What can I do with the Azure Sandbox?
About the Azure Sandbox
The Azure Sandbox provides you with an open environment to come up with and work through your own training scenarios. It is an unguided experience where you determine what services, tools, and resources you'd like more practice with! We allow a variety of tools and services within Azure, so you have as many choices as possible when working through your training.
We are expanding support for new services as development continues!
Unavailable Resource Providers & Services
We do not currently support the following services within the Azure Sandbox. As we continue development, we will add support for new services and update this article with the latest information.
| Subscription Management | Redis Cache |
| DDoS Protection Plans | Blueprint Assignments |
| Batch | Azure Support |
| Azure Active Directory (AD) | Azure Stack |
| Capacity reservations | Data Box |
| Import/Export | Cost Management |
| DataBricks | HDInsight |
| Azure Classic services | Batch Accounts |
| ExpressRoute | Redis Cache |
|
Consumption Service |
Limited Services
Azure Compute Blocked Features
The following features are entirely restricted and not allowed for use in the Azure Compute service. There are additional abuse checks and monitoring in place as well.
- Availability Sets
- Proximity Placement Groups
- Snapshots
Virtual Machines
SKU Whitelist
The following VM SKUs are allowed for use within the Azure sandbox. No other VM types will be available for use or launch within the sandbox:
- Standard_A1_v2
- Standard_B1ms
- Standard_B2ms
- Standard_B1s
- Standard_B2s
- Standard_D1_v2
- Standard_DS1
- Standard_A0
- Standard_B1s
- Standard_DS1_v2
- Standard_D2
Abuse Detection
Large instances or creating many instances can cause a sandbox to be flagged for possible abuse and terminated. See the bottom of this article for more information.
Scale Sets
- Maximum of 4 VMs per scale set
- Maximum of 2 scale sets per sandbox
SQL Servers
SQL DB SKU Whitelist
The following 5 SQL SKUs are allowed for use within the Azure sandbox. No other SQL Instance types will be available for use or launch within the sandbox:
- Basic
- Standard S0
- Standard S1
- Standard S2
- Standard S3
- Standard S4
Note: All of these SKUs use DTUs and are not in the general purpose/business critical sections. At this time, no general purpose or business critical SQL Servers are allowed in the Azure labs or sandbox.
Web App Service Plans
Service Plan SKU Whitelist
- B1
- B2
- B3
- S1
- F1
Region Whitelist
Resources are allowed in the following regions. Attempts to create resources in any other region will result in an error on deployment.
- Canada East
- Central India
- Central US
- East Asia
- East US
- East US 2
- Germany North
- Germany West Central
- Global (for specific resources that require global)
- Japan West
- Korea Central
- Korea South
- North Central US
- South India
- South Central US
- West Central US
- West India
- West US
- West US 2
Additional Restrictions
In addition to the services and resource providers that are not currently available within the Azure Sandbox, there are a few specific actions and limitations that apply.
- All Billing actions and information is restricted
- Cannot create new Resource Groups
- Permissions are ONLY granted to the lab provided resource group
- Cannot lock time-based immutability policies
- Cannot register new resource providers
- Hybrid Benefit usage is denied and unavailable.
- Any Unregistered Resource Providers are intentionally unavailable
- Purchasing from the marketplace is not allowed
Abuse Detection
In addition to the services listed above, we also have an abuse detection setup for our labs. We do not divulge the specifics of how or what we look for with this process to prevent exploitation. The purpose of the abuse detection is to ensure compliance with our Terms of Service. Any detection of abusive use can result in immediate termination of the running lab, loss of access to labs or other resources, or more severe consequences up to and including permanent account closure.
A few examples of abuse are listed below. This list is NOT comprehensive. If you have questions on whether your activity may be detected as abuse, please contact our support team BEFORE starting the activity or action.
- Incorrect instance type
- Ten or more virtual machines created at a time
- Ten or more vCPU across all virtual machines
- Attempting to use resources for Bitcoin mining
- Excessive network traffic
- DDoS or port scanning external hosts
For more information, take a look at these additional FAQ pages: