Cargando...
Cargando...
Predictable, all-inclusive pricing for VPS, containers, and managed databases — without the AWS complexity tax
Amazon Lightsail is AWS's simplified virtual private server (VPS) platform designed for developers, small businesses, and students who need straightforward cloud infrastructure without the complexity of configuring individual AWS services. It bundles compute, SSD storage, data transfer, DNS management, and a static IP into a single predictable monthly price. Lightsail is purpose-built for workloads that don't require the enterprise-scale elasticity, fine-grained IAM controls, or deep service integrations of the broader AWS ecosystem.
Provide a low-barrier, fixed-cost entry point to AWS-hosted infrastructure for simple web apps, blogs, dev/test environments, and small databases — without requiring deep AWS expertise.
Use When
Avoid When
Fixed monthly pricing bundles
Includes compute, SSD storage, and data transfer allowance in one price
Managed databases (MySQL, PostgreSQL)
Simplified — no Multi-AZ, limited parameter tuning vs RDS
Container services (Docker)
Simplified ECS alternative; no Kubernetes support
Object storage (S3-compatible)
Lightsail object storage buckets — simplified S3, not full S3 feature set
CDN distributions (CloudFront-backed)
Simplified CloudFront — no Lambda@Edge, limited behaviors
Load balancers (HTTP/HTTPS only)
No TCP/UDP; includes free SSL cert
Static IPs
Included when attached to an instance; billed when unattached
DNS management
Free, up to 3 zones; not Route 53
Automatic snapshots
Daily, 7-day retention; must be explicitly enabled
Manual snapshots
Point-in-time; billed per GB stored
VPC peering (default VPC only)
One peering connection to the default VPC per region
Pre-configured application blueprints
WordPress, LAMP, Node.js, Magento, etc.
Auto Scaling
CRITICAL: No native auto-scaling — this is the #1 exam trap
Custom VPC configuration
No custom VPC, subnet, or NACL control
IAM role assignment to instances
Lightsail instances cannot be assigned IAM roles directly
Multi-AZ database failover
Unlike RDS Multi-AZ — Lightsail DB has high availability option but it's not the same
Read replicas (managed DB)
Lightsail managed databases do not support read replicas
Spot/Reserved instance pricing
No Spot or Reserved pricing model — flat monthly bundles only
AWS CloudFormation / CDK support
Cannot provision Lightsail resources via CloudFormation
AWS Organizations SCPs
Lightsail accounts can be part of AWS Organizations
Export snapshot to EC2
Critical migration path: Lightsail → EC2 via snapshot export
SSH/RDP browser-based access
Built-in browser terminal/RDP — no SSH key management required
Metrics and alarms
Basic CloudWatch-like metrics; limited compared to full CloudWatch
Lightsail-to-EC2 Migration via Snapshot Export
high freqWhen a Lightsail workload outgrows its bundle, export the instance snapshot to EC2 as an AMI. This is the canonical migration path from simple to enterprise-scale infrastructure. Exam questions test whether you know this path exists.
Lightsail App + RDS Database via VPC Peering
high freqPeer the Lightsail network with the default VPC to allow Lightsail instances to connect to RDS databases running in EC2/VPC. Used when the application needs more database power than Lightsail managed databases provide.
Anti-Pattern: Lightsail Does NOT Integrate with Auto Scaling
high freqCandidates assume Lightsail can use AWS Auto Scaling Groups. It cannot. If elastic scaling is required, the answer is always EC2 + Auto Scaling, not Lightsail. This is the most tested Lightsail misconception.
Static Frontend + Lightsail Backend
medium freqAWS Amplify hosts the static frontend (React, Angular) while Lightsail runs the backend API or CMS. This pattern is tested as a cost-optimized architecture for small web applications.
Lightsail Web App + Lambda for Event Processing
medium freqLightsail handles the persistent web server workload while Lambda processes asynchronous events (image resizing, email sending). Tested as a misconception — Lambda alone cannot host a full stateful web application.
Route 53 DNS for Lightsail Workloads
medium freqWhen Lightsail's built-in DNS (3-zone limit, no advanced routing) is insufficient, Route 53 is used for DNS management with advanced routing policies (failover, latency-based, geolocation). Route 53 points to Lightsail's static IP.
Lightsail Instance + S3 for Media Storage
medium freqVia VPC peering or public endpoints, Lightsail instances can use S3 for storing user uploads, media, and backups — offloading storage from the fixed SSD bundle. Requires IAM credentials configured on the instance (not IAM roles).
Lightsail has NO auto-scaling capability. Any exam scenario requiring dynamic scaling based on demand (CPU, traffic spikes) eliminates Lightsail as an answer. The correct service is EC2 with Auto Scaling Groups.
Automatic snapshots in Lightsail retain only the LAST 7 DAYS of daily snapshots. Disaster recovery scenarios requiring longer retention or cross-region backup require manual snapshot copying or exporting to S3/EC2.
The migration path from Lightsail to EC2 is: Create Lightsail snapshot → Export snapshot to EC2 → Launch EC2 instance from the exported AMI. Know this for SAA-C03 migration scenario questions.
CRITICAL: Lightsail has NO auto-scaling. Any question mentioning dynamic scaling, traffic spikes, or Auto Scaling Groups eliminates Lightsail — the answer is EC2 + Auto Scaling Groups.
CRITICAL: Automatic snapshots in Lightsail retain only 7 days and must be manually enabled. Disaster recovery is the CUSTOMER's responsibility — AWS does not automatically back up or restore Lightsail instances.
Lightsail can peer with only the DEFAULT VPC (one per region). You cannot peer with custom VPCs. This limits integration with complex multi-VPC architectures — a key differentiator from EC2.
Lightsail instances CANNOT be assigned IAM roles directly. To access AWS services (S3, DynamoDB), you must create an IAM user, generate access keys, and configure them on the instance — a security anti-pattern at scale.
Lightsail load balancers support HTTP/HTTPS ONLY. If a scenario requires TCP/UDP load balancing, WebSocket at scale, or static IP for load balancer, the answer is NLB or ALB — not Lightsail.
Lightsail CDN distributions are CloudFront-backed but do NOT support Lambda@Edge, advanced cache behaviors, signed URLs/cookies, or WAF integration. For any of these features, use standalone CloudFront.
Unattached static IPs in Lightsail are BILLED. Always release static IPs when not in use. This is a common cost optimization question on CLF-C02 and SAA-C03.
Lightsail managed databases do NOT support Multi-AZ automatic failover or read replicas like RDS. For HA database requirements, the answer is Amazon RDS with Multi-AZ, not Lightsail.
IMPORTANT: Lightsail cannot use IAM roles, custom VPCs, CloudFormation, or EC2 ELBs. When ANY of these features appear in a requirement, Lightsail is disqualified — use EC2/full AWS services.
On CLF-C02, Lightsail represents the 'simplest' compute option. When a question asks which service requires the LEAST cloud expertise or has the MOST predictable pricing, Lightsail is often the answer over EC2.
Common Mistake
Lightsail provides enterprise-scale auto-scaling — you can configure it to automatically add instances when CPU usage spikes.
Correct
Lightsail has ZERO native auto-scaling capability. It is a fixed-capacity VPS service. You can manually create more instances, but there is no automated scaling policy, target tracking, or step scaling. For auto-scaling, you must use EC2 with Auto Scaling Groups.
This is the #1 Lightsail trap on certification exams. Questions describe a growing startup needing to handle traffic spikes and ask which service to use — Lightsail is the wrong answer whenever 'scale automatically' appears. Remember: Lightsail = Simple + Fixed, EC2 = Flexible + Elastic.
Common Mistake
Disaster recovery is automatic in Lightsail — AWS handles backups and can restore your instance automatically if it fails.
Correct
Lightsail automatic snapshots must be EXPLICITLY ENABLED and retain only the last 7 days of daily snapshots. There is no automatic failover, no Multi-AZ for instances, and no automatic restoration. DR is the customer's responsibility. For automated DR, use EC2 with AWS Backup or RDS Multi-AZ.
Shared Responsibility Model applies to Lightsail too. AWS manages the physical infrastructure, but backup configuration, retention policy, and recovery procedures are the CUSTOMER's responsibility. Exam questions test this with 'which service provides automatic disaster recovery' — Lightsail does not.
Common Mistake
Lightsail is just a cheaper version of EC2 with the same enterprise features — you can use IAM roles, custom VPCs, CloudFormation, and Auto Scaling.
Correct
Lightsail is a fundamentally DIFFERENT product abstraction. It does not support: IAM instance roles, custom VPC configuration, CloudFormation provisioning, Auto Scaling, NACLs, security groups (uses firewall rules instead), or full CloudWatch integration. It trades flexibility for simplicity.
Candidates who know EC2 well assume Lightsail is 'EC2 Lite.' It is not — it's a separate VPS product with a different networking model, billing model, and feature set. When an exam question requires ANY of the missing features, Lightsail is automatically disqualified.
Common Mistake
AWS Lambda can replace Lightsail for hosting complete web applications — Lambda handles stateful server workloads just as well.
Correct
Lambda is event-driven and stateless — it cannot maintain persistent connections, run long-lived processes, or serve as a traditional web server. Lightsail (or EC2) is needed for persistent, stateful web application hosting. Lambda complements Lightsail for async event processing but cannot replace it.
This misconception appears in questions asking how to architect a 'simple web application.' Lambda + API Gateway handles stateless APIs, but a full web app with sessions, file system access, and persistent processes needs Lightsail or EC2. Know the boundary between serverless and server-based hosting.
Common Mistake
Lightsail's built-in DNS is equivalent to Route 53 — it supports all the same routing policies.
Correct
Lightsail DNS is a basic free DNS service limited to 3 zones. It does NOT support Route 53's advanced routing policies: latency-based, geolocation, failover, weighted, multivalue, or alias records for AWS resources. For any intelligent DNS routing, use Route 53.
Questions about 'routing traffic based on user location' or 'failover DNS' with Lightsail should always point to Route 53 as the DNS layer, with Lightsail's static IP as the endpoint target.
Common Mistake
Lightsail instances can be added to an Elastic Load Balancer (ALB/NLB) target group for enterprise-grade load balancing.
Correct
Lightsail instances CANNOT be added to EC2 Elastic Load Balancer target groups directly. Lightsail has its own built-in load balancer (HTTP/HTTPS only). To use ALB/NLB with Lightsail-originated workloads, you must first migrate to EC2.
This is a critical architectural constraint. Any scenario requiring ALB features (path-based routing, host-based routing, WebSocket) or NLB features (TCP, static IP, extreme performance) with Lightsail workloads requires migrating to EC2 first.
LIGHTSAIL = LIGHT on features, LIGHT on complexity, LIGHT on control: No Auto-scaling, No IAM roles, No custom VPC, No CloudFormation — but great for Simple, Predictable, Affordable workloads (SPA mnemonic: Simple, Predictable, Affordable)
The 7-7-7 Rule for Lightsail DR: 7 days automatic snapshot retention, 7 is the max before you lose history, 7 reminds you DR is YOUR responsibility (Shared Responsibility = 7 letters)
When you see 'auto-scale' in an exam question → Lightsail is OUT. Auto-scale = EC2 + ASG. Always.
Lightsail VPC Peering = DEFAULT only. Think 'Lightsail is a guest at the DEFAULT VPC party — it can't enter custom VPC clubs.'
CertAI Tutor · SAA-C03, SAP-C02, DEA-C01, CLF-C02 · 2026-02-21
In the Same Category
Comparisons