Cloud Playgroundchevron_right Cloud Sandboxeschevron_right

What can I do with the Azure Sandbox?

About the Azure Sandbox

The Azure Sandbox provides you with an open environment to come up with and work through your own training scenarios. It is an unguided experience where you determine what services, tools, and resources you'd like more practice with! We allow a variety of tools and services within Azure, so you have as many choices as possible when working through your training. 

We are expanding support for new services as development continues!

Unavailable Resource Providers & Services

We do not currently support the following services within the Azure Sandbox. As we continue development, we will add support for new services and update this article with the latest information.

Subscription Management Redis Cache
DDoS Protection Plans Blueprint Assignments
Batch Azure Support
Azure Active Directory (AD) Azure Stack
Capacity reservations Data Box
Import/Export Cost Management
DataBricks HDInsight
Azure Classic services Batch Accounts
ExpressRoute Redis Cache

Consumption Service



Limited Services

Azure Compute Blocked Features

The following features are entirely restricted and not allowed for use in the Azure Compute service. There are additional abuse checks and monitoring in place as well.

  • Availability Sets
  • Proximity Placement Groups
  • Snapshots

Virtual Machines

SKU Whitelist

The following VM SKUs are allowed for use within the Azure sandbox. No other VM types will be available for use or launch within the sandbox:

  • Standard_A1_v2
  • Standard_B1ms
  • Standard_B2ms
  • Standard_B1s
  • Standard_B2s
  • Standard_D1_v2
  • Standard_DS1
  • Standard_A0
  • Standard_B1s
  • Standard_DS1_v2
  • Standard_D2

Abuse Detection

Large instances or creating many instances can cause a sandbox to be flagged for possible abuse and terminated. See the bottom of this article for more information.

Scale Sets

  • Maximum of 4 VMs per scale set
  • Maximum of 2 scale sets per sandbox

SQL Servers

SQL DB SKU Whitelist

The following 5 SQL SKUs are allowed for use within the Azure sandbox. No other SQL Instance types will be available for use or launch within the sandbox:

  • Basic
  • Standard S0
  • Standard S1
  • Standard S2
  • Standard S3
  • Standard S4

Note: All of these SKUs use DTUs and are not in the general purpose/business critical sections. At this time, no general purpose or business critical SQL Servers are allowed in the Azure labs or sandbox.

Web App Service Plans

Service Plan SKU Whitelist

  • B1
  • B2
  • B3
  • S1
  • F1

Region Whitelist

Resources are allowed in the following regions. Attempts to create resources in any other region will result in an error on deployment.

  • Canada East
  • Central India
  • Central US
  • East Asia
  • East US
  • East US 2
  • Germany North
  • Germany West Central
  • Global (for specific resources that require global)
  • Japan West
  • Korea Central
  • Korea South
  • North Central US
  • South India
  • South Central US
  • West Central US
  • West India
  • West US
  • West US 2

Additional Restrictions

In addition to the services and resource providers that are not currently available within the Azure Sandbox, there are a few specific actions and limitations that apply.

  • All Billing actions and information is restricted
  • Cannot create new Resource Groups
  • Permissions are ONLY granted to the lab provided resource group
  • Cannot lock time-based immutability policies
  • Cannot register new resource providers
  • Hybrid Benefit usage is denied and unavailable.
  • Any Unregistered Resource Providers are intentionally unavailable
  • Purchasing from the marketplace is not allowed

Abuse Detection

In addition to the services listed above, we also have an abuse detection setup for our labs. We do not divulge the specifics of how or what we look for with this process to prevent exploitation. The purpose of the abuse detection is to ensure compliance with our Terms of Service. Any detection of abusive use can result in immediate termination of the running lab, loss of access to labs or other resources, or more severe consequences up to and including permanent account closure.

A few examples of abuse are listed below. This list is NOT comprehensive. If you have questions on whether your activity may be detected as abuse, please contact our support team BEFORE starting the activity or action.

  • Incorrect instance type
  • Ten or more virtual machines created at a time
  • Ten or more vCPU across all virtual machines
  • Attempting to use resources for Bitcoin mining
  • Excessive network traffic
  • DDoS or port scanning external hosts

For more information, take a look at these additional FAQ pages: