AWS Disaster Recovery: Complete Architecture Guide
Disaster recovery (DR) on AWS isn’t just about backups—it’s about designing resilient architectures that can recover from failures within your defined Recovery Time Objective (RTO) and Recovery Point Objective (RPO). This guide covers the four primary DR strategies, their trade-offs, and implementation patterns used by enterprise teams.
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
Disaster recovery (DR) on AWS isn’t just about backups—it’s about designing resilient architectures that can recover from failures within your defined Recovery Time Objective (RTO) and Recovery Point Objective (RPO). This guide covers the four primary DR strategies, their trade-offs, and implementation patterns used by enterprise teams.
Log Analysis
-
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
Before choosing a DR strategy, you must define your requirements:
Log Analysis
-
Metric Definition Example RTO (Recovery Time Objective) Maximum acceptable downtime after a disaster 4 hours = system must be online within 4 hours RPO (Recovery Point Objective) Maximum acceptable data loss measured in time 1 hour = can lose up to 1 hour of data The Four DR Strategies
AWS defines four disaster recovery strategies, ordered from lowest to highest cost and complexity:
Implementation:
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
Implementation:
Log Analysis
-
# AWS Backup plan using Terraform resource "aws_backup_plan" "dr_backup" { name = "disaster-recovery-plan" rule { rule_name = "daily-backups" target_vault_name = aws_backup_vault.dr_vault.name schedule = "cron(0 5 ? * * *)" # Daily at 5 AM UTC lifecycle { delete_after = 30 # Retain for 30 days } copy_action { destination_vault_arn = aws_backup_vault.dr_vault_secondary.arn lifecycle { delete_after = 30 } } } }2. Pilot Light (RTO: 10s of Minutes | RPO: Minutes)
A minimal version of your environment runs continuously in the DR region. Core components (databases, domain controllers) are always on, while application servers are launched during failover.
# Pilot Light failover script (Python) import boto3 def failover_to_dr(primary_region, dr_region): # 1. Promote RDS read replica rds = boto3.client('rds', region_name=dr_region) rds.promote_read_replica( DBInstanceIdentifier='mydb-replica' ) # 2. Scale up Auto Scaling group autoscaling = boto3.client('autoscaling', region_name=dr_region) autoscaling.update_auto_scaling_group( AutoScalingGroupName='app-asg-dr', MinSize=2, DesiredCapacity=4 ) # 3. Update Route 53 to point to DR route53 = boto3.client('route53') route53.change_resource_record_sets( HostedZoneId='Z1234567890', ChangeBatch={ 'Changes': [{ 'Action': 'UPSERT', 'ResourceRecordSet': { 'Name': 'app.example.com', 'Type': 'A', 'AliasTarget': { 'HostedZoneId': 'Z2FDTNDATAQYW2', 'DNSName': 'dr-alb.us-west-2.elb.amazonaws.com', 'EvaluateTargetHealth': True } } }] } )3. Warm Standby (RTO: Minutes | RPO: Seconds)
A scaled-down but fully functional copy of your production environment runs in the DR region. All components are active and receiving replicated data.
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
A scaled-down but fully functional copy of your production environment runs in the DR region. All components are active and receiving replicated data.
Log Analysis
-
Component Production Warm Standby Web Servers 8x m5.xlarge 2x m5.large Database db.r5.2xlarge (Multi-AZ) db.r5.large (Read Replica) Cache ElastiCache 3-node cluster ElastiCache 1-node Traffic 100% production load Health checks only 4. Multi-Site Active/Active (RTO: Near-Zero | RPO: Near-Zero)
Both regions serve production traffic simultaneously. This is the most expensive but provides the highest availability.
DR Strategy Comparison
Strategy RTO RPO Cost Complexity Backup & Restore Hours Hours $ Low Pilot Light 10s of minutes Minutes $$ Medium Warm Standby Minutes Seconds $$$ Medium-High Multi-Site Active/Active Near-zero Near-zero $$$$ High AWS Services for DR
AWS Elastic Disaster Recovery (DRS)
Formerly CloudEndure, DRS provides continuous block-level replication of your source servers to AWS. It’s ideal for lift-and-shift DR scenarios.
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
Formerly CloudEndure, DRS provides continuous block-level replication of your source servers to AWS. It’s ideal for lift-and-shift DR scenarios.
Log Analysis
-
# AWS CLI: Start DRS recovery drill aws drs start-recovery \ --source-servers sourceServerID=s-1234567890abcdef0 \ --is-drill \ --tags Key=Environment,Value=DR-TestAurora Global Database
For MySQL and PostgreSQL workloads, Aurora Global Database provides:
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
For MySQL and PostgreSQL workloads, Aurora Global Database provides:
Log Analysis
-
Related AWS Articles
- Maximize Success with AWS Enterprise Support Solutions
- Linux System Logs on AWS: CloudWatch
Automate DNS failover based on endpoint health:
Log Analysis
-
# Route 53 failover routing policy (Terraform) resource "aws_route53_health_check" "primary" { fqdn = "primary.example.com" port = 443 type = "HTTPS" resource_path = "/health" failure_threshold = 3 request_interval = 10 } resource "aws_route53_record" "primary" { zone_id = aws_route53_zone.main.zone_id name = "app.example.com" type = "A" failover_routing_policy { type = "PRIMARY" } set_identifier = "primary" health_check_id = aws_route53_health_check.primary.id alias { name = aws_lb.primary.dns_name zone_id = aws_lb.primary.zone_id evaluate_target_health = true } }Testing Your DR Plan
A DR plan is only as good as its last test. AWS recommends:
Cost Optimization
DR doesn’t have to break the bank:
You Might Also Like
