Advanced Search
Search Results
63 total results found
Installation Guide
The Installation Guide provides step-by-step instructions for deploying Sandbox Studio into your AWS environment. It covers an overview of the solution’s architecture, including how the platform integrates with AWS to provision, manage, and clean up sandbox ac...
Administrator Guide
As an Administrator, you are responsible for configuring and maintaining Sandbox Studio for your organisation. This includes setting global policies such as global maximum budget thresholds and cleanup policies. You will also manage integration with AWS, set u...
Solution overview
The overview describes the Features and Benefits, Use cases and concept and definitions.
Architecture overview
The architecture of Sandbox Studio brings together multiple AWS services to deliver secure, temporary sandbox environments. At a high level, the solution uses a combination of managed services that each play a specific role — from provisioning accounts and han...
Plan your deployment
This section describes the Regions, cost, security, and other considerations prior to deploying the solution.
Deploy the Solution Manually
Note: We strongly recommend using the installation script available here to deploy the Sandbox Studio.
Post-deployment configuration tasks
Note: You only need to read this section if you have decided to deploy the solution manually. Once the stacks are deployed successfully, you’ll need to carry out some manual configuration tasks. These ensure Sandbox Studio integrates with your organisation’s ...
Troubleshooting & Support
If you need support, there is a full knowledge base and ticketing site here: https://support.sandboxstudiosoftware.com/ Below are some common problems identified during installation.
Manage your subscription
Monitoring the solution
Settings
This section will cover details of the settings and configuration capabilities for Administrators
Deploy the Solution
To help streamline the setup of Sandbox Studio, we’ve provided an installation script that checks your environment for the necessary prerequisites and guides you through deploying the solution step by step. This is our recommended installation method, as it si...
AWS Accounts
Maintenance
Updating the solution
Core Capabilities
Sandbox Studio provides a range of tools to make AWS sandbox account management fast, safe, and cost-effective. The table below explains the core capabilities of the platform, how it works, and the specific benefits it can bring to your teams. Capabilit...
Concepts and definitions
Term / Concept Description Account Recycling The process of cleaning and reusing sandbox accounts after they hit budget or time limits. This reduces AWS account sprawl, optimises resource use, and minimises administrative work by resetting acc...
AWS CloudFormation templates
Sandbox Studio is packaged as a set of AWS CloudFormation stacks. If you decide to manually install Sandbox Studio, you must deploy them in the order shown below and into specific AWS accounts. This page explains each stack, where to deploy it, and why the ord...
Step 1: Deploy the AccountPool stack
Install the AccountPool CloudFormation stack in the organisation management account. How to Install this Stack Login to the AWS Management Console using the Organisation Management Account. Navigate to the CloudFormation page. Click Create Stack and sele...
Step 2: Deploy the IDC stack
Install the IDC CloudFormation stack in the organisation management account. How to Install this Stack Login to the AWS Management Console using the Organisation Management Account. Navigate to the CloudFormation page. Click Create Stack and select With ...
Step 4: Deploy the Data stack
Install the Data CloudFormation stack in the hub account. How to Install this Stack Login to the AWS Management Console using the Organisation Management Account. Navigate to the CloudFormation page. Click Create Stack and select With new resources (stan...
Step 6: Deploy the Compute stack
Install the Compute CloudFormation stack in the hub account. How to Install this Stack Login to the AWS Management Console using the Hub Account. Navigate to the CloudFormation page. Click Create Stack and select With new resources (standard). For Templ...
Solution Architecture
Sandbox Studio solution is built entirely on AWS services, with each component playing a specific role in delivering, securing, and managing sandbox environments. The architecture uses managed services to ensure scalability, security, and automation. The diag...
Understand running costs
Running Sandbox Studio does involve some ongoing AWS costs, but these are generally modest and reflect the standard services needed to keep things running securely and reliably. You can think of them as the “behind-the-scenes” charges for the hub account that ...
Choosing the hub account
Sandbox Studio requires multiple AWS accounts to function. These accounts follow a hub-and-spoke model, where a central hub account manages a pool of sandbox accounts. The organisation management account also plays a key role, as certain AWS services can only ...
Create an IAM Identity Center application
Login to the AWS console and open IAM Identity Center. Navigate to Applications → Add application. Select I have an application I want to setup and chose SAML 2.0. Enter the following details Display name: Sandbox Studio (or your preferred ...
Add initial users
The IDC CloudFormation deployment creates three default groups in IAM Identity Center (you can customise their names when launching the SandboxStudio-IDC stack): Admins Group — members of this group have full access to Sandbox Studio. They can configure s...
Logging into the web UI
Once you have completed the installation of Sandbox Studio, you can log into the web user interface (UI). Finding the Login URL The login page is hosted behind an Amazon CloudFront distribution that was created during installation. To find the URL: Sign...
Choosing your region(s)
When setting up Sandbox Studio, choosing the correct AWS Regions is an important step. The regions you select determine where the solution is deployed, which regions users can access, and how accounts are cleaned up. 1. Identify Your Home Region In an AWS ...
AWS services in this solution
Sandbox Studio uses a combination of AWS managed services to securely deliver, manage, and clean up sandbox environments. The table below describes the core AWS services used in the solution. AWS Service Description Amazon CloudFront Acts...
Overview
What is Sandbox Studio? Sandbox Studio is a web-based solution that helps cloud administrators manage temporary AWS sandbox environments. It automates the enforcement of security policies, governance rules, budget controls, and account recycling settings — al...
Update AWS AppConfig
AWS AppConfig is used by Sandbox Studio to store its runtime configuration. You will need to update this configuration after the CloudFormation stacks have been deployed so that Sandbox Studio knows how to authenticate users and where to route traffic. If App...
Update AWS Secrets Manager
AWS Secrets Manager is used to store the SAML Identity Provider (IdP) certificate securely. The SandboxStudio-API stack creates a secret for this purpose. You must update it with the correct certificate from your Identity Center application. If the certificat...
Monitoring the solution
Overview The Sandbox Studio solution includes observability tools for monitoring the solution resources. Amazon CloudWatch Application Insights Sandbox Studio on AWS includes access to Amazon CloudWatch Application Insights to provide automatic detection an...
Investigating accounts in Quarantine state
When the Sandbox Studio solution detects an issue with one of its sandbox accounts, the account is moved to a Quarantine state and an email is sent to the solution administrators indicating that action be taken to resolve the account’s quarantine status. Note...