General

Q. What is Amazon Web Services Support (AWS Support)?

AWS Support gives customers help on technical issues and additional guidance to operate their infrastructures in the AWS cloud. Customers can choose a tier that meets their specific requirements, continuing the AWS tradition of providing the building blocks of success without bundling or long term commitments.

AWS Support is one-on-one, fast-response support from experienced technical support engineers. The service helps customers use AWS's products and features. With pay-by-the-month pricing and unlimited support cases, customers are freed from long-term commitments. Customers with operational issues or technical questions can contact a team of support engineers and receive predictable response times and personalized support.

Q: How are the enhanced AWS Support tiers different from Basic Support?

AWS Basic Support offers all AWS customers access to our Resource Center, Service Health Dashboard, Product FAQs, and Discussion Forums – at no additional charge. Customers who desire a deeper level of support can subscribe to AWS Support at the Developer, Business, Enterprise On-Ramp, or Enterprise level.

Customers who choose AWS Support gain one-on-one, fast-response support from AWS engineers. The service helps customers use AWS's products and features. With pay-by-the-month pricing and unlimited support cases, customers are freed from long-term commitments. Customers with operational issues or technical questions can contact a  team of support engineers and receive predictable response times and personalized support.

Q: What types of issues are supported?

Your AWS Support covers development and production issues for AWS products and services, along with other key stack components.

  • "How to" questions about AWS service and features
  • Best practices to help you successfully integrate, deploy, and manage applications in the cloud
  • Troubleshooting API and AWS SDK issues
  • Troubleshooting operational or systemic problems with AWS resources
  • Issues with our Management Console or other AWS tools
  • A number of third-party applications such as OS, web servers, email, databases, and storage configuration

AWS Support does not include:

  • Code development
  • Debugging custom software
  • Performing system administration tasks
  • Accessing control of customer managed accounts or systems

Q: What level of architecture support is provided by Support?

The level of architecture support provided varies by support level. Higher service levels provided progressively more support for the customer use case and application specifics.

Developer: Building Blocks
Guidance on how to use all AWS products, features, and services together. Includes guidance on best practices and generalized architectural advice.

Business: Use Case Guidance
Guidance on what AWS products, features, and services to use to best support your specific use cases. Includes guidance on optimizing AWS products and configuration to meet your specific needs.

Enterprise On-Ramp: Application Architecture
Consultative partnership supporting specific use cases and applications. Includes design reviews and architectural guidance. Enterprise On-Ramp customers support team includes a pool of Technical Account Managers.

Enterprise: Application Architecture
Consultative partnership supporting specific use cases and applications. Includes design reviews and architectural guidance. Enterprise-level customers support team includes a designated Technical Account Manager, and access to an AWS Solutions Architect.

Q: I only use one or two services. Can I purchase support for just the one(s) I'm using?

No. Our Support offering covers the entire AWS service portfolio. As many of our customers are using multiple infrastructure web services together within the same application, we’ve designed AWS Support with this in mind. We’ve found that the majority of support issues, among users of multiple services, relate to how multiple services are being used together. Our goal is to support your application as seamlessly as possible.

Q: How many support cases can I initiate with AWS Support?

As many as you need. Basic Support plan customers are restricted to customer support and service limit increase cases.

Q: How many users can open technical support cases?

The Developer, Business, Enterprise On-Ramp, and Enterprise Support plans allow an unlimited number of users to open technical support cases (supported by AWS Identity and Access Management (IAM)). Customers with the Basic Support plan cannot open technical support cases.

Q: How quickly will you get back to me?

Our first-contact response times are based on your chosen severity level for each case. We will use all reasonable efforts to provide responses within these time frames.

 

 

Developer Plan
(Business hours*)

Business Plan
(24x7)

Enterprise On-Ramp
Plan (24x7)
Enterprise Plan
(24x7)
General 
guidance

24 hours or less

24 hours or less

24 hours or less

24 hours or less

System
impaired
12 hours or less 12 hours or less 12 hours or less 12 hours or less
Production
system impaired
  4 hours or less 4 hours or less 4 hours or less
Production
system down
  1 hour or less 1 hour or less 1 hour or less
Business-critical
system down
    30 minutes or less 15 minutes or less

*Business hours are generally defined as 8:00 AM to 6:00 PM in the customer country as set in My Account console, excluding holidays and weekends. These times may vary in countries with multiple time zones. 

Q: How quickly will you fix my issue?

That depends on your issue. The problems that application or service developers encounter vary widely, making it difficult to predict issue resolution times. We can say, however, that we'll work closely with you to resolve your issue as quickly as possible.

Q: How do I contact you?

If you have a paid Support plan, you can open a web support case from Support Center. If you have Business, Enterprise On-Ramp, or Enterprise Support, you can request that AWS contact you at any convenient phone number or start a chat with one of our engineers through Support Center or the AWS Support App in Slack.

You can also see your options for contacting Support on the Contact Us page.

Q: How and when does Support provide real time assistance during chat and phone support cases?

If customers encounter issues after following our step-by-step documentation, they can provide details such as screen prints and logs through a Support case. For high-severity issues, Business-level, Enterprise On-Ramp level, and Enterprise-level customers can chat with or call Support to receive help in real time. In some scenarios, Support provides detailed guidance through email. If necessary, Support will use our screen-sharing tool to remotely view the customer's screens to identify and troubleshoot problems. This tool is view-only—Support cannot act on behalf of customers within the screen-share session. Note, however, that the screen-share tool is not intended to assist with guiding customers through steps that are already documented. If a customer can’t use our screen sharing tool, AWS Support will try to use the screen share tool of the customer’s choice. For security considerations, some tools might not be supported. Developer-level customers can contact Cloud Support Engineers by email; however, screen share is not part of the support offered on their plan.

Q: I'm not in the US. Can I sign up for AWS Support?

Yes, AWS Support is a global organization. Any AWS customer may sign up for and use AWS Support.

Q: Do you speak my language?

AWS Support is currently available in the following languages: Chinese, English, Japanese, and Korean. You may use one of the supported languages as your preferred contact language to access AWS Support.

If you have an AWS Enterprise Support plan, we have Technical Account Managers who can speak and interact with you in the local language of Chinese, English, French, German, Italian, Japanese, Korean, Portuguese, Spanish, Thai, and more. To know if we can interact in your language, contact your account management team or contact AWS sales support for more information.

Q: How do I access Support in my language?

When you create a Support case in AWS Support Center, select your preferred contact language from the list of supported languages. After you do this, the new case opened through AWS Support Center is routed to the support team with proficiency in your preferred language.

Q: Who should use AWS Support?

We recommend all AWS customers use AWS Support to ensure a seamless experience leveraging AWS infrastructure services. We have created multiple tiers to fit your unique technical needs and budget.

Q: How do I offer support for my end customers' AWS-related issues?

If an issue is related to your AWS account, we'll be happy to help you. For problems with a resource provisioned under their own accounts, your customers will need to contact us directly. Due to security and privacy concerns we can only discuss specific details with the account holder of the resource in question. You many also inquire about becoming an AWS Partner, which offers different end-customer support options. For more information, see AWS Partner Network.

Q: I use an application someone else built on Amazon Web Services. Can I use AWS Support?

If the application uses resources provisioned under your AWS account, you can use AWS Support. First, we'll help you to determine whether the issue lies with an AWS resource or with the third-party application. Depending on that outcome, we'll either work to resolve your issue or let you know to contact the application developer for continued troubleshooting.

Q: How can I get started with AWS Support?

You can add AWS Support during the sign up process for any AWS product. Or simply select an AWS Support Plan.

Q: How much does AWS Support cost?

AWS Support offers differing levels of service to align with your needs and budget, including our Developer, Business, Enterprise On-Ramp, and Enterprise Support plans. See our pricing table for more details.

Q: Why does my AWS Support bill spike when I purchase EC2 and RDS Reserved Instances and ElasticCache Reserved Cache Nodes?

When you prepay for compute needs with Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instances, Amazon Relational Database Service (Amazon RDS) Reserved Instances, Amazon Redshift Reserved Instances, or Amazon ElastiCache Reserved Cache Nodes and are enrolled in a paid AWS Support plan, the one-time (upfront) charges for the prepaid resources are included in the calculation of your AWS Support charges in the month you purchase the resources. In addition, any hourly usage charges for reserved resources are included in the calculation of your AWS Support charges each month.

If you have existing reserved resources when you sign up for a Support plan, the one-time (upfront) charges for the reserved resources, prorated over the term of the reservation, are included in the price calculation for the first month of AWS Support. For example, if you purchase a three-year reserved instance on January 1 and sign up for the Business support plan on October 1 of the same year, 75% of the upfront fee you paid in January is included in the calculation of Support costs for October.

Q: How will I be charged and billed for my use of AWS Support?

Upon signup, you will be billed a minimum monthly service charge for the first calendar month (prorated).

In subsequent months if your usage-based charges exceed the minimum monthly service charge, you'll be billed for the difference at the end of the month. End of the month bills, being dated on the first of the following month, will thus reflect both the current month's usage-based charges.

Reserved resource customers (EC2 and RDS Reserved Instances and ElastiCache Reserved Cache Nodes) should expect their prepaid amounts to be included in the usage-based component during the month they are purchased.

Q: How do I cancel my AWS Support subscription?

You need to wait for a minimum of 30 days since subscription start date and cancel visiting the support plans console after 30 days have passed.

To cancel a paid Support plan, switch to the Basic support plan:

Sign in to your AWS account with your root account credentials
Go to https://console.aws.amazon.com/support/plans/home
On the Support plans page, choose Change plan
On the Change support plan page, select the Basic plan, and then choose Change plan

Q: Can I sign up for AWS Support, receive assistance, and then cancel the subscription? If so, will I be charged a prorated amount?

You are obligated to pay for a minimum of one month of support each time you register to receive the service. You need to wait for a minimum of 30 days since the subscription start date to cancel a subscription. We reserve the right to refuse to provide AWS Support to any customer that frequently registers for and terminates the service.

Q: How does Chat support work?

Chat is just another way, in addition to phone or email, to gain access to Technical Support engineers. By choosing the chat support icon in the Support Center, a chat session will be initiated through your browser. This provides a real-time, one-on-one interaction with our support engineers and allows additional information and links to be shared for faster issue resolution.

Offering support via chat is new for AWS, but not for Amazon.com. We have taken the same chat capabilities currently in use by retail customers and made it available for AWS technical support. Business, Enterprise On-Ramp, and Enterprise-level customers can access chat capabilities within the Support Center. Support users can also launch a chat session from an individual case or the Contact Us section of the AWS website.

Q: What are the best practices for fault tolerance?

Customers frequently ask us if there is anything they should be doing to prepare for a major event that could affect a single Availability Zone. Our response to this question is that customers should follow general best practices related to managing highly available deployments (e.g., having a backup strategy, distributing resources across Availability Zones). The following links provide a good starting point:

Q: How do I configure Identity and Access Management (IAM) for support?

For details on how you can configure your IAM users to allow/deny access to AWS Support resources, see Accessing AWS Support.

Q: How long is case history retained?

Case history information is available for 12 months after creation.

Q. Can I get a history of AWS Support API calls made on my account for security analysis and operational troubleshooting purposes?

Yes. To receive a history of AWS Support API calls made on your account, you can enable CloudTrail in the AWS Management Console. For more information, see Logging AWS Support API Calls with AWS CloudTrail.

Q: Does my Amazon Enterprise Support Subscription include Support for Amazon EKS Anywhere?

Amazon Enterprise Support covers general guidance for EKS Anywhere customers. To get additional support including detailed troubleshooting and pass-through support for 3rd party components bundled with EKS Anywhere, you will need to purchase a separate Amazon EKS Anywhere Support Subscription, in addition to your existing Amazon Enterprise Support Subscription. Learn more about AWS Enterprise Support here. For further information on EKS Anywhere Support Subscription, visit the EKS Anywhere pricing page.

Q: Why are my attachments no longer showing as attachments?

Amazon is using a new process to share attachments. You will still be able to access all of the attachments sent to you, however you will need to click the link in the attachment box to download them, rather than an attachment itself. You will have access to downloads for 30 days, and then the link will expire. 

Q: What if I need to download the attachment after 30 days?

The links are valid for 30 days. After 30 days, you may reach out to the original sender and request that they send you the attachment again. The original sender will need to generate
a new link.

Q: It hasn’t yet been 30 days since I received the email, however the attachment won’t download and I receive an error message. What is happening here?

Access can be revoked by the sender prior to the 30 days. Reach out to the sender for more information.

Q: I’m unable to download when I click the link. What do I do?

Check your (or your company’s) settings around firewall or other blocks on external websites. If you are unable to resolve the problem, reach out  to the original sender.

 

 

AWS Health

Q: What is the difference between service and account health?

Service health provides an overview of the current and historical status of all AWS services. It includes wider-scale events that can affect overall service availability in a Region. You do not need to sign in or have an AWS account to view this page.

Account health events includes localized operational issues and planned lifecycle events that can affect your workloads running on AWS. Account health is available to authenticated AWS users. By signing in to account health, you can view all AWS Health events including a more personalized view of events affecting your specific AWS services and resources, in addition to service health. You can view account health from the AWS Health Dashboard, programmatically access events using Amazon EventBridge or AWS Health API (available to AWS Business, AWS Enterprise On-Ramp, and AWS Enterprise Support customers). AWS Health also provides out-of-the-box integrations with IT Service Management (ITSM) tools, such as ServiceNow.

Q: What actions should I take based on the status provided by AWS Health?

AWS Health provides actionable guidance to help you troubleshoot and remediate operational events, and take actions to prepare for scheduled changes such as planned lifecycle events.

Q: What notifications channels are available?

AWS Health offers the flexibility to view Health events using the channel that best suits your needs. You can view AWS Health information using AWS Health Dashboard, which requires no setup and is available to all authenticated AWS users. You can can also receive AWS Health event updates using Amazon EventBridge, access AWS Health programmatically using AWS Health API (available to AWS Business, AWS Enterprise On-Ramp, and AWS Enterprise Support customers), or use out-of-the-box integrations with IT Service Management (ITSM) tools, such as ServiceNow.

Q: How do I sign up for notifications?

In addition to the notification channels listed above (AWS Health Dashboard, Amazon EventBridge, and AWS Health API), you can configure notifications through additional channels including email, chat, or push notifications to the AWS Console Mobile Application using AWS User Notifications. Based on rules that you create, User Notifications creates and sends a notification when an event matches the values that you specify in a rule.

It is important to note that AWS Health event notifications using User Notifications do not provide as much details as the channels listed previously such as AWS Health Dashboard, Amazon EventBridge, and AWS Health API. User Notifications provide a simple and effective way to notify stakeholders of issues and changes. To send the full content of Health events to another destination, you can use Amazon EventBridge to automate the management of AWS Health events across your organization. Based on rules that you create, EventBridge invokes one or more target actions when an event matches the values that you specify in the rule.

Q: Can AWS Health automate any actions I take today to recover from known events?

You can use Amazon EventBridge to automate the management of AWS Health events across your organization by creating rules on EventBridge. Based on rules that you create, EventBridge invokes one or more target actions when an event matches the values that you specify in the rule. Depending on the type of event, you can capture event information, initiate additional events, send notifications, take corrective action, or perform other actions.

Q: Can I create custom actions with AWS Lambda?

Yes, you can define custom actions in AWS Lambda, and use Amazon Eventbridge to initiate these Lambda actions in response to events.

Q: Can I access AWS Health programmatically?

Yes. AWS Health is programmatically accessible with Amazon EventBridge and AWS Health API. AWS Health API is available to customers who are on AWS Business, AWS Enterprise On-Ramp, and AWS Enterprise Support plans.

Q: Can I use AWS Health with Amazon CloudWatch?

Yes. AWS Health is the authoritative data source for events and changes affecting your AWS cloud resources. Amazon CloudWatch is a service that monitors applications, responds to performance changes, optimizes resource use, and provides insights into operational health.  You can create an alarm to monitor any Amazon CloudWatch metric in your account and overlay AWS Health events with CloudWatch metrics to draw more insights when an alarm is activated.  

AWS Trusted Advisor

Overview

Q: What is AWS Trusted Advisor?

AWS Trusted Advisor helps you optimize costs, increase performance, improve security and resilience, and operate at scale in the cloud. Trusted Advisor continuously evaluates your AWS environment using best practice checks across the categories of cost optimization, performance, resilience, security, operational excellence, and service limits, and recommend actions to remediate any deviations from best practices.

Q: How do I access Trusted Advisor?

Trusted Advisor is available in the AWS Management Console. You can access the Trusted Advisor console directly at https://console.aws.amazon.com/trustedadvisor/.

Q: What does Trusted Advisor check?

Trusted Advisor includes an expanding list of checks across the categories of cost optimization, security, fault tolerance, performance, operational excellence, and service limits. For a complete list of checks and descriptions, explore AWS Trusted Advisor Best Practices.

Q: How does the Trusted Advisor notification feature work?

The Trusted Advisor notification feature helps you stay up-to-date with your AWS resource deployment. You will be notified by weekly email when you opt in for this service. A refresh of checks is required to ensure up-to-date summary of check status in email notification. Automated weekly refresh of checks is performed for accounts with AWS Business SupportAWS Enterprise On-Ramp, and AWS Enterprise Support. Accounts with AWS Developer Support and AWS Basic Support will need to login to the AWS Management Console to trigger check refresh.

  • What is in the notification? The notification email includes the summary of saving estimates and your check status, especially highlighting changes of check status.
  • How do I sign up for the notification? This is an opt-in service, so do make sure to set up the notification in your dashboard. You can choose which contacts receive notification on the Preferences pane of the Trusted Advisor console.
  • Who can get this notification? You can indicate up to three recipients for the weekly status updates and savings estimates.
  • What language will the notification be in? The notification is available in English and Japanese.
  • How often will I get notified, and when? You will receive a weekly notification email, typically on Thursday or Friday, and it will reflect your resource configuration over the past week (7 days).
  • Can I unsubscribe from the notifications if I do not want to receive the email anymore? Yes. You can change the setting in your dashboard by clearing all the check boxes and then selecting "Save Preferences".
  • How much does it cost? It's free. Get started today!

Q: How does the "Recent Changes" feature work?

Trusted Advisor tracks the recent changes to your resource status on the console dashboard. The most recent changes over the past 30 days appear at the top. The system will track seven updates per page, and you can go to different pages to view all recent changes by clicking the forward or the backward arrow displayed on the top-right corner of the "Recent Changes" area.

Q: How does the "Exclude Items" function work?

If you don’t want to be notified about the status of a particular resource, you can choose to exclude (suppress) the reporting for that resource. You would normally do this after you have inspected the results of a check and decide not to make any changes to the AWS resource or setting that Trusted Advisor is flagging.

To exclude items, check the box to the left of the resource items, and then choose "Exclude and Refresh". Excluded items appear in a separate view. You can restore (include) them at any time by selecting the items in the excluded items list and then choosing "Include and Refresh".

The "Exclude and Refresh" function is available only at the resource level, not at the check level. We recommend that you examine each resource alert before excluding it to make sure that you can still see the overall status of your deployment without overlooking a certain area. For an example, see AWS Trusted Advisor for Everyone in the AWS Blog.

Q: What is an action link?

Most items in a Trusted Advisor report have hyperlinks to the AWS Management Console, where you can take action on the Trusted Advisor recommendations. Action links are included for all services that support them.

For example, the Amazon EBS Snapshots check lists Amazon EBS volumes whose snapshots are missing or more than seven days old. In each row of the report, the volume ID is a hyperlink to that volume in the Amazon EC2 console, where you can take action to create a snapshot with just a couple of clicks.

Q: How do I manage the access to the Trusted Advisor console? What is the IAM policy?

For the Trusted Advisor console, access is controlled by IAM policies that use the trustedadvisor namespace, and access options include viewing and refreshing individual checks or categories of checks. For more information, see Manage access for AWS Trusted Advisor. 

Q: How do I access AWS Trusted Advisor via API?

You can programmatically access Trusted Advisor best practice checks, recommendations, and prioritized recommendations using Trusted Advisor API, available to AWS Business Support, AWS Enterprise On-Ramp Support, and AWS Enterprise Support customers. To learn more about Trusted Advisor API, please refer to the user guide.

Q: How often can I refresh my Trusted Advisor result?

The minimum refresh interval varies based on the check. You can refresh individual checks or refresh all the checks at once by choosing "Refresh All" in the top-right corner of the summary dashboard. When you visit the Trusted Advisor dashboard, any checks that have not been refreshed in the last 24 hours are automatically refreshed; this can take a few minutes. The date and time of the last refresh is displayed to the right of the check title. In addition, for customers with Business, Enterprise On-Ramp, or Enterprise Support plans, the Trusted Advisor data is automatically refreshed weekly.

Q: How do Trusted Advisor activities affect my AWS CloudTrail logs?

AWS CloudTrail logs Trusted Advisor activities from the API and console. For example, you can use the API to programmatically refresh a check or manually refresh a check in the Trusted Advisor console. CloudTrail records this activity and you can view details about the event in your logs. Automatic refreshes performed by Trusted Advisor also appear in CloudTrail logs. 

For more information about CloudTrail logging for the Trusted Advisor API, see Logging AWS Support API Calls with AWS CloudTrailFor information about CloudTrail logging for the Trusted Advisor console, see Logging AWS Trusted Advisor console actions with AWS CloudTrail.

Q: Which Trusted Advisor checks and features are available to all AWS customers?

AWS Basic Support and AWS Developer Support customers get access to 6 security checks (S3 Bucket Permissions, Security Groups - Specific Ports Unrestricted, IAM Use, MFA on Root Account, EBS Public Snapshots, RDS Public Snapshots) and 50 service limit checks. AWS Business Support, AWS Enterprise On-Ramp, and AWS Enterprise Support customers get access to all 115 Trusted Advisor checks (14 cost optimization, 17 security, 24 fault tolerance, 10 performance, and 50 service limits) and recommendations. For a complete list of checks and descriptions,

AWS Basic Support and AWS Developer Support customers get access to 6 security checks (S3 Bucket Permissions, Security Groups - Specific Ports Unrestricted, IAM Use, MFA on Root Account, EBS Public Snapshots, RDS Public Snapshots) and service limit checks. AWS Business Support, AWS Enterprise On-Ramp Support, and AWS Enterprise Support customers get access to the full set of Trusted Advisor checks (For a complete list of checks and descriptions, explore Trusted Advisor Best Practices.

All customers also have access to some Trusted Advisor features, including the weekly Trusted Advisor notification, the Action Links, the Exclude Items, and the Access Management features.

Q: Why are my CloudWatch event rules and metric alarms for the EC2 On-Demand Instances check not working?

If your account has been opted in to vCPU-based On-Demand Instance limits, you must adjust your metric alarms and event rules to account for the vCPU-based instance limits. To see if you are using vCPU-based On-Demand Instances, visit the Limits page on Amazon EC2 console.  

Q: What service limits do you check?

You can find the limits that Trusted Advisor checks in AWS Trusted Advisor Best Practices. For information about limits, see AWS Service Quotas.

Q: Why is it safe to ignore or suppress red flags from the "Security Groups - Specific Ports Unrestricted" and "Security Groups - Unrestricted Access" security checks for security groups created by AWS Directory Services?

AWS Directory Services is a managed service that automatically creates an AWS security group in your VPC with network rules for traffic in and out of AWS managed domain controllers. The default inbound rules allow traffic from any source (0.0.0.0/0) to ports required by Active Directory. These rules do not introduce security vulnerabilities, as traffic to the domain controllers is limited to traffic from your VPC, other peered VPCs, or networks connected using AWS Direct Connect, AWS Transit Gateway or Virtual Private Network. In addition, the ENIs the security group is attached to do not and cannot have Elastic IPs attached to them, limiting inbound traffic to local VPC and VPC routed traffic. Security groups created by AWS Directory Services can be recognized by the security group name (always in the format “directory-id_controllers” (e.g. d-1234567890_controllers) or the security group description (always in the format “AWS created security group for directory-id directory controllers”).

Reserved Instance optimization check

Q: What data set are you using to make a Reserved Instance recommendation? 

Your Reserved Instance recommendations are provided by Cost Explorer, which calculates recommendations based on your on-demand usage over the past 30 days.

Q: Does the recommendation consider volume discounts?

No, reservation recommendations are based on public pricing.

Q: I just purchased a new Reserved Instance. Why isn’t it showing up in the recommendation?

Since these recommendations are based on previous on-demand usage, newly purchased reservations do not show until the corresponding usage shows up in your billing data. Recommendations may be inaccurate if reservations have been purchased during the past 30 days.

Q: How do you calculate the optimized number of Reserved Instances? 

Reservation recommendations are calculated based on your on-demand usage over the past 30 days. These recommendations are calculated by identifying the reservation purchases which would result in the lowest possible bill you could have achieved over this period. These recommendations target the lowest possible bill, and not any particular utilization or coverage threshold.

Q: Do you include other Reserved Instance types in the recommendation? 

This check covers recommendations based on Standard Reserved Instances with partial upfront payment option. For other variations including convertible reserved instances or alternate payments options, please refer to Cost Explorer’s Reservation Recommendations.

Q: Why are there separate sections for 1 year and 3 year Reserved Instances? 

Customers have a choice between buying 1 year and 3 year term Reserved Instances from AWS. This check assumes you will purchase Reserved Instances for either 1 year or 3 year terms, not both. As a result, recommendations for purchasing additional 1 year or 3 year term Reserved Instances are not additive across both term lengths, so recommendations are called out separately.

To illustrate: In a recommendation for three additional 1 year Reserved Instances or four additional 3 year Reserved Instances, we are recommending the purchase of three or four Reserved Instances respectively, not a total of seven additional Reserved Instances.

Q: Are all instance types included in the recommendation? 

Yes, all instances types are included that have corresponding reservations available.

Q: I use a spot instance. Do you include spot rates in the calculation? 

No, spot usage is not eligible to be covered by reservations and is excluded from these recommendations.

Q: I have third-party Reserved Instances from the Reserved Instance Marketplace. Do you include those in the results? 

Recommendation for Reserved Instance purchase is made based on billing usage not covered by all available Reserved Instances, including those purchased from the Marketplace. Cost savings are calculated based on public pricing and do not take into account the availability of reserved instances available on the RI Marketplace.

Q: Does the recommendations include any money I made if I sell my existing Reserved Instance to purchase the recommended Partial Upfront Reserved Instances? 

No, these recommendations are only purchase recommendations based on public pricing and on demand usage. They do not take into account any potential sales of existing RIs on the RI Marketplace or the conversion of existing underutilized Reservations.

Q: What defines the alert criteria for this check? 

This check is flagged yellow when optimizing the use of partial upfront RIs can help reduce costs.

Q: What is the recommended action when the check goes yellow? 

See the Cost Explorer page for more detailed and customized recommendations.

Additionally, refer to the Amazon Elastic Compute Cloud User Guide for Linux Instances to understand purchased Reserved Instances and the available options.

Q: Where can I learn more about Reserved Instances? 

Information on RIs and how they can save you money can be found on the Amazon EC2 Reserved Instances page.

Q: What does each field in the check result mean?

  1. Region - The AWS Region of the recommended reservation.
  2. Instance Type - The type of instance that AWS recommends.
  3. Platform - The platform of the recommended reservation. The platform is the specific combination of operating system, license model, and software on an instance.
  4. Recommended Number of RIs to Purchase - The number of RIs that AWS recommends that you purchase.
  5. Expected Average RI Utilization - The expected average utilization of the your RIs.
  6. Estimated Savings with Recommendation (Monthly) - How much AWS estimates that this specific recommendation could save you in a month.
  7. Upfront Cost of Ris - How much purchasing this instance costs you upfront.
  8. Estimated cost of RIs (Monthly) - How much the RIs will cost on a monthly basis after purchase.
  9. Estimated On-Demand Cost Post Recommended RI Purchase (Monthly) - How much AWS estimates that you will spend per month on On-Demand Instances after purchasing the recommended RIs.
  10. Estimated Break Even (Months) - How long AWS estimates that it takes for this instance to start saving you money, in months.
  11. Lookback Period (Days) - How many days of previous usage that AWS considers when making this recommendation.
  12. Term (Years) - The term of the reservation that you want recommendations for, in years.

Q: Why do I see a blue question mark for this recommendation on the Trusted Advisor Console? 

Either you are not subscribed to Cost Explorer or you are logged into a linked account and not the payer account. Visit consolidated billing for additional information on payer and linked accounts.

Q: How often can I refresh this check? 

The results of the recommendations are dependent on Cost Explorer which updates less frequently than Trusted Advisor. Refreshing every 6 hours ensures you see the most current data available.

AWS Trusted Advisor Priority

Q: What is AWS Trusted Advisor Priority?

AWS Trusted Advisor Priority helps you focus on the most important recommendations to optimize your cloud deployments, improve resilience, and address security gaps. Available to AWS Enterprise Support customers, Trusted Advisor Priority provides prioritized and context-driven recommendations that come from your AWS account team as well as machine-generated checks from AWS services.

Q: How do I access AWS Trusted Advisor Priority?

Trusted Advisor Priority is available from the management or delegated administrator account on the Enterprise Support plan. If you have an Enterprise Support plan and are the management account owner for your organization, please contact your AWS account team to request access. Recommendations in Trusted Advisor Priority are aggregated across member accounts in your organization.

Q: Where do AWS Trusted Advisor Priority recommendations come from?

Trusted Advisor Priority recommendations can come from one of two sources:

  • AWS services such as AWS Trusted Advisor, AWS Security Hub, and AWS Well-Architected automatically create recommendations. Your Technical Account Manager (TAM) sends these recommendations so that they appear in your AWS Trusted Advisor Priority console.
  • Your TAM can create specific recommendations for risks that they identified in your account.

Operations support

Q: How many Cloud Operations Reviews are Enterprise On-Ramp and Enterprise Support customers entitled to?

Every Enterprise On-Ramp customer is entitled to one Cloud Operations review per year. Every Enterprise Support customer is entitled to one Cloud Operations review. Additional reviews may be available based on customer need.

Q: How do I get started with my Cloud Operations Review?

Enterprise On-Ramp customers can contact the pool of Technical Account Managers to initiate a Cloud Operations Review. Enterprise Support customers can contact their Technical Account Manager to initiate a Cloud Operations Review.

Third-party software

Q: What third-party software is supported?

AWS Support Business, Enterprise On-Ramp, and Enterprise levels include limited support for common operating systems and common application stack components. AWS Support engineers can assist with the setup, configuration, and troubleshooting of the following third-party platforms and applications:

Operating systems on EC2 instances:

  • Ubuntu Linux and Debian
  • Red Hat Enterprise Linux, Fedora, and Fedora CoreOS
  • SUSE Linux (SLES and openSUSE)
  • CentOS Linux
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019

Infrastructure components:

  • Sendmail and Postfix MTAs
  • OpenVPN and RRAS
  • SSH, SFTP, and FTP
  • LVM and Software RAID

Web servers:

  • Apache
  • IIS
  • Nginx

Databases:

  • MySQL
  • Microsoft SQL Server
  • PostgreSQL
  • Oracle

Q: What if you can’t resolve my third-party software issue?

In the case that we are not able to resolve your issue we will collaborate with, or refer you to, the appropriate vendor support for that product. In some cases you may need to have a support relationship with the vendor to receive support from them.

Q: What are some of the most common reasons a customer might require third-party software support?

AWS Support can assist with installation, configuration, and troubleshooting of third-party software on the supported list. For other more advanced topics such as performance tuning, troubleshooting of custom code or scripts, security questions, etc. it may be necessary to contact the third-party software provider directly. While AWS Support will make every effort to assist, any assistance beyond installation, configuration, and basic troubleshooting of supported third-party software will be on a best-effort basis only.

AWS account closure

Q: How do I close my AWS account?

Before closing your account, be sure to back up any applications and data that you need to retain. AWS may not be able to retrieve your account data after your account is closed. After completing your backup, visit your Account Settings page and choose "Close Account". This will close your AWS account and unsubscribe you from all AWS services. You will not be able to access AWS services or launch new resources when your account is closed.

If you manage multiple AWS accounts under the same company name that you would like to close, you can contact your account representative or open an account and billing support case for assistance. If you have additional questions or requirements associated with closing your AWS accounts, your account representative or AWS Customer Service can help.

Q: I received an error message when I tried to close my AWS account. What do I need to do?

If you receive an error message when trying to close your account, you can contact your account representative or open an account and billing support case for assistance.

Q: Will I be billed after I close my account?

Usage and billing stops accruing when your account is closed. You will be billed for any usage that has accrued up until the time you closed your account, and your final charges will be billed at the beginning of the following month.

Cross-account support

Q: What is cross-account support?

Cross-account support is when a customer opens a premium support case from one account (e.g. account 12345678910) and requests assistance for resources owned by another account (e.g. an instance in account 98765432109).

Q: Why is cross-account support not performed?

Support engineers have no way to determine the access that someone (acting under a user or role in one account) has been granted to resources owned by another account. Due to security and privacy concerns we can only discuss specific details with the account holder of the resource in question.

Q: I have access to all relevant accounts, how do I log a support request for a shared resource?

Please open a support case from the resource-owning account. If there is a requirement to access the resource from a second account, please open a new support case from the second account as well. Then ask your support engineer to link the two cases, referencing the two case IDs.

Q: Does membership of AWS Organizations (or Consolidated Billing) allow me to log a cross-account support request?

No. Accounts can be separated in an Organization to isolate resources and permissions among individuals. If you are not restricted to a specific account, please see the previous FAQ.

Common AWS Concierge customer questions

Account management

Q: How do I securely control access to my AWS services and resources?

We recommend that you use AWS Identity and Access Management (IAM), which enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups and use permissions to allow and deny access to AWS resources. IAM enables security best practices by allowing you to grant unique security credentials to users and groups to specify which AWS service APIs and resources they can access.

IAM access can be revoked if a user leaves the company or project, helping to ensure that root credentials are not exposed or compromised. For security and team functionality, IAM users are essential to using the full potential of your AWS account. For more information on IAM and controlling access to your billing information, see AWS Identity and Access Management (IAM) and Controlling Access to Your Billing Information.

Consolidated billing

Q: What is consolidated billing?

Consolidated billing is a feature that allows you to consolidate payment for multiple AWS accounts in your organization by designating one of them to be the payer account.

With consolidated billing, you can see a combined view of AWS charges incurred by all accounts, as well as get a detailed cost report for each individual AWS accounts associated with your payer account. Consolidated billing is offered at no additional charge and allows for all accounts under the consolidated group to be treated as one account, which assists with achieving volume discounts more rapidly.

See Pay Bills for Multiple Accounts with Consolidated Billing in the AWS Billing and Cost Management User Guide.

Q: How can I use my AWS bill to evaluate costs?

AWS provides a number of different ways to explore your AWS monthly bill and to allocate costs by account, resource ID, or customer-defined tags.

To get a snapshot of your billing data, you can use the Billing and Cost Management console, the monthly cost allocation report, and the monthly billing report.

For a more detailed view, you can also use these resources:

Q: What are blended rates?

For billing purposes, AWS treats all the accounts in a Consolidated Billing family as if they're one account. Blended rates appear on your bill as an average price for variable usage across an account family. This allows you to take advantage of two features that are designed to ensure that you pay the lowest available price for AWS products and services:

  • Pricing tiers: Pricing tiers reward higher usage with lower unit prices for services
  • Capacity reservations: Rates are discounted when you purchase some services in advance for a specific period of time. 

You can always see the precise account usage, along with the unblended rates, in the detailed billing reports.

For more information, see Understanding Blended Rates in the AWS Billing and Cost Management User Guide.

Q: Why don't I see the same figures in the Billing and Cost Management console as I see in the detailed billing report?

The Billing and Cost Management console and the detailed billing report provide different information based on blended and unblended rates. For more information, see Understanding Blended Rates or contact us through the AWS Support Center.

Q: How do I tell which accounts benefited from Reserved Instance pricing?

The Detailed Billing Report shows the linked accounts that benefited from a Reserved Instance on your consolidated bill. The costs of the Reserved Instances can be unblended to show how the discount was distributed. Reserved Instance utilization reports also show the total cost savings (including upfront Reserved Instance costs) across a Consolidated Bill.

Reporting

Q: How do I use the AWS Billing and Cost Management console?

The AWS Billing and Cost Management Console is a service that you use to pay your AWS bill, monitor costs, and visualize your AWS spend. There are many ways to use this tool for your account.

For more information, see What Is AWS Billing and Cost Management?

Q: How do I use Cost Explorer?

You can use Cost Explorer to visualize patterns in your spending on AWS resources over time. You can quickly identify areas that need further inquiry, and you can see trends that you can use to understand spend and to predict future costs.

For more information, see Manage Your Spend Data with Cost Explorer.

Q: How do I use the Amazon EC2 instance usage reports?

You can use the instance usage reports to view your instance usage and cost trends. You can see your usage data in either instance hours or cost. You can choose to see hourly, daily, and monthly aggregates of your usage data. You can filter or group the report by region, Availability Zone, instance type, AWS account, platform, tenancy, purchase option, or tag. After you configure a report, you can bookmark it so that it's easy to get back to later.

For more information, see Instance Usage Report.

Q: How do I use the Reserved Instance utilization report?

The Reserved Instance utilization report describes the utilization over time of each group (or bucket) of Amazon EC2 Reserved Instances that you own. Each bucket has a unique combination of region, Availability Zone, instance type, tenancy, offering type, and platform. You can specify the time range that the report covers, from a single day to weeks, months, a year, or three years.

For more information, see Reserved Instance Utilization Reports.

Reserved Instances

Q: How do I tell if my Reserved Instances are being used?

Three tools are available to determine Reserved Instance utilization:

  • Detailed billing report. This report shows hourly detail of all charges for an account or consolidated bill. Near the bottom of the report are line items that explain Reserved Instance utilization in an aggregated format (xxx hours purchased; xxx hours used). To configure your account for this report, see Getting Set Up for Usage Reports.
  • Reserved Instance utilization report. This report is accessible from the Billing and Cost Management console and shows a high-level overview of utilization. For more information, see Reserved Instance Utilization Reports.
  • Billing and Cost Management console. The "Bills" pane of the console shows Reserved Instance utilization in the highest level. This view provides the least detailed view of Reserved Instance utilization.

Q: How do I see how Reserved Instances are applied across my entire Consolidated Bill?

The detailed billing report shows the hourly detail of all charges on an account or consolidated bill. Near the bottom of the report, line items explain Reserved Instance utilization in an aggregated format (xxx hours purchased; xxx hours used). To configure your account for this report, see Getting Set Up for Usage Reports.

Q: How do I tell if and why a Reserved Instance is underutilized?

In addition to the three tools listed in How do I tell if my Reserved Instances are being used, AWS Trusted Advisor provides best practices (or checks) in four categories: Cost Optimization, Security, Fault Tolerance, and Performance. The Cost Optimization section includes a check for Amazon EC2 Reserved Instances Optimization. For more information about the Trusted Advisor check, see Reserved Instance Optimization Check Questions.

General billing

Q. Which accounts are charged sales tax and why?

Tax is normally calculated at the linked account level. Each account must add its own tax exemption. For more information on US sales taxes and VAT taxes, see the following:

Limit increases

Q. How do I submit an urgent limit increase request?

Submit limit increase requests in the AWS Support Center. Choose "Create case", select "Service Limit Increase", and then select an item from the"Limit Type" list.

We aim for a quick turnaround time with all limit increases. If your request is urgent, complete the details of the request and then select the "Phone" contact method for 24/7 service. Provide the agent with the support case ID, and we will follow up immediately with the relevant teams.

Resellers

Q. How do we bill our end customers based on the detailed billing report?

AWS does not support the billing of reseller end customers because each reseller uses unique pricing and billing structures. We do recommend that resellers not use blended rates for billing—these figures are averages and are not meant to reflect actual billed rates. The detailed billing report can show unblended costs for each account on a consolidated bill, which is more helpful for the purpose of billing end customers.

Regional Pricing

Q: What is regional pricing?

Regional pricing is a revised pricing scheme for specific countries. AWS reserves the right to define the countries that qualify for regional pricing. Below is the list of countries  that currently qualify for regional pricing: India, mainland China and select LATAM countries [Guadeloupe, US Virgin Islands, Colombia, Honduras, Dominican Republic, Anguilla, Aruba, Guyana, Peru, Barbados, Puerto Rico, Trinidad and Tobago, Belize, Martinique, Dominica, Saint Vincent and Grenadines, Bermuda, Cayman Islands, Jamaica, Turks and Caicos Islands, Costa Rica, Curacao , Chile, Saint Kitts and Nevis, British Virgin Islands, Ecuador, Nicaragua, Uruguay, Venezuela (Bolivarian Republic), Grenada, Montserrat, Bolivia, Bahamas, Netherlands Antilles, Paraguay, Panama, Mexico, Haiti, American Samoa, Guatemala, El Salvador, Antigua and Barbuda, Brazil, Suriname, Saint Lucia, Argentina, French Guiana, Bonaire]. 

Q: How does AWS determine the location of an account?

The location of an account is determined by the customer tax settings as described here.

Q: How is billing for regional pricing calculated?

The billing for regional pricing is calculated in similar way to the ES billing methodology as described here.

Q: What determines eligibility for regional pricing?

Customers will qualify for the regional pricing if all of their accounts subscribed to Enterprise Support are located in any combination of the qualifying countries. A customer is still eligible for regional pricing even if the customer has multiple accounts in different countries as long as all the countries are all on the list of specified countries. There are four main criteria for determining eligibility for regional pricing:

  1. The customer must be on Enterprise Support public pricing.
  2. Qualifying accounts must be on the same billing profile.
  3. All the qualifying accounts must have been in the specified region countries for at least 25 days within the calendar month.
  4. All the qualifying customer accounts must be in specified region countries on the last day of the month.
 
Q: What do I need to do to qualify for the regional pricing?
 
Customers do not need to take any action to qualify for the regional pricing. AWS premium support billing will evaluate the location of the customer’s accounts to determine eligibility and apply the regional pricing automatically.
 
Q: What happens if I move any of my accounts outside of the qualified regions?
 
The eligibility for regional pricing is evaluated every month. If a customer who was previously on regional pricing moves any of their accounts to a country outside of the qualified countries, then the customer will not be eligible for regional pricing for that month. If the customer however moves the account back to the qualified countries then the customer will qualify for the regional pricing the following month provided the evaluation criteria above are met. 
 
Q: Is there any condition that precludes a customer from benefiting from the regional pricing?
 
Customers will be precluded from benefiting from regional pricing for a period of 12 months if they are found to have previously qualified for regional pricing but breached the eligibility criteria at least three times in the previous twelve months.

End of support (EOS) for Microsoft products

Q: What is Microsoft End of Support (EOS)?

Microsoft Lifecycle Policy offers 10 years of support (5 years for Mainstream Support and 5 years for Extended Support) for Business and Developer products (such as SQL Server and Windows Server). As per the policy, after the end of the Extended Support period there will be no patches or security updates.

Q: How does EOS affect my existing instances on Amazon Web Services (AWS)?

There is no direct impact to existing instances. Customers can continue to start, run, and stop instances.

Microsoft will not provide patches for EOS products, unless customers purchase Extended Security Updates.

Q: Can I launch new instances that include EOS software from my Custom Amazon Machine Images (AMIs)?

Yes.

Q: Can I import images that contain EOS software into AWS using AWS tools?

Yes, customers can continue to import images to AWS using VM Import/Export (VMIE), Server Migration Service (SMS), or CloudEndure.

Q: How does EOS affect Managed AWS Windows AMIs?

There is no direct impact to existing AMIs registered in customer accounts.

AWS will not publish or distribute Managed AWS Windows AMIs that contain EOS software to AWS Management Console, Quick Start, or AWS Marketplace.

Customers with dependencies on Managed AWS Windows AMIs impacted by EOS should consider their options, including creating Custom AMI(s) within their AWS account(s) to enable new instance launches. Learn more about custom AMI creation here.

Q: Can I create additional Custom AMIs from existing Custom AMIs in my account that contain EOS software?

Yes.

Q: What are my options for running Microsoft software that is approaching EOS?

AWS customers running EOS software on EC2 instances have several options:

Remain on EOS software: Customers may decide to remain on EOS software. There will be no impact to existing instances, or to custom AMIs.

Automated upgrade: For customers with SQL Server 2008 R2 and Windows Server 2008 R2, AWS Systems Manager automates the performance of non-destructive in-place upgrades. SQL Server 2008 R2 customers can upgrade to SQL Server 2012 R2 and again to SQL Server 2016 (BYOL only). Windows Server 2008 R2 customers can upgrade to Windows Server 2012 R2. For customers with a License Included (LI) version of Windows Server or SQL Server, there is no additional licensing cost to upgrade. For more information, please click here.

Manual in-place upgrade for Microsoft Windows Server:

License Included: Customers using Amazon License Included for Windows Server can perform in-place upgrades for their Windows instances. For more information, click here.

BYOL: Customers using the BYOL model can perform a manual in-place upgrade for Windows Server following the steps referenced in the License Included option above, using their own Media.

Manual in-place upgrade for Microsoft SQL Server:

License Included: AWS customers using License Included SQL Server can perform in-place upgrades on running instances. Please contact AWS support for additional assistance and detail on upgrade paths.

BYOL: Customers using the BYOL model can perform a manual in-place upgrade for SQL Server using their Media. For more information, click here.

Explore other platform options. AWS is committed to offering its customers the most flexibility in the cloud. AWS customers interested in the benefits of migrating certain SQL Server or Windows workloads to a different platform can contact their AWS account teams for more information.

For more information on all of Amazon’s products and Services, click here.

Q: Can I purchase Extended Security Updates to cover instances that run on AWS, utilizing Microsoft EOS software?

Yes, Extended Security Updates are available directly from Microsoft or a Microsoft licensing partner. Read more about Microsoft's Extended Security Updates here.

Customers should consider all their options for EOS, see “What are my options for running Microsoft software that is approaching EOS?” for more information.

Windows Server 2003

Extended Security Updates available for Amazon License Included? No.

Extended Security Updates available for Bring Your Own License (BYOL)? No.

Windows Server 2008/2008 R2

Extended Security Updates available for Amazon License Included? Yes.

Extended Security Updates available for Bring Your Own License (BYOL)? Yes; active Software Assurance (SA) required.

SQL Server 2005

Extended Security Updates available for Amazon License Included? No.

Extended Security Updates available for Bring Your Own License (BYOL)? No.

SQL Server 2008/2008 R2

Extended Security Updates available for Amazon License Included? No.

Extended Security Updates available for Bring Your Own License (BYOL)? Yes; active Software Assurance (SA) required.

Q: Which Microsoft products sold by Amazon are approaching EOS, and when will Microsoft cease support?

Note: Information reflects publicly available Microsoft EOS dates as of April 4th, 2019.

Microsoft Windows Server:

  • Windows Server 2003 - July 14th, 2015 (EOS already reached)
  • Windows Server 2008 - January 14th, 2020
  • Windows Server 2008 R2 – January 14th, 2020

Microsoft SQL Server:

  • SQL Server 2005 – April 12th, 2016 (EOS already reached)
  • SQL Server 2008 – July 9th, 2019
  • SQL Server 2008 R2 – July 9th, 2019

More information on Microsoft's Application Lifecycle can be found here.

Q: What Amazon products and services are affected by EOS and when will changes be made?

Starting July 1st, 2019 Microsoft requires AWS to no longer publish and distribute License Included Managed AWS Windows AMIs (available in AWS Management Console and Quick Start), media, and services that use or contain Microsoft EOS products. Products that have reached end of support in prior years are also subject to these restrictions. The following products and services are affected:

Managed AWS Windows AMIs:

AWS will no longer publish and distribute Managed AWS Windows AMIs that contain EOS software to AWS Management Console, Quick Start or AWS Marketplace.

Microsoft Windows Server:

  • Windows Server 2003 - July 1st, 2019
  • Windows Server 2008 - January 14th, 2020
  • Windows Server 2008 R2 - January 14th, 2020

Microsoft SQL Server:

  • SQL Server 2005 – July 1st, 2019
  • SQL Server 2008 - July 9th, 2019
  • SQL Server 2008 R2 - July 9th, 2019

Amazon Relational Database Service (RDS):

RDS will automatically upgrade customer databases that remain on SQL Server 2008 to SQL Server 2012 starting on June 1, 2019. We recommend customers test this upgrade prior to this date to ensure compatibility.

RDS customers can upgrade their Database version at any time. Learn more about upgrading your SQL Server 2008 R2 database in RDS here.

Amazon WorkSpaces:

WorkSpaces will stop offering License Included public bundles of Windows 7 Experience powered by Windows Server 2008 R2 after January 14th 2020.

WorkSpaces launched from License Included public bundles with Windows 7 Desktop Experience will no longer be able to be launched or rebuilt after January 14th 2020.

There is no impact for WorkSpaces created from BYOL bundles. Customers can continue to launch/rebuild those instances.

Customers who have created custom License Included bundles powered by Windows Server 2008 R2 will be able to use their custom bundles to launch or rebuild WorkSpaces after EOS.

Microsoft will not provide patches for EOS products unless customers purchase Extended Security Updates.

Q: Does the change to Microsoft’s EOS software distribution policy only apply to AWS?

Microsoft has advised that this change will apply to all hyperscale cloud providers.

Q: What are my options for running Microsoft software that is approaching EOS?

AWS customers running EOS software on EC2 instances have several options:

Remain on EOS software: Customers may decide to remain on EOS software. There will be no impact to existing instances, or to custom AMIs. Customers who are interested in purchasing Extended Security Updates from Microsoft should review the answer to the question, “Can I purchase Extended Security Updates from Microsoft to cover EOS instances that run on AWS?”.

Automated upgrade: For customers with SQL Server 2008 R2 and Windows Server 2008 R2, AWS Systems Manager automates the performance of non-destructive in-place upgrades. SQL Server 2008 R2 customers can upgrade to SQL Server 2012 R2 and again to SQL Server 2016 (BYOL only). Windows Server 2008 R2 customers can upgrade to Windows Server 2012 R2. For customers with a License Included (LI) version of Windows Server or SQL Server, there is no additional licensing cost to upgrade. For more information, please click here.

Manual in-place upgrade for Microsoft Windows Server:

License Included: Customers using Amazon License Included for Windows Server can perform in-place upgrades for their Windows instances. For more information, click here.

BYOL: Customers using the BYOL model can perform a manual in-place upgrade for Windows Server following the steps referenced in the License Included option above, using their own Media.

Manual in-place upgrade for Microsoft SQL Server:

License Included: AWS customers using License Included SQL Server can perform in-place upgrades on running instances. Please contact AWS support for additional assistance and detail on upgrade paths.

BYOL: Customers using the BYOL model can perform a manual in-place upgrade for SQL Server using their Media. For more information, click here.

Explore other platform options. AWS is committed to offering its customers the most flexibility in the cloud. AWS customers interested in the benefits of migrating certain SQL Server or Windows workloads to a different platform can contact their AWS account teams for more information.

For more information on all of Amazon’s products and Services, click here.

Q: What are other AWS Customers doing?

AWS customers such as Sysco, Hess, Ancestry, and Expedia have successfully migrated and modernized their Windows workloads on AWS. Read more about what AWS customers are doing here.

Q: What are the cost implications of moving to a supported Microsoft Operating System or SQL Server version?

License Included: There is no additional licensing costs to move to a newer version of the software when using Amazon's License Included options, for example:

  • Microsoft Windows Server 2019 is the same price as Microsoft Windows Server 2003/2008/2008 R2.
  • Microsoft SQL Server 2017 (by edition) is the same price as Microsoft SQL Server 2005/2008/2008 R2 (by edition).

BYOL: Customers with active Software Assurance (SA) can upgrade to a newer version at no cost. Customers without SA can purchase a new license from Microsoft.

Q: If I experience a technical issue running a product that has reached Microsoft EOS, will AWS Support assist me?

Yes, customers with AWS Support plans will be able to engage AWS Support for technical issues.

Note: As per Microsoft's policy, after the end of the Extended Support, Microsoft will no longer provide patches or security updates unless Extended Security updates has been purchased.

Find more information on AWS Support plans here.

Q: If I have further questions around the use of Microsoft EOS on AWS, whom should I contact?

Please email aws.EOS.Microsoft@amazon.com.

Q: Specifically, which License Included Managed AWS Windows AMIs are affected and when does this take effect?

July 1st, 2019

  • Windows_Server-2003-R2_SP2-English-32Bit-Base-*
  • Windows_Server-2003-R2_SP2-English-64Bit-Base-*
  • Windows_Server-2003-R2_SP2-English-64Bit-SQL_2005_SP4_Express-*
  • Windows_Server-2003-R2_SP2-English-64Bit-SQL_2005_SP4_Standard-*
  • Windows_Server-2003-R2_SP2-Language_Packs-32Bit-Base-*
  • Windows_Server-2003-R2_SP2-Language_Packs-64Bit-Base-*
  • Windows_Server-2003-R2_SP2-Language_Packs-64Bit-SQL_2005_SP4_Express-*
  • Windows_Server-2003-R2_SP2-Language_Packs-64Bit-SQL_2005_SP4_Standard-*

July 9th, 2019

  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2008_R2_SP3_Express-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2008_R2_SP3_Standard-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2008_R2_SP3_Web-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-SQL_2008_R2_SP3_Express-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-SQL_2008_R2_SP3_Standard-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-SQL_2008_R2_SP3_Web-*
  • Windows_Server-2008-R2_SP1-Language_Packs-64Bit-SQL_2008_R2_SP3_Express-*
  • Windows_Server-2008-R2_SP1-Language_Packs-64Bit-SQL_2008_R2_SP3_Standard-*
  • Windows_Server-2008-SP2-English-64Bit-SQL_2008_SP4_Express-*
  • Windows_Server-2008-SP2-English-64Bit-SQL_2008_SP4_Standard-*
  • Windows_Server-2012-RTM-English-64Bit-SQL_2008_R2_SP3_Express-*
  • Windows_Server-2012-RTM-English-64Bit-SQL_2008_R2_SP3_Standard-*
  • Windows_Server-2012-RTM-English-64Bit-SQL_2008_R2_SP3_Web-*
  • Windows_Server-2012-RTM-Japanese-64Bit-SQL_2008_R2_SP3_Express-*
  • Windows_Server-2012-RTM-Japanese-64Bit-SQL_2008_R2_SP3_Standard-*

January 14th, 2020

  • Windows_Server-2008-R2_SP1-Chinese_Hong_Kong_SAR-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-Chinese_PRC-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-English-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-English-64Bit-Core-*
  • Windows_Server-2008-R2_SP1-English-64Bit-Core_SQL_2012_SP4_Standard-*
  • Windows_Server-2008-R2_SP1-English-64Bit
  • SharePoint_2010_SP2_Foundation-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2012_RTM_SP2_Enterprise-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2012_SP4_Enterprise-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2012_SP4_Express-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2012_SP4_Standard-*
  • Windows_Server-2008-R2_SP1-English-64Bit-SQL_2012_SP4_Web-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-SQL_2012_SP4_Express-*
  • Windows_Server-2008-R2_SP1-Japanese-64Bit-SQL_2012_SP4_Standard-*
  • Windows_Server-2008-R2_SP1-Korean-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-Language_Packs-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-Portuguese_Brazil-64Bit-Base-*
  • Windows_Server-2008-R2_SP1-Portuguese_Brazil-64Bit-Core-*
  • Windows_Server-2008-SP2-English-32Bit-Base-*
  • Windows_Server-2008-SP2-English-64Bit-Base-*
  • Windows_Server-2008-SP2-Portuguese_Brazil-32Bit-Base-*
  • Windows_Server-2008-SP2-Portuguese_Brazil-64Bit-Base-*

Glossary

AMI (Amazon Machine Image): Is a template for the root volume for the instance (for example, an operating system, an application server, and applications), manages launch permissions that control which AWS accounts can use the AMI to launch instances. Contains a block device mapping that specifies the volumes to attach to the instance when it's launched.

AWS (Amazon Web Services): offers a broad set of global compute, storage, database, analytics, application, and deployment services that help organizations move faster, lower IT costs, and scale applications.

AWS Management Console: access and manage Amazon Web Services through a simple and intuitive web-based user interface.

BYOL (Bring Your Own License): is a process you can use to deploy software that you have previously licensed on physically dedicated AWS hardware. If you BYOL, you do not pay for instances with licensing included in the cost. Instead, you pay the same rate as EC2 instances with Amazon Linux pricing. When you BYOL, you are responsible for managing your own licenses.

CloudEndure: offers reliable business continuity solutions that minimize data loss and downtime due to human errors, network failures, external threats, or any other disruptions. Our Disaster Recovery and Migration solutions are powered by innovative workload mobility technology, which continuously replicates applications from any physical, virtual, or cloud-based infrastructure into Amazon Web Services (AWS). As such, CloudEndure is uniquely qualified to support large-scale, heterogeneous environments with diverse applications and infrastructure.

Custom AMI: is an AMI created in your account either built from an imported image or captured from an existing instance. For example, you can launch an instance from an existing AMI, customize the instance, and then save this updated configuration as a custom AMI. Instances launched from this new custom AMI include the customizations that you made when you created the AMI.

EC2 (Amazon Elastic Compute Cloud): provides scalable computing capacity in the Amazon Web Services (AWS) cloud.

EOS (End of support): is a term used to reference Microsoft ending support for a product, in accordance with their Product Lifecycle policy.

Hyperscale: refers to the facilities and provisioning required in distributed computing environments to efficiently scale from a few servers to thousands of servers. Hyperscale computing is usually used in environments such as big data and cloud computing.

In-Place Upgrade: upgrades the operating system files while your personal settings and files are intact.

Instance (EC2 Instance): is a virtual server in the AWS cloud. Its configuration at launch is a copy of the AMI that you specified when you launched the instance.

LI (License Included): refers to the use of Amazon's Microsoft Licensing Agreement for Windows Server and SQL Server.

VMIE (AWS VM Import/Export): is an AWS Service used to import Operating System Images to AWS EC2 in an offline mode.

RDS (Amazon Relational Database Service): is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.

SA (Software Assurance): is a comprehensive program offered by Microsoft to help deploy, manage, and use Microsoft products efficiently.

SMS (AWS Server Migration Service): is an AWS Service used to import Operating System Images to AWS EC2 in an online mode.

WorkSpaces (Amazon Workspaces): is a managed, secure cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.

AWS Incident Detection and Response

Q. What is AWS Incident Detection and Response?

AWS Incident Detection and Response provides customized support for critical applications. It offers 24x7 proactive engagement, 5-minute response time and incident management for critical applications. AWS Incident Detection and Response is designed to help you improve your operations, increase workload resiliency, and accelerate your recovery from critical incidents. AWS Incident Detection and Response leverages the proven operational, enhanced monitoring, and incident management capabilities used internally by AWS teams and externally by AWS Managed Services (AMS).

Q. What are the service levels for AWS Incident Detection and Response?

AWS Incident Detection and Response offers a 5-minute response time SLO (Service Level Objective) for critical cases (Business-critical system down) raised to AWS Incident Detection and Response. Unlike the Enterprise Support response time, which is measured from the moment a case is submitted, engagement time for AWS Incident Detection and Response is measured from the moment an incident is triggered on your workload or when your case is submitted.

Q. Does AWS offer additional services for incident management?

AWS Managed Services (AMS) augments your existing team with cloud operations. It provides monitoring, incident management, patch, backup, a designated Cloud Service Delivery Manager (CSDM), Cloud Architect (CA), and access to the AMS Security team. AWS Incident Detection and Response is available at no additional charge and in eligible regions for AWS Managed Services direct customers with AWS Enterprise Support. AMS customers that meet this criteria can contact their AMS Cloud Service Delivery Manager (CSDM) to learn more.

Q. What regions is AWS Incident Detection and Response available in?

AWS Incident Detection and Response is available in English for workloads hosted in the following regions: US East (Ohio), US East (N. Virginia), US West (Oregon), US West (N. California), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Seoul), Asia Pacific (Sydney), South America (São Paulo). As a premium AWS Support Service, AWS Incident Detection and Response provides 24x7 coverage supported by a global team of engineers. When AWS Incident Detection and Response responds to an incident, the first available Incident Manager from any of our regions is assigned to your case to help you as quickly as possible.

Q. How do I subscribe (or unsubscribe) an account to AWS Incident Detection and Response?

You can subscribe (or unsubscribe) accounts to AWS Incident Detection and Response by raising a support case to AWS Incident Detection and Response. Subscription can only be performed by creating the request from the payer account. AWS requires a 30-day notice to unsubscribe an account from the service. Kindly refer to the service user guide on how to raise a subscription request.


Q. Can I purchase AWS Incident Detection and Response for a fixed duration?

Yes. You can subscribe an account to AWS Incident Detection and Response for a fixed duration with a minimum duration of 90 days.

Q. All of my workloads are concentrated in a single account but I only want to enroll a fraction of my workloads into the service. Can I be billed for only the workloads I onboard for monitoring?

Yes, billing is based on the usage of the workloads you onboard. AWS Incident Detection and Response is charged monthly as the greater of $7K or 2.0% of the monthly AWS charges accrued by onboarded workloads. AWS Incident Detection and Response requires that the resources of your workloads are appropriately tagged.

Q. How do I onboard individual workloads into the service?

Workload onboarding starts after the constituent accounts that make up the workload are subscribed to AWS Incident Detection and Response. The focus of the workload onboarding process is for AWS to collect as much context about the workload as you are willing to share. This may include the ARNs and functions of the services used in your workload and the critical alarms that speak to the workload's outcomes. We also develop runbooks and response plans for incident management during the onboarding process.

Q. How do you engage me during an incident?

Critical alarms triggered on your workloads will be sent via Event Bridge to the AWS Incident Management tool and the Incident Management Engineer (IME) on call will be notified. The IME will triage the alarm, engage you on a conference bridge, and follow pre-established incident management response plans to guide you to recovery. The actions taken during the call may, for instance, include providing up-to-the minute insights on AWS Service health, triggering an escalation within AWS, or advising you on how to drive resolution. The IME will manage the incident and ensure that you remain engaged with the right AWS resources until the incident is resolved or mitigated. Upon closure of the incident, the IME may provide an incident resolution report that summarizes the incident and informs improvements to the application architecture, metrics, and response procedures. For AMS customers, operations engineers are also engaged in the incident management process to help resolve the incident.

Q. How does AWS Incident Detection and Response help me during an AWS service event?

During a Service Event, AWS will notify you of an ongoing service event whether or not your workload is impacted. If your workload is impacted by the service event, AWS will create a Support Case to engage you, receive feedback on impact and sentiment, and provide pre-determined guidance to invoke your disaster recovery plans during the event. You will also receive a notification via AWS Health containing details of the Support Case created for you. Customers who are not affected by the AWS-owned service event (e.g., operating in a different region, do not use the AWS service that is impaired, etc.) will continue to be supported by our standard engagement.

Q. Can I use AWS Incident Detection and Response with my existing monitoring tools?

Yes. You can ingest events from any monitoring tool to AWS Incident Detection and Response via Amazon EventBridge. Kindly refer to the AWS Incident Detection and Response User Guide for more details on onboarding your workloads.

Q. Will I still be able to raise critical cases on my own for my workloads with AWS Incident Detection and Response?

Yes, you can still raise critical cases on your own directly to AWS Support or to AWS Incident Detection and Response. AWS Incident Detection and Response provides a 5-minute response time to Business-critical system down cases. Refer to the service user guide to learn more about raising a case to AWS Incident Detection and Response.

Q. Do I still need to keep my own monitoring team with AWS Incident Detection and Response?

AWS Incident Detection and Response does not replace your monitoring team. AWS Incident Detection and Response works in partnership with your monitoring teams and is focused on the management of critical incidents.

AWS re:Post Private

Q. What is AWS re:Post Private?

AWS re:Post Private is a fully managed, secure, and private space for you to build an organization-specific cloud community and provide access to proprietary knowledge resources. AWS re:Post Private centralizes trusted AWS technical content and offers private discussion forums to improve how your teams collaborate internally—and with AWS—to remove technical obstacles, accelerate innovation, and scale more efficiently in the cloud.

Q. How can I get started using re:Post Private?

You can get started with re:Post Private by visiting the AWS Management Console and setting up re:Post Private for your organization. You need to have either the AWS Enterprise or Enterprise On-Ramp Support Plan. 

AWS Countdown

Q. What is AWS Countdown?

AWS Countdown is an AWS Support offering designed for a broad range of cloud use cases, including migrations, modernizations, product launches, streaming, and go-live events. AWS Countdown helps you throughout the project lifecycle to assess operational readiness, identify and mitigate risks, and plan capacity, using proven playbooks developed by AWS experts. It empowers you with resources for operational readiness, AWS Well-Architected assessments, security reviews, and infrastructure capacity planning for your projects. AWS Countdown replaces AWS Support’s Infrastructure Event Management (IEM) service, and is included with Enterprise Support. Enterprise On-Ramp customers receive one (1) Countdown engagement each year at no cost.

Q. What is AWS Countdown Premium?

AWS Countdown Premium is a paid add-on, which provides critical support across all phases of your cloud projects from design to post launch retrospectives. It offers designated engineers selected from a team of AWS experts who provide proactive guidance and troubleshooting. Designated engineers get involved from project inception to ensure continuity, provide access to subject matter experts, and leverage support tools for faster issue resolution. They participate in critical events calls, e.g. for sales events or migration cutovers, to provide rapid issue resolution. AWS Countdown Premium helps you increase your infrastructure investment return by accelerating migrations and modernizations, and enabling you to deliver high impact go-live events and achieve your business goals.

Q. What regions and language is AWS Countdown Premium available in?

AWS Countdown is available in English, Japanese, Korean, and Chinese for workloads hosted in all available AWS Regions and the AWS GovCloud (US) Regions, except the AWS China Regions. As a premium AWS Support Service, AWS Countdown Premium is supported by a global team of engineers.

Q. How do I subscribe to AWS Countdown?

You can subscribe to AWS Countdown by reaching out to your account team. Additionally, Enterprise Support customers can contact their TAMs to register a Countdown engagement.

Q. How do I subscribe (or unsubscribe) to AWS Countdown Premium?

You can subscribe (or unsubscribe) to AWS Countdown Premium by reaching out to your account team or you can also email us at aws-countdown-subscription@amazon.com and our support team will reach out to you. AWS requires a 30-day notice to unsubscribe an account from the service.

Q. Does AWS Countdown Premium work with AWS Partner Resold and AWS Partner-Led Support Products? 

Yes, AWS Countdown Premium is available for AWS Resold Support customers and works the same as for direct customers. It supplements your migration, modernization, or event with on-demand expertise and support. Please reach out to your account team or email us at aws-countdown-subscription@amazon.com to start your Countdown subscription.
At this time, AWS Countdown Premium is not designed for and doesn’t support customers using AWS Partner-Led Support.

Q. Can I purchase AWS Countdown Premium for a fixed duration?

Yes. You can subscribe to AWS Countdown *Premium* for a fixed duration in monthly increments, with a minimum of one (1) month subscription.

Q. Can I purchase AWS Countdown Premium if I am working with a Partner?

Yes. You can supplement your migration, modernization, or event implementation Partner with on-demand expertise and support. AWS Countdown Premium offers access to a designated specialist engineer, who can bring in other experts as required for deep technical knowledge and collaborative troubleshooting. This unblocks you from issues that may impact project timelines and lead to cost over-runs. Please reach out to your account team or email us at aws-countdown-subscription@amazon.com to start your Countdown subscription.

Q. How many Premium subscriptions do I need if I want support in multiple projects?

You can sign up for one monthly subscription per use-case, such as a product launch, live streaming, migration, or modernization. Multiple subscriptions are required if you have multiple projects running in parallel. This ensures that we assign a separate engineer to each team, versus spreading one engineer across multiple teams. For example, if you are planning to migrate 3 systems in parallel, you should purchase 3 subscriptions- one for each migration team.

Q. How will I receive the invoice for AWS Countdown Premium?

You will see an Out-of-Cycle (OCB) bill for AWS Countdown Premium. It is not included in anniversary invoices. Under charge description it will read “out of cycle bill” and the amount and description will reflect the Countdown monthly fee.

Q. When will I receive the monthly invoice for AWS Countdown Premium?

You will receive bills during the first week in the next month of your AWS Countdown Premium Subscription. The bill will be prorated based on your start date. For example, if you start a two (2) month subscription for AWS Countdown Premium starting on February 15th, then you will receive the following three bills – 1) $5000 in first week of March, 2) $10,000 in first week of April, and 3) $5000 in first week of May. The exact date of invoices will depend on your organization’s billing cycle.

Q. How do I modify (add/remove) my subscription term for AWS Countdown Premium?

This is similar to subscribing or unsubscribing to AWS Countdown Premium. Please reach out to your account team or you can also email us at aws-countdown-subscription@amazon.com and our support team will reach out to you. AWS requires 30 day notice to modify the subscription term.

AWS Partner-Led Support

Q. Why should I choose to work with an AWS Partner under Partner-Led Support (PLS)?

AWS Partners provide proactive guidance and best-practices, as well as offer additional products and services as part of their support offering. PLS enables customers to receive support on AWS services from their Partner, who plays a critical role in helping transform their businesses across all industries by migrating workloads, developing cloud-native applications, providing managed services, along with offering local language, and even onsite support.

Q. What support will I receive from an AWS Partner?

AWS Partners leverage Partner-Led Support to build their own support offerings, as they do not pass directly through to their customers. Each AWS Partner differentiates their Partner-Led Support offering in their own way. It is important to consult with your AWS Partner to review their support options, contact methods, and response times.

Q. What level of access will I need to provide to the AWS Partner?

Partner-Led Support requires that customers allow their AWS Partner to access their AWS accounts to run diagnostic tools and to provide support, along with opening support cases to AWS on their behalf when necessary. Customers must request support from their AWS Partner, and will not have direct access to AWS Support, including access to an AWS Technical Account Manager (TAM), or to open support cases directly to AWS. Customers will not be able to contact AWS Support directly, and all requests will be serviced by their AWS Partner.