AWS Official Blog

Back when I was young, InfoWorld was a tabloid-sized journal that chronicled the growth of the PC industry. Every week I would await the newest issue and read it cover to cover, eager to learn all about the latest and greatest hardware and software. I always enjoyed and appreciated the reviews — they were unfailingly deep, objective, and helpful.

With this as background, I am really happy to be able to let you know that the team at InfoWorld recently put Amazon Aurora through its paces, wrote a detailed review, and named it an Editor’s Choice. They succinctly and accurately summarized the architecture, shared customer feedback from AWS re:Invent, and ran an intensive benchmark, concluding that:

This level of performance is far beyond any I’ve seen from other open source SQL databases, and it was achieved at far lower cost than you would pay for an Oracle database of similar power.

We’re very proud of Amazon Aurora and I think you’ll understand why after you read this review.

The AWS Trusted Advisor helps you to provision and configure your AWS resources so as to improve system performance and reliability, increase security, and optimize for cost. We have added some new checks and improved an existing one in order to make Trusted Advisor even more useful to you. Here is a summary of the changes:

The Service Limits check now reports on your usage of EC2 On-Demand instances:

This check is available to all users of Trusted Advisor. The remaining checks are available to customers who are using AWS Support API at the Business or Enterprise level.

The S3 Bucket Logging Configuration check now looks to see if server access logging has been configured for each bucket:

The new EC2 to EBS Throughput check looks for EBS volumes that might be affected by the throughput capacity of the EC2 instances:

The new CloudFront Alternate Domains check looks at the DNS settings for alternate domains on your CloudFront distributions:

The new CloudFront SSL Certificate on the Origin Server check looks for SSL certificates that are expired, about to expire, or that use outdated encryption:

The new IAM Access Key Rotation check looks for IAM keys that have not been rotated in the last 90 days:

The new checks are available now and you can benefit from them today. Visit the AWS Trusted Advisor to learn more.

When we launched EC2 Run Command seven weeks ago (see my post, New EC2 Run Command – Remote Instance Management at Scale to learn more), I promised similar functionality for instances that run Linux. I am happy to be able to report that this functionality is available now and that you can start using it today.

Run Command for Linux
Like its Windows counterpart, this feature is designed to help you to administer your EC2 instances in an easy and secure fashion, regardless of how many you are running. You can install patches, alter configuration files, and more. To recap, we built this feature to serve the following management needs:

• A need to implement configuration changes across their instances on a consistent yet ad hoc basis.
• A need for reliable and consistent results across multiple instances.
• Control over who can perform changes and what can be done.
• A clear audit path of what actions were taken.
• A desire to be able to do all of the above without the need for unfettered SSH access.

This new feature makes command execution secure, reliable, convenient, and scalable. You can create your own commands and exercise fine-grained control over execution privileges using AWS Identity and Access Management (IAM). All of the commands are centrally logged to AWS CloudTrail for easy auditing.

Run Command Benefits
The Run Command feature was designed to provide you with the following benefits (these apply to both Linux and Windows):

Control / Security – You can use IAM policies and roles to regulate access to commands and to instances. This allows you to reduce the number of users who have direct access to the instances.

Reliability – You can increase the reliability of your system by creating templates for your configuration changes. This will give you more control while also increasing predictability and reducing configuration drift over time.

Visibility – You will have more visibility into configuration changes because Run Command supports command tracking and is also integrated with CloudTrail.

Ease of Use – You can choose from a set of predefined commands, run them, and then track their progress using the Console, CLI, or API.

Customizability – You can create custom commands to tailor Run Command to the needs of your organization.

Using Run Command on Linux
Run Command makes use of an agent (amazon-ssm-agent) that runs on each instance. It is available for the following Linux distributions:

• Amazon Linux AMI (64 bit) – 2015.09, 2015.03, 2014.09, and 2014.03.
• Ubuntu Server (64 bit) – 14.04 LTS, 12.04 LTS
• Red Hat Enterprise Linux (64 bit) – 7.x

Here are some of the things that you can do with Run Command:

• Run shell commands or scripts
• Add users or groups
• Configure user or group permissions
• View all running services
• Start or stop services
• View system resources
• View log files
• Install or uninstall applications
• Update a scheduled (cron) task

You can launch new Linux instances and bootstrap the agent by including a few lines in the UserData like this (to learn more, read Configure the SSM Agent in the EC2 Documentation):

Here’s how I choose a command document (separate command documents are available for Linux and for Windows):

And here’s how I select the target instances and enter in a command or a set of commands to run:

Here’s the output from the command:

Here’s how I review the output from commands that I have already run:

Run a Command Today
This feature is available now and you can start using it today in the US East (Northern Virginia), US West (Oregon), and Europe (Ireland) regions. There’s no charge for the command, but you will be billed for other AWS resources that you consume.

To learn more, visit the Run Command page.

We announced the t2.nano instances earlier this year. Like their larger siblings (t2.micro, t2.small, t2.medium, and t2.large), these instances provide a baseline level of processing power, along with the ability to save up unused cycles and use them when the need arises.

As I noted in my earlier post (New T2.Large Instances), this model has proven to be extremely popular with our customers. In fact, we did some research and found that, over the course of a couple of days, over 96% of the T2 instances always maintained a positive CPU Credit balance. In effect, you are paying for a very modest amount of processing power, yet have access to far more when the need arises. The pricing (which I will get to in a moment) becomes even more compelling when you purchase a 1 year or 3 year Reserved Instance.

I expect to see the t2.nano used to host low-traffic websites, run microservices, support dev / test environments, and to be used as cost-effective monitoring vehicles. There are also plenty of ways to use these instances in training and educational settings.

The Specs
Each t2.nano instance has 512 MiB of memory and 1 vCPU, and can run 32 or 64 bit operating systems and applications. They support EBS encryption and up to two Elastic Network Interfaces per instance.

The t2.nano offers the full performance of a high frequency Intel CPU core if your workload utilizes less than 5% of the core on average over 24 hours. You get full access to the CPU core when needed, as long as you maintain a positive CPU credit balance. Each newly launched t2.nano starts out with a CPU credit balance of 30 credits, and earns 3 more credits per hour, up to a maximum of 72. This means that each instance can burst to full-core performance for up to 72 minutes at a stretch.

You can run Linux or Windows on these instances. However, our data shows that Windows instances consume more CPU and memory than Linux instances and you’ll want to do some testing and evaluation in order to decide which instance size will work best for your application. If you do not need the Windows GUI, you may want to take a look at the Server Core AMI.

EC2 Pricing & Sample Configurations
The t2.nano instances are priced at exactly half of the t2.micro for a given region. Here are some sample prices (see the EC2 Pricing page for more information):

Let’s take a look at the full-system cost to host and run a low-traffic website (up to 25,000 visits or so per month) on AWS using a t2.nano for one month.This is a real-world configuration that is more than adequate to handle the load.

In addition to the instance itself, the sample configuration includes an 8GB EBS SSD volume for storage and domain hosting with Amazon Route 53. The pricing includes 2 gigabytes of network-out traffic. In other words, this is the all-in cost to run the site on AWS. Here’s the monthly pricing in US West (Oregon):

Let’s say you really hit the jackpot and draw in 10 times as many visits as you planned for. You’ll pay less than $1 in additional Network Out charges, $0.81 to be precise. If you are running a small site and want to keep a watchful eye over your variable costs, don’t forget to create a billing alert.

This is a powerful starter system that can easily scale to handle more traffic or to host a more complex site or application. Over time, you can expand to make use of other AWS services such as S3, Elastic Load Balancing, Auto Scaling, Amazon Relational Database Service (RDS), and AWS CloudFormation. You also have access to T2 instances in other sizes, and to the full range of EC2 instance types.

Our friends at Bitnami provide a very wide range of packaged tools and applications that can be used on AWS with a couple of clicks. They have optimized their very popular WordPress AMI for use on the t2.nano. You can find this and many other applications in the AWS Marketplace.

Available Now
You can launch t2.nano instances today in the US East (Northern Virginia), US West (Oregon), US West (Northern California), Europe (Ireland), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (Brazil), and AWS GovCloud (US) regions. The instances will be available soon in Europe (Frankfurt) and Asia Pacific (Sydney). You can use them with AWS CloudFormation today; support for AWS Elastic Beanstalk (in the form of updated containers) is in the works.

— Jeff;

Here are the next batch of podcasts that I recorded on Tuesday, September 1 at the AWS Loft in San Francisco as part of the Intel Startup Spotlight for the AWS Podcast.

I spoke with startups Compgun, Primadesk, SkinnyPrice. I also spoke with Cameron Peron, a startup advisor. Here are the episodes and the show notes (the “Episode” links go directly to the MP3 files; you can also visit the AWS Podcast page and subscribe to the feed):

Episode 115 – Compgun
For Episode 115, I interviewed Jake Seip and Tim Sze, co-founders and CEO’s of sales commission engine Compgun. After realizing how difficult it can be to appropriately administer sales compensation and noticing that other companies share this burden, Jake and Tim used their industry insights to solve that problem. Listen to the guys chat about the strengths and weaknesses of running on AWS, where they see the company going in the future, and what they love most about working for a startup.

Episode 116 – Primadesk
For Episode 116, I spoke with Srinivasa Venkataraman, one of the founders of security startup Primadesk. Srinivasa discusses how a family photo-organization project inspired him to found Primadesk and how his tech background plus managerial experience has helped him to succeed in the startup ecosystem. Find out more about his file sharing tools, content indexing systems, and how they appeal to both consumers and IT professionals.

Episode 117 – SkinnyPrice
For Episode 117, I interviewed Andrew Jones and Daniel McGuire, the CTO and CEO/Co-Founder of SkinnyPrice. The guys talk about their experiences launching the discount pricing startup and their history of entrepreneurial adventures (including running a construction company and working with the MassChallenge Accelerator in Boston).

Episode 118 – Cameron Peron
For Episode 118, I spoke with startup advisor Cameron Peron about the challenges facing startups today and the approaches he takes to help startups succeed. We discussed his business-focused background and experience as the VP of Marketing and CMO of Redis Labs. Cameron shares his insights about working for a startup in Israel vs. in Silicon Valley, how to work with scarce resources, and his best tips for startup success.

Special Thanks
Once again, special thanks are due to my colleagues:

• Gloria Kim – Scheduling and hosting at the AWS Loft in San Francisco.
• Melissa Higa – Program Management.
• Sarah Silverstein – Editing and content management.

PS – I am planning to expand the scale of the AWS Podcast series in 2016. Stay tuned for information on how to apply to be a guest.

Encryption is an important part of any data protection strategy. Over the past year or two, we have introduced many features that are designed to simplify the task of storing your cloud-based information in encrypted form. Many of these features make use of the AWS Key Management Service (KMS); here are some of the more recent announcements on that topic:

• Encryption at Rest for Amazon Aurora.
• Encrypted Storage Volumes for Amazon WorkSpaces.
• S3 SSE-KMS Encryption for AWS CloudTrail.
• S3 Encryption Integrated with Amazon EMR.
• KMS Encryption for Amazon RDS.
• Encryption for Elastic Transcoder.
• EBS Data Volume Encryption.

To learn more, check out the AWS Services That Offer Encryption Integrated with AWS KMS.

Many customers tell me that they appreciate the fact that AWS makes it very easy for them to encrypt their data. They enable it as needed, and rely on AWS for the heavy lifting.

Encrypted EBS Boot Volumes
Today we are launching encryption for EBS boot volumes. This feature builds on a recent release that allowed you to copy an EBS snapshot while also applying encryption.

You can now create Amazon Machine Images (AMIs) that make use of encrypted EBS boot volumes and use the AMIs to launch EC2 instances. The stored data is encrypted, as is the data transfer path between the EBS volume and the EC2 instance. The data is decrypted on the instance on an as-needed basis, then stored only in memory.

This feature will aid your security, compliance, and auditing efforts by allowing you to verify that all of the data that you store on EBS is encrypted, whether it is stored on a boot volume or on a data volume. Further, because this feature makes use of KMS, you can track and audit all uses of the encryption keys.

Each EBS backed AMI contains references to one or more snapshots of EBS volumes. The first reference is to an image of the boot volume. The others (if present) are to snapshots of data volumes. When you launch the AMI, an EBS volume is created from each snapshot. Because EBS already supports encryption of data volumes (and by implication the snapshots associated with the volumes), you can now create a single AMI with a fully-encrypted set of volumes. You can, if you like, use individual Customer Master Keys in KMS for each volume.

Creating an Encrypted EBS Boot Volume
The process of creating an encrypted EBS boot volume begins with an existing AMI (either Linux or Windows). If you own the AMI, or if it is both public and free you can use it directly. Otherwise, you will need to launch the AMI, create an image from it, and then use that image to create the encrypted EBS boot volume (this applies, for example, to Windows AMIs). The resulting encrypted AMI will be private; you cannot share it with another AWS account.

With the AMI and the encrypted snapshot in hand, you simply create a new AMI using the AWS copy-image command as follows:

$ aws ec2 copy-image -r source_region -s source_ami_id \
  [-n ami_name] [-d ami_description] [-c token] \
  [--encrypted] [--kmsKeyID keyid]

If you request encryption with --encrypted and do not supply the --kmsKeyID parameter, the default EBS Customer Master Key (CMK) for your account will be used.

For example, here is how you would make a copy of the Amazon Linux AMI:

$ aws ec2 copy-image -r us-east-1 -s ami-60b6c60a  \
  --encrypted --kmsKeyID arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef

You can also create an AMI with an encrypted boot volume from the EC2 Console:

Using an Encrypted EBS Boot Volume
After you create your new AMI, you can use it to launch new instances as usual. You don’t need to make any other changes to your code or your operational practices.

Available Now
This new feature is available now in all AWS regions except Beijing (China) and you can start using it today at no additional charge.

— Jeff;

PS – The EBS team is hiring! Check out the EBS Careers page for more info.

I was super-double-extra busy last week and did not have time to assemble the Week in Review as usual. I’m playing catch-up now!

 New Customer Success Stories

• 2C2P – Payment systems, database, and compliance.
• British Gas – Support for connected homes.
• Buzzdial – Cross-screen digital experience.
• Cochlear – Replacement parts ordering system.
• Ferrara Candy Company – Reporting and analytics environment using SAP Business Analytics.
• The Hindu Group – Web application hosting.
• iFlix – On-demand video.
• Qlik – Visual analytics and business intelligence.
• Solinor – Customized payment solutions.
• Zalora – Hosting of fashion websites.

Stay tuned for next week! In the meantime, follow me on Twitter and subscribe to the RSS feed.

— Jeff;

I would like to extend a warm welcome to the newest AWS Community Heroes:

• Jarrod Levitan
• Keith Yau
• Boyan Dimitrov
• Austen Collins
• Teri Radichel

The Heroes share their enthusiasm for AWS via social media, blogs, events, user groups, and workshops. Let’s take a look at their bios to learn more.

Jarrod Levitan
Jarrod is the Chief Cloud Officer of TriNimbus, an Amazon Web Services Premier Consulting Partner and leading DevOps service provider, which supports organizations as they migrate to and take advantage of AWS and the Cloud. Being a hard core AWS enthusiast, Jarrod is also an organizer of the Canadian AWS User Group Meetups in Vancouver, Toronto, Ottawa, Montreal, Calgary and Edmonton. As an entrepreneur with experience building an enterprise SaaS company, Jarrod is a change agent supporting organizations as they shift culture and strategically adopt progressive technologies. Serving customers and making them successful long term is at his core and when combined with his extensive financial and technological background he provides immeasurable strategic insight.

You can connect with Jarrod on LinkedIn and follow him Twitter.

Keith Yau
Keith is the founder of BootDev, a cloud based platform for running websites. BootDev is built on AWS and leverages AWS services such as S3, Route 53, CloudFormation, and CloudFront, allowing it to power fault-tolerant, large scale web applications.

Keith has worked on large scale web projects for several enterprise customers across Japan, China, and US in the gaming, Internet, and big data industries. For a large Southeast Asia news site, he engineered a way to deploy a multi-level caching architecture with auto-scaling. Keith is active in the startup and technology community across China, organizing groups like Drupal China and Barcamp China. He is also an active member of  several AWS User Group Meetups in China.  He shares his AWS and cloud related knowledge & experience on his personal tech blog and the “bootdev” channel on Wechat.

Connect with Keith on LinkedIn, or use the following QRcode to join the Wechat channel:

Boyan Dimitrov
Boyan is Director of Platform Engineering at Sixt, where he is working on a next generation mobility ecosystem. He is a passionate cloud architect with plenty of experience in distributed systems, self-healing applications and microservices platforms. Before joining Sixt, Boyan was very active in the startup scene, most recently he was the Platform Automation Lead at Hailo where he worked on Hailo 2.0 – a global microservices platform.

Boyan has been using AWS since 2008!  In past years he has helped several small and large businesses experience and benefit from running their workloads on the cloud. He is a frequent speaker at AWS meetups and Summits, sharing design patterns for developing and operating highly scalable cloud-native solutions. A devoted enthusiast of the Go programming language, Boyan worked on goamz, one of the first AWS SDKs for Go.

Connect with Boyan on LinkedIn, folllow him on Twitter, watch his SlideShare presentations, or take a peek at his GitHub repos!

Austen Collins
Austen is an entrepreneur and software engineer located in Oakland, CA.  His specific focus is on building cheap, scalable Node.js applications while minimizing DevOps requirements as much as possible.  An enthusiastic AWS Lambda user from day one, Austen founded the Serverless Framework (formerly JAWS), an open source project and module ecosystem to help everyone build applications exclusively on Lambda, without the hassle and costs required by servers.  AWS Lambda can significantly reduce the total cost of ownership of all software projects.  Every ambitious developer and company should take advantage of Lambda, and Austen will help you get started.

You can connect with Austen on LinkedIn, follow him on Twitter and check out his code on GitHub.

Teri Radichel
Teri is a security and software professional with a strong interest in the automation of security, processes and data analysis, with a focus on auditing, networking and financial systems. As a master software engineer on the cloud team for a large financial institution, she helped engineer the initial use of the AWS platform and implements networking for over 60 VPCs.  Teri started the Seattle AWS Architects Engineers Meet Up to connect with and learn from other AWS users. She runs a side consulting business which is part of the AWS Partner Network.  She has earned multiple security certifications from SANS Institute, and also holds an AWS Certification, a Master of Software Engineering from Seattle University, and a Business degree from the University of Washington.

You can connect with Teri on LinkedIn and follow her on Twitter, and read her blog, Random Internet Connections.

Welcome Aboard!
Please join me in welcoming our newest AWS Community Heroes!

I registered my first domain name almost 20 years ago! Back then, the mapping from a domain name to a server was simple and straightforward. Load balancers, geographic redundancy, website monitoring, cloud computing, and the like had not yet entered the scene. The mapping was always from a domain name to a single, unchanging IP address.

Today of course, the situation is a lot different. The mapping from domain name to IP address is no longer necessarily 1 to 1. Sophisticated sites can route requests to servers that are as close as possible to the requester, and may also want to use the requester’s location in other ways.

Route 53 Traffic Flow
In order to make it easier for you to build and run cloud-based applications that embody these characteristics, we introduced a new Traffic Flow feature for Amazon Route 53 last week. You can use this feature to build a routing system that uses a combination of geographic location, latency, and availability to route traffic from your users to your cloud or on-premises endpoints.

You can build your traffic routing policies from scratch, or you can pick a template from a library and then customize it. You can create multiple policies for a given DNS name, and decide which one is active at any given time. Even better, you can do all of this graphically, from within the Route 53 Console.

Creating a Traffic Policy
I will create a traffic policy for one of my domain names, doordesk.com. I start by entering a name and a description:

The console displays the graphical traffic policy editor:

The Start point is simply a DNS entry:

It can connect to several different types of rules and endpoints:

If I choose to create a new endpoint, the editor prompts me for the details:

I can map the Start point to an IP address by choosing Value and entering the address:

At this point I have designed a simple policy that maps the A record to a fixed IP address.

Perhaps I have a production server and a pre-production server, and I would like to send 95% of the traffic to the first one and the remaining 5% to the second. I can do this by creating a Weighted rule that looks like this:

As you can see above, I can also point each element of the rule at one of my Route 53 health checks. If I do this, traffic will be routed to the endpoint only if the health check indicates that the endpoint is healthy.

I can also create a Failover rule. For example, I can route traffic to an IP address if the server is healthy, and to a static, fallback website hosted in S3 if it is not. Here’s how I do that:

The next option is to create a Geolocation rule. I can use a rule of this type to route traffic based on the geographic origin of the DNS query. Here’s a sample:

The final type of rule is called a Latency rule. A rule of this type routes traffic to the AWS region with the lowest latency, as measured from the location of the DNS request. Perhaps I have EC2 instances in the US East (Northern Virginia) and Asia Pacific (Tokyo) regions, and want to provide a good experience by routing traffic as appropriate. Here’s how I would set that up:

The rules can be combined to create more complex traffic flows. Here’s part of a policy that combines Geolocation, Latency, Weighting, and Failover rules, in that order:

After all of this experimentation, I moved ahead with the first policy that I showed up: a simple mapping from IP address to endpoint. I clicked on Save as new version.

Create Policy Records
The next is to create policy records that actually implement (DNS-wise) the traffic policy. The console makes this really easy. I simply select the domain name and the DNS name:

When this action finishes (generally within a minute or two), the DNS records for the new policy take effect in Route 53. As is always the case when you make changes, the DNS TTL (Time to Live) for the domain can mean that changes can take a while to propagate to other DNS servers and to client applications that cache the results of DNS lookups.

You can create and store multiple versions of each of your traffic policies, and then put any desired version in to effect (by creating policy records) as desired:

Available Now
This new feature is available now and you can start using it today. To learn more, read about Using Traffic Flow to Route DNS Traffic in the Route 53 Developer Guide. Pricing starts at $50.00 per policy record per month (see Route 53 Pricing for more info).

— Jeff;

Many AWS customers and partners have been asking for a programmatic way to access prices for AWS services. This information can be used in several ways. Some potential customers are evaluating the feasibility and cost-effectiveness of moving their on-premises workloads to the cloud and want to “do the math.” Current customers and partners would like to make sure that their budgeting, forecasting, and analytics tools are able to analyze AWS prices without having to resort to scraping our web site. Our Managed Services Partners create and supervise tens or thousands of linked AWS accounts (grouped together via Consolidated Billing) and need to make sure the bills presented to their customers reflect the cost of each resource.

New AWS Price List API
In order to meet the needs of these customers and to foster the development of even more tools that focus on cost management, budgeting, and the like, we are launching the AWS Price List API. This API provides you with access to prices in JSON and CSV form. You can download and process this information on an as-needed basis. You can also elect to receive notification via Amazon Simple Notification Service (SNS) each time we make a price change.

Pricing information can be accessed by URLs, each structured as follows:

https://pricing.us-east-1.amazonaws.com/offers/v1.0/aws/{offer_code}/current/index.{format}

where format can be either “json” or “csv.”

You can find the offer code and URLs for all supported services by accessing the Offer Index (https://pricing.us-east-1.amazonaws.com/offers/v1.0/aws/index.json). It begins like this (the currentVersionUrl values are all relative to https://pricing.us-east-1.amazonaws.com):

{
  "formatVersion" : "v1.0",
  "disclaimer" : "This pricing list is for informational purposes only. All prices are subject to the additional terms included in the pricing pages on http://aws.amazon.com. All Free Tier prices are also subject to the terms included at https://aws.amazon.com/free/",
  "publicationDate" : "2015-11-19T02:10:02Z",
 "offers" : {
    "AmazonS3" : {
      "offerCode" : "AmazonS3",
      "currentVersionUrl" : "/offers/v1.0/aws/AmazonS3/current/index.json"
    },
    "AmazonRedshift" : {
      "offerCode" : "AmazonRedshift",
      "currentVersionUrl" : "/offers/v1.0/aws/AmazonRedshift/current/index.json"
    },
    "AmazonEC2" : {
      "offerCode" : "AmazonEC2",
      "currentVersionUrl" : "/offers/v1.0/aws/AmazonEC2/current/index.json"
    },
    "AmazonCloudWatch" : {
      "offerCode" : "AmazonCloudWatch",
      "currentVersionUrl" : "/offers/v1.0/aws/AmazonCloudWatch/current/index.json"
    }
  }
}

Each API response contains two sections: product information and pricing information. Here’s a sample of the product information:

{
  "formatVersion" : "v1.0",
  "disclaimer" : "This pricing list is for informational purposes only. All prices are subject to the additional terms included in the pricing pages on http://aws.amazon.com. All Free Tier prices are also subject to the terms included at https://aws.amazon.com/free/",
  "offerCode" : "AmazonRDS",
  "version" : "20151001000000",
  "publicationDate" : "2015-11-15T04:02:20Z",
  "products" : {
    "FNR4GZ675EW5UXJW" : {
      "sku" : "FNR4GZ675EW5UXJW",
      "productFamily" : "Database Instance",
      "attributes" : {
        "servicecode" : "AmazonRDS",
        "location" : "US West (Oregon)",
        "locationType" : "AWS Region",
        "instanceType" : "db.t2.small",
        "currentGeneration" : "Yes",
        "instanceClass" : "Burstable performance instances",
        "vcpu" : "1",
        "memory" : "2",
        "piopsOptimized" : "No",
        "networkPerformance" : "Low",
        "engineCode" : "10",
        "databaseEngine" : "SQL Server",
        "databaseEdition" : "Express",
        "deploymentOption" : "Single-AZ",
        "usagetype" : "USW2-InstanceUsage:db.t2.small",
        "operation" : "CreateDBInstance:0010"
      }
    },

We’ve added product attributes to all our products. You can use these product attributes to find the SKU that you need prices for. To help you find prices faster, pricing information is also indexed by SKU.

Here is the pricing information associated with the product information above:

     "FNR4GZ675EW5UXJW" : {
        "FNR4GZ675EW5UXJW.JRTCKXETXF" : {
          "offerTermCode" : "JRTCKXETXF",
          "sku" : "FNR4GZ675EW5UXJW",
          "effectiveDate" : "2015-10-01T00:00:00Z",
          "priceDimensions" : {
            "FNR4GZ675EW5UXJW.JRTCKXETXF.6YS6EN2CT7" : {
              "rateCode" : "FNR4GZ675EW5UXJW.JRTCKXETXF.6YS6EN2CT7",
              "rateType" : "Fixed",
              "description" : "$0.044 per RDS T2 Small Instance hour (or partial hour) running SQL Server EX - LI",
              "beginRange" : "0",
              "endRange" : "Inf",
              "unit" : "Hrs",
              "pricePerUnit" : {
                "USD" : "0.0440000000"
              },
              "appliesTo" : [ ]
            }
          },
          "termAttributes" : { }
        }
      },

Available Now
This information is available now and you can start to make use of it today. It is available for all public AWS regions except Beijing (China). Information is not provided for Free Tier pricing, Spot Instances, or for products in the AWS Marketplace.

To learn more, read Using the Price List API.

— Jeff;