considering pen testing can only be carried out on certain services, it is probably important to now which services exactly.
Please specify important facts and not ‘etc’ it like in the slides where it was mentioned as;
EC2, Lambda, RDS, Aurora, CloudFront, API Gateway, etc..
Here is the current as of writing;
Our policy only permits testing of the following resources:
DNS Zone Walking
At this time, our policy does not permit testing small or micro RDS instance types. Testing of m1.small, t1.micro or t2.nano EC2 instance types is not permitted. This is to prevent potential adverse performance impacts on resources that may be shared with other customers.