Example AWS FIS experiment templates - AWS Fault Injection Simulator

Example AWS FIS experiment templates

If you're using the AWS FIS API or a command line tool to create an experiment template, you can construct the template in JavaScript Object Notation (JSON). For more information about the components of an experiment template, see Template components.

To create an experiment using one of the example templates, save it to a JSON file (for example, my-template.json), replace the placeholder values in italics with your own values, and then run the following create-experiment-template command.

aws fis create-experiment-template --cli-input-json file://my-template.json

Stop EC2 instances based on filters

The following example stops all running Amazon EC2 instances in the specified Region with the specified tag in the specified VPC. It restarts them after two minutes.

{ "tags": { "Name": "StopEC2InstancesWithFilters" }, "description": "Stop and restart all instances in us-east-1b with the tag env=prod in the specified VPC", "targets": { "myInstances": { "resourceType": "aws:ec2:instance", "resourceTags": { "env": "prod" }, "filters": [ { "path": "Placement.AvailabilityZone", "values": ["us-east-1b"] }, { "path": "State.Name", "values": ["running"] }, { "path": "VpcId", "values": [ "vpc-aabbcc11223344556"] } ], "selectionMode": "ALL" } }, "actions": { "StopInstances": { "actionId": "aws:ec2:stop-instances", "description": "stop the instances", "parameters": { "startInstancesAfterDuration": "PT2M" }, "targets": { "Instances": "myInstances" } } }, "stopConditions": [ { "source": "aws:cloudwatch:alarm", "value": "arn:aws:cloudwatch:us-east-1:111122223333:alarm:alarm-name" } ], "roleArn": "arn:aws:iam::111122223333:role/role-name" }

Stop a specified number of EC2 instances

The following example stops three instances with the specified tag. AWS FIS selects the specific instances to stop at random. It restarts these instances after two minutes.

{ "tags": { "Name": "StopEC2InstancesByCount" }, "description": "Stop and restart three instances with the specified tag", "targets": { "myInstances": { "resourceType": "aws:ec2:instance", "resourceTags": { "env": "prod" }, "selectionMode": "COUNT(3)" } }, "actions": { "StopInstances": { "actionId": "aws:ec2:stop-instances", "description": "stop the instances", "parameters": { "startInstancesAfterDuration": "PT2M" }, "targets": { "Instances": "myInstances" } } }, "stopConditions": [ { "source": "aws:cloudwatch:alarm", "value": "arn:aws:cloudwatch:us-east-1:111122223333:alarm:alarm-name" } ], "roleArn": "arn:aws:iam::111122223333:role/role-name" }

Run a pre-configured AWS FIS SSM document

The following example runs a CPU fault injection for 60 seconds on the specified EC2 instance using a pre-configured AWS FIS SSM document, AWSFIS-Run-CPU-Stress. AWS FIS monitors the experiment for two minutes.

{ "tags": { "Name": "CPUStress" }, "description": "Run a CPU fault injection on the specified instance", "targets": { "myInstance": { "resourceType": "aws:ec2:instance", "resourceArns": ["arn:aws:ec2:us-east-1:111122223333:instance/instance-id"], "selectionMode": "ALL" } }, "actions": { "CPUStress": { "actionId": "aws:ssm:send-command", "description": "run cpu stress using ssm", "parameters": { "duration": "PT2M", "documentArn": "arn:aws:ssm:us-east-1::document/AWSFIS-Run-CPU-Stress", "documentParameters": "{\"DurationSeconds\": \"60\", \"InstallDependencies\": \"True\", \"CPU\": \"0\"}" }, "targets": { "Instances": "myInstance" } } }, "stopConditions": [ { "source": "aws:cloudwatch:alarm", "value": "arn:aws:cloudwatch:us-east-1:111122223333:alarm:alarm-name" } ], "roleArn": "arn:aws:iam::111122223333:role/role-name" }

Run a predefined Automation runbook

The following example publishes a notification to Amazon SNS using a runbook provided by Systems Manager, AWS-PublishSNSNotification. The role must have permissions to publish notifications to the specified SNS topic.

{ "description": "Publish event through SNS", "stopConditions": [ { "source": "none" } ], "targets": { }, "actions": { "sendToSns": { "actionId": "aws:ssm:start-automation-execution", "description": "Publish message to SNS", "parameters": { "documentArn": "arn:aws:ssm:us-east-1::document/AWS-PublishSNSNotification", "documentParameters": "{\"Message\": \"Hello, world\", \"TopicArn\": \"arn:aws:sns:us-east-1:111122223333:topic-name\"}", "maxDuration": "PT1M" }, "targets": { } } }, "roleArn": "arn:aws:iam::111122223333:role/role-name" }

Throttle API actions on EC2 instances with the target IAM role

The following example throttles 100% percent of the calls to the specified API actions on EC2 instances with the specified IAM role.

{ "tags": { "Name": "ThrottleEC2APIActions" }, "description": "Throttle the specified EC2 API actions on the specified IAM role", "targets": { "myRole": { "resourceType": "aws:iam:role", "resourceArns": ["arn:aws:iam::111122223333:role/role-name"], "selectionMode": "ALL" } }, "actions": { "ThrottleAPI": { "actionId": "aws:fis:inject-api-throttle-error", "description": "Throttle APIs for 5 minutes", "parameters": { "service": "ec2", "operations": "DescribeInstances,DescribeVolumes", "percentage": "100", "duration": "PT2M" }, "targets": { "Roles": "myRole" } } }, "stopConditions": [ { "source": "aws:cloudwatch:alarm", "value": "arn:aws:cloudwatch:us-east-1:111122223333:alarm:alarm-name" } ], "roleArn": "arn:aws:iam::111122223333:role/role-name" }