Customizing Service Limits Best Practice ChecksEach AWS account has a default limit on the number of resources that can be deployed within each region. These limits can be anything from the number of EC2 instances you can launch, to DynamoDB read capacity units, to the number of server certificates you can store within IAM. Once any of those limits is reached, you have two options: remove an existing resource so you are not at your limit, or submit a limit increase to AWS Support. When creating a support case with AWS it can often take a day or two before the limit increase is granted. Because of this, you should closely monitor your deployment and request your increases prior to hitting any limits.
Best Practice ChecksCloudCheckr provides two Best Practice checks that allow you to monitor your AWS Service limits. You can find these checks under the Availability tab of the report:
- Services Nearing AWS Service Limits: Medium Importance
Alerts you when you have reached 90% of your limit for any resource. If you see a resource flagged in this check, take immediate action.
- Current AWS Service Limits: Informational
Tracks your resources against your service limits. It's recommended that you review the list of resources and limits in this check to see if you are nearing a limit.
Configure ChecksWhen CloudCheckr runs its Best Practice checks against your AWS account, it can only retrieve the default service and resource limits. This means that if you had AWS Support increase any of your limits, that new limit is not available to CloudCheckr.
35 | Limit: Unknown | Region: EU (Ireland)Because CloudCheckr can't retrieve your custom service limits from AWS, you can configure these checks to reflect the proper increased limits. To configure these checks, click the icon to the right of the check and enter your custom service limits in the text field.
Custom Limit Parameters
iam-groups-per-account:10000If you have more than one limit to configure, separate with a comma. Example:
On-Demand EC2 Instance Type LimitsIn addition to a general limit on the number of EC2 instances you can launch within a region, AWS places further limits around the types of On-Demand EC2 instances you can have deployed at any given time. You can also configure your CloudCheckr Service Limits Best Practice checks for these specialized cases. You will use the following parameter with additional data points:
ec2-instances-ondemand-per-regionYou will also need to add the region and instance type whose limit has been increased. You will separate these values with a colon. Examples: