Lambda rotation
CloudFormation
Allowed:

Basic operations are supported.

CloudWatch Evidently
Allowed:

Basic operations are supported.

Tag Editor
Allowed:

Basic operations are supported.

AWS Management Console
Allowed:

Basic operations are supported.

AWS Evidently
Allowed:

Basic operations are supported.

AWS Cloud Development Kit
Allowed:

Basic operations are supported.

SSM Messages
Allowed:

Basic operations are supported.

SAM
Allowed:

Basic operations are supported.

ACM Private Certificate Authority
Allowed:

Basic operations are supported.

Quick Start Guide

For a smooth experience, please read the guide below and pay attention to the highlighted text.

EC2 Instances (Virtual Machines / Servers)

EC2 instances are virtual servers. They are elastic, meaning they can easily scale up or down.

  • Use nano, micro, small, or medium sizes for t1, t2, and t3 instances.
  • Use gp2 (General Purpose) volumes with a maximum storage size of 30GB.
  • Maximum of 3 stopped instances. If exceeded, all are terminated.
  • EC2 instances stop behavior is set to "terminate."
  • Total number of EC2 instances is limited to 5.
  • Ensure a default VPC exists, creating one if necessary.

S3 - Object Storage

S3 buckets store files for easy upload and download.

  • Bucket names must be unique. Add random numbers to ensure uniqueness.

RDS - Relational Database Service

RDS supports MySQL, MariaDB, PostgreSQL, Oracle, Microsoft SQL Server, and Amazon Aurora.

  • Use the Free tier for MySQL, MariaDB, and PostgreSQL.
  • For other engines, use a Single DB Instance, Burstable Class, micro or small instance, and General Purpose SSD (gp2).

EKS - Elastic Kubernetes Service

EKS quickly sets up a Kubernetes cluster.

  • Cluster service role name: eksClusterRole
  • CloudFormation stack name: eks-cluster-stack
  • Limit of 3 EC2 nodes per node group.
  • Allowed EC2 instance types: t2.micro, t2.nano, t2.small, t2.medium, t3.micro, t3.nano, t3.small, t3.medium.
  • Limit of 3 Fargate profiles per cluster.

ECR - Elastic Container Registry

Create and manage container repositories, similar to Docker Hub.

Lambda - Serverless Computing

Run code without managing servers.

  • Memory size is limited to 256 MB, and timeout to 10 seconds. Violations are updated to 128 MB and 3 seconds.
  • If a function is invoked over 300 times in the last hour, it is deleted.

CodePipeline - CI/CD Service

Automates build, test, and deploy phases.

  • Compute types limited to t3.micro, t3.small, t3.medium. Violations updated to t3.micro.

CodeDeploy - Deployment Service

Automates application releases.

  • Allowed EC2 instance types: t2.micro, t3.micro, t3.nano. Violations updated to t2.micro.

CodeBuild - Build Service

Compiles source code, runs tests, and produces packages.

  • Allowed compute types: BUILD_GENERAL1_SMALL, BUILD_GENERAL2_SMALL.
  • Violations updated to BUILD_GENERAL1_SMALL.

ECS - Elastic Container Service

Manages containerized applications.

  • Limit of 3 container instances (EC2) per cluster. Violations result in cluster deletion.
  • Allowed EC2 instance types same as EKS.
  • Limit of 3 Fargate tasks per cluster.

DynamoDB - NoSQL Database Service

Provides fast, scalable NoSQL databases.

  • Provisioned throughput set to 1 read and 1 write capacity unit.
  • Billing mode set to "PAY_PER_REQUEST."