Numbers to remember for AWS CP test

The numbers presented below are all the “default maximum” unless otherwise noted. Some limits can be increased on demand.

3008

• [The maximum memory allocation for a single Lambda function: 3,008 MB(hard limit)]

1000

• [Maximum concurrent Lambda function execution: 1000 (soft limit)]

250

• [Maximum deployment package size of a Lambda function: 250MB unzipped, including layers]

200

• 200 Subnets per VPC
• 200 Network ACLs per VPC You can associate one network ACL to one or more subnets in a VPC.
• 200 Route tables per VPC The main route table counts toward this quota.

60

• You can have 60 inbound and 60 outbound rules per security group (making a total of 120 rules).

50

• 50 routes per route table (non-propagated routes)

40

• Maximum size of an individual S3 Glacier Archive is 40 TB

35

• Retention period for Amazon RDS automated backups can be between 0 and 35 days. Setting the backup retention period to 0 disables automated backups

20

• Number of open invitations you can add in a 24-hour period in AWS Organizations
• default maximum 20 Rules per network ACL This is the one-way quota for a single network ACL, where the quota for ingress rules is 20, and the quota for egress rules is 20. This quota includes both IPv4 and IPv6 rules, and includes the default deny rules (rule number 32767 for IPv4 and 32768 for IPv6, or an asterisk * in the Amazon VPC console).

15

• Lambda function maximum timeout: 15minutes(hard limit)

25

• [Objects stored in Amazon S3 Glacier Deep Archive can be restored within 12 hours] (https://aws.amazon.com/blogs/aws/new-amazon-s3-storage-class-glacier-deep-archive/)

10

• AWS Direct Connect provides 1 Gbps and 10 Gbps connections

7

• All AWS customers get access to the 7 core Trusted Advisor checks to help increase the security and performance of the AWS environment, in 2 of the 5 aspects: security and service limits

5

• For Business/Enterprise support, AWS Trusted Advisor analyzes your AWS environment and provides best practice recommendations in 5 categories: security, service limits, cost optimization, performance, fault tolerance
• Default maximum Elastic IP addresses per region per AWS account
• Maximum number of Security Group per instance
• By default, Amazon EC2 provides Basic Monitoring, which sends metric data to CloudWatch in 5-minute periods.. To get metric data every 1 minute, pay for Detailed Monitoring.
• Number of member accounts you can create concurrently with AWS Organizations
• By default, maximum 5 VPCs per region per account
• 5 Internet gateways per Region This quota is directly correlated with the quota on VPCs per Region. To increase this quota, increase the quota on VPCs per Region. Only one internet gateway can be attached to a VPC at a time.
• 5 NAT gateways per Availability Zone A NAT gateway in the pending, active, or deleting state counts against your quota.
• Maximum item(individual object) size in Amazon S3 is 5TB

5-12

• Bulk retrievals are S3 Glacier’s lowest-cost retrieval option, which you can use to retrieve large amounts, even petabytes, of data inexpensively in a day. Bulk retrievals typically complete within 5–12 hours.

3-5

• Standard retrievals of Glacier archive typically complete within 3–5 hours.

3

• Amazon CloudWatch – Basic Monitoring for EC2 at No Charge monitors three metrics: CPU load, disk I/O, and network I/O
• A CloudWatch Alarm is always in one of 3 states: OK, ALARM, or INSUFFICIENT_DATA
• EC2 Reserved Instances: 1yr or 3yr terms
• With Amazon S3 Glacier Deep Archive storage class, data is stored across 3 or more AWS Availability Zones
• 3 CloudWatch metric alarm states: OK, ALARM, INSUFFICIENT_DATA
• Amazon DynamoDB synchronously replicates data across 3 facilitates in an AWS Region

2

• In most cases, each region has at least 2 Availability Zones.

1

• EC2 Scheduled Reserved Instances: 1yr term: Scheduled Reserved Instances (Scheduled Instances) enable you to purchase capacity reservations that recur on a daily, weekly, or monthly basis, with a specified start time and duration, for a one-year term.
• You can only have 1 Internet Gateway per VPC
• Each S3 Glacier vault can have one vault access policy and one vault lock policy that is attached to it.
• Amazon EBS volumes have built-in redundancy within 1 Availability Zone - it is automatically replicated within its Availability Zone to prevent data loss due to failure of any single hardware component.