Everywhere we go, there are limits – speed limits, weight limits, capacity limits. AWS is no different. For many of the services offered by AWS, there is a service quota limit – the maximum number of that feature each account holder is allowed to use.
*Can we determine the limits imposed by AWS? *
Yes, the AWS service-quotas API endpoint can tell us what quotas exist and their values?
*Can we ask for a limit increase? *
For most of the quotas, you can ask for your limit to be increased.
In this post, we’ll use Actions in unSkript to automate work around Service Quotas – determining limits, and asking for an increase to a quota. All of these Actions are soon to be a part of the unSkript Aweseome Runbooks GitHub repository. They’ll also be included in all instances on unSkript.
Probing the AWS Service Quota Surface
The first step in understanding AWS Service Quotas is to look at the API. There are a few interesting endpoints, but in order to query a specific service or request a quota increase, we will need three items:
- Region
- Service Code
- Quota Code
We probably have a good idea what AWS Region our stack is deployed to – that’s the easy part. We still need to understand and figure out the Service Code and the Quota Code for our service.
Service Codes
Service codes describe the top level services that AWS offers (think S3, EC2, etc.) To obtain the AWS Service Codes, we can utilize the list-services endpoint in our Action named AWS Get All Service Names v1 :
def aws_get_all_service_names(handle, region:str) -> List:
sqClient = handle.client('service-quotas',region_name=region)
resPaginate = aws_get_paginator(sqClient,'list_services','Services',PaginationConfig={
'MaxItems': 1000,
'PageSize': 100
})
#res = sqClient.list_services(MaxResults = 100)
return resPaginate
This lists all of the AWS Services by name and their service code. At the time of this writing, there are 220 ( edit – it is now 221!) services in the output.
Quota Codes
Quota codes are available in the AWS Console interface, but it requires a lot of digging to get them (and sometimes it is easiest to find them in the url string). An easier way is via the API:
The list_service_quotas endpoint takes a Service Code (from the first list), and outputs all of the service quotas for that service. The AWS Get Service Quotas for a Service v1 Action obtains the codes, given a Service Code
Setting the Service Code to “ec2”, and the Region to “us-west-2”, we get 129 different Quotas (and the quota code for each one of them).
sqClient = handle.client('service-quotas',region_name=region)
resPaginate = aws_get_paginator(sqClient,'list_service_quotas','Quotas',
ServiceCode=service_code,
PaginationConfig={
'MaxItems': 1000,
'PageSize': 100
})
#res = sqClient.list_services(MaxResults = 100)
return resPaginate
A sample output
Here is a sample of the EC2 output:
{'ServiceCode': 'ec2', 'ServiceName': 'Amazon Elastic Compute Cloud (Amazon EC2)', 'QuotaArn': 'arn:aws:servicequotas:us-west-2:100498623390:ec2/L-70015FFA', 'QuotaCode': 'L-70015FFA', 'QuotaName': 'AMI sharing', 'Value': 1000.0, 'Unit': 'None', 'Adjustable': True, 'GlobalQuota': False}
This says that the limit for the number of Amazon Machine Images (AMIs) that you can share is 1000.
Requesting a Quota Increase
What if we wanted to share 1001 AMIs? We can request a quota increase via API. In the several attempts I have made, they were all grated automatically – but not immediately. Using the request service quota increase endpoint in the AWS Request Service Increase Action adds your request to the AWS queue for processing:
def aws_get_service_quotas(handle, service_code:str, quota_code:str, new_quota:float,region:str) -> Dict:
sqClient = handle.client('service-quotas',region_name=region)
res = sqClient.request_service_quota_increase(
ServiceCode=service_code,
QuotaCode=quota_code,
DesiredValue=new_quota)
#res = sqClient.list_services(MaxResults = 100)
return res
This Action has 3 inputs – the Service_code, the quota_code, and the integer value that you would like the quota changed to.
Conclusion
In this post, we built Actions using unSkript to learn what service quotas exist in your AWS Account, and how to update them. The Actions described in this post are built into unSkript’s automation engine, allowing you to build custom RunBooks around service quotas in your AWS environment.
Are you interested in learning more? Try out our Open Source Docker build. Instructions can be found in the GitHub Readme file. If you have questions, join our Slack channel, where the community will be happy to help you!
Top comments (0)