What can I do with the Azure Sandbox?
About the Azure Sandbox
The Azure Sandbox provides you with an open environment to come up with and work through your own training scenarios. It is an unguided experience where you determine what services, tools, and resources you'd like more practice with! We allow a variety of tools and services within Azure, so you have as many choices as possible when working through your training.
We are expanding support for new services as development continues!
Unavailable Resource Providers & Services
Unlike the Playground AWS Sandbox, we are able to offer all services within Azure except a few explicitly disallowed services. This list covers the resource providers and services that are NOT available within the Azure Sandbox.
- All Billing actions and information
- Authorization Write/Delete
- Azure Active Directory (AD)
- Azure Containers
- Azure Support
- Azure Stack
- Cost Management
- Capacity reservations
- Purchasing from the marketplace
- Any Unregistered Resource Providers
- All Microsoft.Web resource provider actions (Azure custom APIs, App Services, etc.)
- Recovery Services
- Azure Batch Accounts
- SQL Data Warehouse
In addition to the services and resource providers that are not currently available within the Azure Sandbox, there are a few specific actions and limitations that apply.
- Cannot create new Resource Groups
- Permissions are ONLY granted to the lab provided resource group
- Cannot lock time based immutability policies
- Cannot register new resource providers
- Hybrid Benefit usage is denied and unavailable.
Allowed VM SKUs
The following 10 VM SKUs are allowed for use within the Azure sandbox. No other VM types will be available for use or launch within the sandbox:
Allowed SQL SKUs
The following 5 SQL SKUs are allowed for use within the Azure sandbox. No other SQL Instance types will be available for use or launch within the sandbox:
- Standard S0
- Standard S1
- Standard S2
- Standard S3
- Standard S4
Note: All of these SKUs use DTUs and are not in the general purpose/business critical sections
In addition to the services listed above, we also have an abuse detection setup for our labs. We do not divulge the specifics of how or what we look for with this process to prevent exploitation. The purpose of the abuse detection is to ensure compliance with our Terms of Service. Any detection of abusive use can result in immediate termination of the running lab, loss of access to labs or other resources, or more severe consequences up to and including permanent account closure.
A few examples of abuse are listed below. This list is NOT comprehensive. If you have questions on whether your activity may be detected as abuse, please contact our support team BEFORE starting the activity or action.
- 10 or more Virtual Machines (VMs) created at a time
- Using 10 or more CPUs across all VMs
- Attempting to use resources for Bitcoin Mining
- Excessive Network Traffic
- DDoS or Port Scanning External Hosts
For more information, take a look at these additional FAQ pages: