Limits and restrictions for AWS CloudShell - AWS CloudShell

Limits and restrictions for AWS CloudShell

AWS CloudShell is a browser-based shell provided at no additional charge. Limits and restrictions apply to the following areas:

Limits for persistent storage

With AWS CloudShell, you have persistent storage of 1 GB for each AWS Region at no cost. Persistent storage is located in your home directory ($HOME) and is private to you. Unlike ephemeral environment resources that are recycled after each shell session ends, data in your home directory persists between sessions.

If you stop using AWS CloudShell in an AWS Region, data is retained in the persistent storage of that Region for 120 days after the end of your last session. After 120 days unless you take action, your data will be automatically deleted from the persistent storage of that Region. You can prevent removal by simply launching AWS CloudShell again in that AWS Region.

Note

Usage scenario

Márcia has used AWS CloudShell to store files in her home directories in two AWS Regions: US East (N. Virginia) and Europe (Ireland). She then started using AWS CloudShell exclusively in Europe (Ireland) and stopped launching shell sessions in US East (N. Virginia).

Before the deadline for deletion of data in US East (N. Virginia), Márcia decides to prevent her home directory from being recycled by launching AWS CloudShell and selecting the US East (N. Virginia) Region again. Because she has continually used Europe (Ireland) for shell sessions, her persistent storage in that Region isn't affected.

Limits for concurrent shells

The following limits apply to running shells:

  • Concurrent shells: You can run a maximum of 10 shells at the same time in each AWS Region at no charge.

Limits for shell sessions

The following limits apply to AWS CloudShell shell sessions:

  • Inactive sessions: AWS CloudShell is an interactive shell environment—if you don't interact with it using your keyboard or pointer for approximately 20–30 minutes, your shell session will end. (Running processes do not count as interactions.)

  • Long-running sessions: A shell session that's been running continuously for approximately 12 hours will automatically end, even if the user is regularly interacting with it during that period.

Restrictions on network access and data transfer

The following restrictions apply to network traffic traveling in and out of the AWS CloudShell environment:

  • Outbound: Users can access the public internet.

  • Inbound: Users can’t access inbound ports. No public IP address is available.

Warning

With access to the public internet, there's a risk that certain users might export data from the AWS CloudShell environment. IAM administrators should manage the allow list of trusted AWS CloudShell users through IAM tools. For information on how specific users can be explicitly denied access, see Managing allowable actions in AWS CloudShell using custom policies.

Data transfer: Uploading and downloading files to and from AWS CloudShell may be slow for large files. Alternatively, you can transfer files to your environment from an Amazon S3 bucket using the command line interface of the shell.

Restrictions on system files and page reloads

  • System files: If you incorrectly modify files that are required by the compute environment, you might experience problems when accessing or using the AWS CloudShell environment. If this occurs, you may need to delete your home directory to regain access.

  • Reloading pages: To reload the AWS CloudShell interface, you should use the refresh button in your browser instead of the default shortcut key sequence for your operating system.