EC2 Instances in Availability Zones
Increasing Availability in AWS
During the migration from traditional data centers to cloud-based environments, availability must be a key consideration. If you were to take your application out of a data center and move it directly into AWS without considering the impact on availability, more often than not, the availability of that application will suffer.
When designing and configuring your AWS environment, do you understand Availability Zones? Amazon EC2 is hosted in multiple locations across the globe, and these locations are made up of Regions, Availability Zones, Local Zones, AWS Outposts, and Wavelength Zones. AWS defines an Availability Zone as, “Each Region has multiple, isolated locations known as Availability Zones. When you launch an instance, you can select an Availability Zone or let us choose one for you. If you distribute your instances across multiple Availability Zones and one instance fails, you can design your application so that an instance in another Availability Zone can handle requests.” Understanding that EC2 instances need to have a high level of availability and need to be deployed in multiple Availability Zones will enhance the security posture of your AWS environment.
The security triangle consists of confidentiality, integrity, and availability. Now, that last one is the one that we often overlook. Confidentiality, we always consider the encryption and other types of solutions – access controls to prevent unauthorized access. Integrity looks like different controls that are available to ensure data remains unchanged during its lifecycle or at least unchanged through unauthorized means. Availability is the one we often overlook within our security conversations.
With the migration of traditional data center-based applications towards cloud-based environments, availability is actually a key consideration that needs to be thought through and planned for. If we just take our applications directly out of our data centers, wherever they happen to be, and we move them directly into AWS without considering any of the availability impacts, more times than not we will actually experience a decrease in availability of the application.
One of the key considerations when we’re designing our environments for AWS is the use of Availability Zones. Availability Zones are associated with regions, we consider regions based on where our customers are in an Amazon-based architecture, at the highest levels. Then, we consider Availability Zones to increase the availability of our applications. Availability Zones apply to RDS instances, EC2 instances, elastic load balancers – all of these different components, these building blocks, that we have to build our Amazon-based architectures. It’s important to consider that our EC2 instances and these other components need, especially if our availability needs to be comparatively high, three 9s, four 9s, five 9s, or even 99.5 – that it may be necessary to consider deploying our applications and designing them to operate in more than one Availability Zone. Availability Zones in AWS provide geographic distribution, for instance, over fault lines or one Availability Zone, which is really just a data center in Amazon, may be located in Southern California for the west Region and another one may be located in Seattle, WA. So, one may be more susceptible to cold weather and one may be more susceptible to forest fires and wildfires in the fall. It’s important to consider these things and to design our applications to take advantage of the additional capacities that AWS provides to us in the form of Availability Zones.