Cross-region backup has never made sense to me. If an entire region goes away - not a temporary outage, but GONE - then the country is probably under attack, and absolutely no one will give a shit that your SaaS product is dead.
tatersolid•2h ago
Wildfires, hurricanes, tornadoes, blizzards and ice storms, earthquakes… many regional disasters are temporary but it can take very long to bring everything back online. AWS can also always lose a whole region for an extended period due to software and control plane bugs.
Even if all your apps and data stores are active-active multi-region you can be in a world of risk with no DR for a long time if your DR region fails. If your data size is small that vulnerability window might be small but if you’ve got petabytes you’ll be without lifeboat for a days or weeks until you can take another “full” DR copy.
jdreaver•2h ago
There are plausible scenarios where a region can go down for days or more at a time, like natural disasters. I'm not terribly worried about a region going away _forever_, but during a regional outage long enough to start losing business, having data in multiple regions is important so you can restore in another region (if you aren't able to fail over quickly).
deepsun•1m ago
The most common cause of the outages right now is configuration errors. Even when procedurally they must be limited to AZ only, there is always some region-shared infrastructure that can bring down the whole region altogether.
sgarland•2h ago
tatersolid•2h ago
Even if all your apps and data stores are active-active multi-region you can be in a world of risk with no DR for a long time if your DR region fails. If your data size is small that vulnerability window might be small but if you’ve got petabytes you’ll be without lifeboat for a days or weeks until you can take another “full” DR copy.
jdreaver•2h ago
deepsun•1m ago