Can't I just cheat by looking at the flags in GitHub?


Can't I just cheat by getting all the flags with my admin user?


Can I publish walkthroughs on the live CloudFoxable challenges?


How much will this cost me?

Many challenges have no cost associated with them. They are enabled by default.

Challenges that do have a cost associated with them are disabled by default and need to be manually enabled.

Every time you enable a new challenge you will get a summary the currently enabled challenges and how much they cost per month, like this:


Should I deploy CloudFoxable into an existing environment that I use for production stuff?

No! Please deploy CloudFoxable into a new or existing playground/sandbox/learning account.

Even though it's in a playground account, is there any way someone else can compromise my CloudFoxable resources?

There shouldn't be. The following safeguards are in place, but please reach out if you think we missed something:

Please submit an issuue if you notice any publicly accessible exploit paths that put user's CloudFoxable environments at risk (other than access to the flags).

I've never used Terraform and I'm afraid of it. Help!?

I was also afraid of Terraform and projects that would create resources in my account before I knew how Terraform worked. Here are some things that might ease your anxiety:

Can I run this tool and another tool like CloudGoat, Terragoat, or SadCloud in the same AWS account?

Yes. Each tool will keep its Terraform state separately, but all resources will be created, updated, and deleted in the same account. They can coexist.