Following Service Limits Best Practices

Lab Steps

Logging in to the Amazon Web Services Console
Understanding AWS Trusted Advisor
Following Security Group Best Practices
Following Identity and Access Management Best Practices
Enabling Multi-Factor Authentication on Your AWS Account
Following Snapshot Best Practices
Following Service Limits Best Practices
Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.


Trusted Advisor includes Service Limits checks in its free tier. The checks inspect multiple services across AWS regions and identify services that are within 80% of the maximum allowed value for your AWS account. These checks help mitigate the problem of not being able to create resources when you need them because you are at the service limit. Trusted Advisor lets you be proactive about capacity planning.

You will learn more about the checks and follow Trusted Advisor's recommendation in this lab step.



1. Navigate to Recommendations > Service Limits in Trusted Advisor.

Any checks with recommendations are listed at the top:


If you see the following icon next to a check then the check hasn't been refreshed recently:



2. At the top, click Refresh all checks:


You will now see a warning icon next to VPC Internet Gateways:


In this lab, four internet gateways have been created during the lab setup.


3. Click the black triangle next to VPC Internet Gateways and scroll down to the table:


The table breaks the service limits down by RegionLimit Amount, and Current Usage. You can see the cross-region nature of Trusted Advisor by observing the Region column.


4. Take a moment to observe the other service limits that are checked.


5. Locate the service limit that Trusted Advisor recommends investigation of in the VPC Internet Gateway table:


It is the us-west-2 Internet gateways service limit. Your account is using 80% of the limit, so Trusted Advisor recommends investigation. You can either free up resources or request a service limit increase.


6. Click on the Service Quotas link above the table under Recommended Action.

You will see the service request form and be notified that your student user is not authorized to request a service limit increase. In a production environment using your own AWS account, you would use this form to request an increase. AWS suggests using the phone contact method for 24/7 support. If the resource increase is urgent, it is very beneficial to receive notice from Trusted Advisor in advance.

For this lab step, you will free up resources to mitigate the service limit risk.


7. Navigate to VPCInternet Gateways:

The list of internet gateways in your account is displayed:


Three of the internet gateways are detached and can be removed without any impact on your environment. The most obvious choice for removal is the old LimeWire Fleet internet gateway.


8. Select the internet gateway named LimeWireFleetIGW, click Actions at the top, and click Delete internet gateway.


9. In the Delete Internet Gateway dialog, enter delete in the confirmation textbox and click Delete internet gateway.


10. Return to Trusted Advisor and click the refresh button for the Service Limits check.

After a few seconds, observe that Trusted Advisor recommends no actions:


Note: Due to delays internal to AWS, the refresh button may be greyed out for an unknown amount of time. However, the check is still functional.



In this lab step, you explored the service limit checks in Trusted Advisor. You saw how to request service limit increases from AWS and removed an internet gateway to reduce the service closest to the limit in the Cloud Academy lab environment.

You have now followed the best practices recommended by all of the free Trusted Advisor checks. If you have time left in your lab session, you can review the additional checks that are included in Trusted Advisor with a Business or Enterprise support plan.

Validation checks
The LimeWire Internet Gateway Has Been Removed

Check that the LimeWire IG has been removed

Amazon VPC