Monitor Service Limits to ensure that the allocation of resources in your AWS account is not reaching the limit set by Amazon in order to avoid resource starvation. Cloud Conformity make use of Amazon Trusted Advisor API to constantly check your account for service limits across multiple AWS products.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Service Limits checks can help you avoid resource starvation within you AWS environment, allowing you to expand fast your AWS infrastructure.
The following table shows the service limits supported by AWS Trusted Advisor:
|AWS Elastic Block Store (EBS)||Active volumes
General Purpose (SSD) volume storage (GiB)
Provisioned IOPS (SSD) volume storage (GiB)
Magnetic volume storage (GiB)
|AWS Relational Database Service (RDS)||Clusters
Cluster parameter groups
DB parameter groups
DB security groups
DB snapshots per user
Max auths per security group
Read replicas per master
Storage quota (GiB)
Subnets per subnet group
|AWS Simple Email Service (SES)||Daily sending quota|
|AWS Virtual Private Cloud (VPC)||Elastic IP addresses (EIPs)
|Auto Scaling||Auto Scaling groups
|Elastic Load Balancing (ELB)||Active load balancers|
|Identity and Access Management (IAM)||Groups
Note 1: As example, this conformity rule will demonstrate how to audit and remediate an EC2 Elastic IP address (EIP) service limit detected using Amazon Trusted Advisor.
Note 2: You can change the severity level (Very High, High, Medium, Low) for this rule on the Cloud Conformity dashboard.
To check AWS Service Limits with Amazon Trusted Advisor, perform the following:
To request an increase for the VPC Elastic IP (EIP) limit, you need to perform the following actions:Note: Requesting to increase the limit for the number of Elastic IPs per region using the AWS API via Command Line Interface (CLI) is not currently supported.