You can request authorization for penetration testing by signing in with your root account credentials and filling out the AWS Vulnerability/Penetration Testing Request Form. AWS will follow up on your request within 2 business days.
You cannot perform pen testing on small/micro/nano EC2 or RDS instances.