AWS Management & Governance Blog

Simplifying setup for new accounts using Service Quotas

Service Quotas enables you to view and manage your quotas for AWS services from a central location. You can currently view and manage over 100 services, such as Amazon VPC, Amazon DynamoDB, and Amazon RDS. Recently, we made it easier to manage quotas for Amazon EC2 with vCPU-based On-Demand Instance limits, which reduce the number of quotas to manage. And, you can set up dynamic alarms for services including Amazon EC2, Amazon DynamoDB, and Amazon Kinesis Data Firehose using a new integration between Service Quotas and Amazon CloudWatch.

In this post, I’ll take you through a day in the life of Li Juan, an IT cloud administrator, to illustrate how you can use Service Quotas to simplify new AWS account setup and easily configure dynamic alarms to monitor service usage.

Li Juan works for Example Corp., an upcoming startup in the analytics space. Example Corp. has just developed a breakthrough application that is expected to have a significant number of customer sign-ups. They expect a significant increase in their AWS workloads. Example Corp.’s CTO has entrusted Li Juan with the task of making sure that they can scale up smoothly. Li Juan is confident that with Service Quotas, her job is going to be easy. Let’s find out how.

Example Corp. uses AWS Organizations to manage and govern their growing workloads spread over multiple AWS accounts. One of Li Juan’s key responsibilities is provisioning new accounts, which includes setting up quotas for the AWS services that their new app is built on.

Due to the projected scale of these workloads, Li Juan chooses to request an increase for the Amazon VPC quotas in advance and uses the service quota request template for this purpose. To enable this template, Li Juan logs in to the master account of their startup’s organization. The new app will be hosted out of three AWS Regions (US East – N. Virginia, US West – N. California, and EU – Ireland). So, she simply adds the relevant quotas to the request template for the three regions.

Figure 1: Service quota request template

Li Juan chooses Associate to associate the template with her master account. From now on, any new account that is created through AWS Organizations will trigger quota increase requests for the quotas in the template as part of the account creation process.  All of these actions described previously can be also performed programmatically.

Li Juan now creates two new accounts through AWS Organizations.

Figure 2: Add an account to your organization

There’s no need for Li Juan to create individual quota increase requests for the new accounts. Because she associated the template, requests have already been created. Li Juan can go to the Service Quotas console for the newly created account and see the status of these quota requests.

Figure 3: View your quota request history

Now that Li Juan has met the team’s projected scaling requirements, she’d like to also proactively monitor her usage against certain quotas. She’d like to be alerted if the EC2 On-Demand Instance usage reaches 80% of the account-specific values for quotas so she can proactively plan additional scaling if forecasts exceed her expectations. With the introduction of the vCPU-based quotas and dynamic alarms, this task is now very simple. Earlier, she would have had to set up individual alarms for each of the instance types she is planning to use in a particular region. Now, she only needs to create a single alarm.

She does this by going to the Amazon EC2 page in Service Quotas and navigating to the Running On-Demand Standard (A, C, D, H, I, M, R, T, Z) instances page to create just one alarm. This creates a dynamic alarm that ensures that Li Juan never has to update the alarm, even if the applied quota value increases over time. She also sets up an SNS notification in the CloudWatch console so she can be alerted when the alarm is triggered. Li Juan sets up dynamic alarms for a few more quotas in the same way.

Li Juan is now all set—she can now proactively monitor these quotas.

Figure 4: Create a CloudWatch alarm

Li Juan informs her CTO that her task of ensuring scale with increasing demand is ready. Quota requests will be created automatically when new AWS accounts are created, and the CloudWatch alarms will auto-alert whenever usage is close to the quota values. All of this took Li Juan less than 20 minutes to set up. With her work for the day done, she confidently heads home knowing she can enjoy her evening watching football with her family.

Be like Li Juan: use Service Quotas to simplify quota setup for new AWS accounts! To learn more about Service Quotas, head over to our launch post or documentation pages, or explore our console.


Lijo is a Product Manager with Amazon Web Services. He is passionate about building customer centric solutions leveraging technology. Outside of work he loves to spend time with his family whose latest addition is a 5 month old. Lijo holds an MBA from the Indian Institute of Management, Calcutta.