Enhancing Cloud Resilience: AWS Fault Injection and ARC Region Switch

Amazon Application Recovery Controller (ARC) and AWS Fault Injection Service (FIS) are two powerful tools that can help organizations build and validate resilient multi-Region architectures. Let's explore how these services work together to improve your cloud infrastructure's reliability.

Understanding ARC Region Switch:
Amazon Application Recovery Controller simplifies application recovery across AWS Regions and Availability Zones. Its Region Switch feature orchestrates seamless recovery with flexible workflows, supporting both active/passive and active/active configurations. This fully managed service offers:

• Real-time recovery dashboard for progress monitoring
• Automatic failover capabilities
• Independent data planes for maximum reliability during failover scenarios

Leveraging AWS Fault Injection Service:
AWS Fault Injection Service enables you to conduct controlled chaos engineering experiments on your AWS workloads. By simulating various failure scenarios, you can observe how your applications respond and improve their reliability and availability before real incidents occur.

Combining ARC and FIS for Robust Resilience Testing:
By integrating these two services, you can create a comprehensive solution for building and testing resilient multi-Region architectures. Here's an overview of the process:

Configure ARC Region Switch for automated failover:

• Create FIS experiments to simulate regional failures
• Monitor the recovery dashboard using Synthetics Canary and CloudWatch
• Validate cross-Region resilience automatically
• Sample Architecture and Workflow

The solution demonstrates a highly available three-tier web architecture deployed across multiple AWS Regions:

• Frontend: Application Load Balancers (ALBs) distributed across multiple AZs and Regions, with Amazon Route 53 for DNS routing
• Application layer: Auto Scaling groups of EC2 instances in two AZs
• Database layer: Amazon Aurora Global Database with a primary cluster in one region and read replicas in another for disaster recovery

The workflow includes:

1. Verifying the primary website configuration (ARC controls configuration).
2. Setting up the ARC Region Switch plan.
3. Designing a regional failover workflow.
4. Implementing proactive monitoring with AWS Synthetic Canary.
5. Configuring automated recovery triggers.
6. Simulating primary region failure using FIS.
7. Detecting and responding to the simulated failure.
8. Confirming secondary region activation.

By implementing this solution, organizations can achieve:

• Automated recovery with minimal disruption
• Real-time monitoring and failure detection
• Controlled failover orchestration
• Systematic testing of recovery procedures

This approach showcases how ARC simplifies disaster recovery management while providing the flexibility to handle various scenarios, from performance degradation to planned maintenance.

Conclusion:
The integration of Amazon Application Recovery Controller and AWS Fault Injection Service offers a powerful solution for building and testing resilient multi-Region architectures. By following this approach, you can create robust applications that maintain availability even during regional outages, ensuring business continuity and improved customer experience.

Next steps:
We are planning to publish a detailed blog post that will provide step-by-step instructions, architecture diagrams, code samples, and best practices based on real-world implementations of this solution. Stay tuned for this comprehensive guide, which will help you implement these resilience testing strategies in your own AWS environment.

Further reading:
• Getting Started with AWS Fault Injection Simulator
• Creating and Running FIS Experiments
• Cross-Region Failover Testing with FIS

Contributors:
Ashwini Mohan, Sr. TAM, AWS
Kalyan Madicharla, Sr. TAM, AWS.