Using Amazon S3 Multi-Region Access Point failover controls - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Using Amazon S3 Multi-Region Access Point failover controls

This section explains how to manage and use your Amazon S3 Multi-Region Access Points failover controls by using the Amazon Web Services Management Console.

There are two failover controls in the Failover configuration section on your Multi-Region Access Point details page in the Amazon Web Services Management Console: Edit routing status and Failover. You can use these controls as follows:

  • Edit routing status – You can manually edit the routing statuses of up to 17 Amazon Web Services Regions in a single request for your Multi-Region Access Point by choosing Edit routing status. You can use Edit routing status for the following purposes:

    • To set or edit the routing statuses of one or more Regions in your Multi-Region Access Point

    • To create a failover configuration for your Multi-Region Access Point by configuring two Regions to be in an active-passive state

    • To manually fail over your Regions

    • To manually switch traffic between Regions

  • Failover – When you initiate failover by choosing Failover, you are only updating the routing statuses of two Regions that are already configured to be in an active-passive state. During a failover that you initiated by choosing Failover, the routing statuses between the two Regions are automatically switched.

Editing the routing status of the Regions in your Multi-Region Access Point

You can manually update the routing statuses of up to 17 Amazon Web Services Regions in a single request for your Multi-Region Access Point by choosing Edit routing status in the Failover configuration section on your Multi-Region Access Point details page. However, when you initiate failover by choosing Failover, you are only updating the routing statuses of two Regions that are already configured to be in an active-passive state. During a failover that you initiated by choosing Failover, the routing statuses between the two Regions are automatically switched.

You can use Edit routing status (as described in the following procedure) for the following purposes:

  • To set or edit the routing statuses of one or more Regions in your Multi-Region Access Point

  • To create a failover configuration for your Multi-Region Access Point by configuring two Regions to be in an active-passive state

  • To manually fail over your Regions

  • To manually switch traffic between Regions

Initiating failover

When you initiate failover by choosing Failover in the Failover configuration section on your Multi-Region Access Point details page, Amazon S3 request traffic automatically gets shifted to an alternate Amazon Web Services Region. The failover process is completed within 2 minutes.

You can initiate a failover across any two Amazon Web Services Regions at one time (of the 17 Regions where Multi-Region Access Points are supported). Failover events are then logged in Amazon CloudTrail. Upon failover completion, you can monitor Amazon S3 traffic and any traffic routing updates to the new active Region in Amazon CloudWatch.

Important

To keep all metadata and objects in sync across buckets during data replication, we recommend that you create two-way replication rules and enable replica modification sync before configuring your failover controls.

Two-way replication rules help ensure that when data is written to the Amazon S3 bucket that traffic fails over to, that data is then replicated back to the source bucket. Replica modification sync helps ensure that object metadata is also synchronized between buckets during two-way replication.

For more information about configuring replication to support failover, see Configuring bucket replication for use with Multi-Region Access Points.

To initiate failover between replicated buckets
  1. Sign in to the Amazon Management Console.

  2. Open the Amazon S3 console at https://console.amazonaws.cn/s3/.

  3. In the left navigation pane, choose Multi-Region Access Points.

  4. Choose the Multi-Region Access Point that you want to use to initiate failover.

  5. Choose the Replication and failover tab.

  6. Scroll down to the Failover configuration section and select two Amazon Web Services Regions.

    Note

    To initiate failover, at least one Amazon Web Services Region must be designated as Active and one Region must be designated as Passive in your Multi-Region Access Point. An active state allows traffic to be directed to a Region. A passive state stops any traffic from being directed to the Region.

  7. Choose Failover.

  8. In the dialog box, choose Failover again to initiate the failover process. During this process, the routing statuses of the two Regions are automatically switched. All new traffic is directed to the Region that becomes active, and traffic stops being directed to the Region that becomes passive. It takes about 2 minutes for traffic to be redirected.

    After you initiate the failover process, you can verify your traffic changes. To verify these changes, go to Amazon CloudWatch at https://console.amazonaws.cn/cloudwatch/ to monitor the shift of your Amazon S3 data-request traffic (for example, GET and PUT requests) between active and passive Regions. Any existing connections will not be terminated during failover. Existing connections will continue until they reach a success or failure status.

Viewing your Amazon S3 Multi-Region Access Point routing controls

To view the routing controls for your Amazon S3 Multi-Region Access Point

  1. Sign in to the Amazon Management Console.

  2. Open the Amazon S3 console at https://console.amazonaws.cn/s3/.

  3. In the left navigation pane, choose Multi-Region Access Points.

  4. Choose the Multi-Region Access Point that you want to review.

  5. Choose the Replication and failover tab. This page displays the routing configuration details and summary for your Multi-Region Access Point, associated replication rules, and replication metrics. You can see the routing status of your Regions in the Failover configuration section.

The following example Amazon CLI command gets your current Multi-Region Access Point route configuration for the specified Region. To use this example command, replace the user input placeholders with your own information.

aws s3control get-multi-region-access-point-routes --region eu-west-1 --account-id 111122223333 --mrap MultiRegionAccessPoint_ARN
Note

This command can only be executed against these five Regions:

  • ap-southeast-2

  • ap-northeast-1

  • us-east-1

  • us-west-2

  • eu-west-1

Editing the routing status of the Regions in your Multi-Region Access Point

You can manually update the routing statuses of up to 17 Amazon Web Services Regions in a single request for your Multi-Region Access Point by choosing Edit routing status in the Failover configuration section on your Multi-Region Access Point details page. However, when you initiate failover by choosing Failover, you are only updating the routing statuses of two Regions that are already configured to be in an active-passive state. During a failover that you initiated by choosing Failover, the routing statuses between the two Regions are automatically switched.

You can use Edit routing status (as described in the following procedure) for the following purposes:

  • To set or edit the routing statuses of one or more Regions in your Multi-Region Access Point

  • To create a failover configuration for your Multi-Region Access Point by configuring two Regions to be in an active-passive state

  • To manually fail over your Regions

  • To manually switch traffic between Regions

To update the routing status of the Regions in your Multi-Region Access Point

  1. Sign in to the Amazon Management Console.

  2. Open the Amazon S3 console at https://console.amazonaws.cn/s3/.

  3. In the left navigation pane, choose Multi-Region Access Points.

  4. Choose the Multi-Region Access Point that you want to update.

  5. Choose the Replication and failover tab.

  6. Select one or more Regions that you want to edit the routing status of.

    Note

    To initiate failover, at least one Amazon Web Services Region must be designated as Active and one Region must be designated as Passive in your Multi-Region Access Point.

  7. Choose Edit routing status.

  8. In the dialog box that appears, select Active or Passive for the Routing status for each Region.

    An active state allows traffic to be routed to the Region. A passive state stops any traffic from being directed to the Region.

    If you are creating a failover configuration for your Multi-Region Access Point or initiating failover, at least one Amazon Web Services Region must be designated as Active and one Region must be designated as Passive in your Multi-Region Access Point.

  9. Choose Save routing status. It takes about 2 minutes for traffic to be redirected.

After you submit the routing status of the Amazon Web Services Regions for your Multi-Region Access Point, you can verify your routing status changes. To verify these changes, go to Amazon CloudWatch at https://console.amazonaws.cn/cloudwatch/ to monitor the shift of your Amazon S3 data-request traffic (for example, GET and PUT requests) between active and passive Regions. Any existing connections will not be terminated during failover. Existing connections will continue until they reach a success or failure status.

Note

You can run Multi-Region Access Point Amazon CLI routing commands against any of these five Regions:

  • ap-southeast-2

  • ap-northeast-1

  • us-east-1

  • us-west-2

  • eu-west-1

The following example command updates your current Multi-Region Access Point route configuration. To update the active or passive status of a bucket, set the TrafficDialPercentage value to 100 for active and to 0 for passive. In this example, DOC-EXAMPLE-BUCKET-1 is set to active, and DOC-EXAMPLE-BUCKET-2 is set to passive. To use this example command, replace the user input placeholders with your own information.

aws s3control submit-multi-region-access-point-routes --region ap-southeast-2 --account-id 111122223333 --mrap MultiRegionAccessPoint_ARN --route-updates Bucket=DOC-EXAMPLE-BUCKET-1,TrafficDialPercentage=100 Bucket=DOC-EXAMPLE-BUCKET-2,TrafficDialPercentage=0

The following example command gets your updated Multi-Region Access Point routing configuration. To use this example command, replace the user input placeholders with your own information.

aws s3control get-multi-region-access-point-routes --region eu-west-1 --account-id 111122223333 --mrap MultiRegionAccessPoint_ARN