Create safety rules in Application Recovery Controller - Amazon Route 53 Application Recovery Controller

Create safety rules in Application Recovery Controller

When you work with several routing controls at the same time in Amazon Route 53 Application Recovery Controller, you might decide that you want safeguards in place to avoid unintended consequences. For example, you might want to prevent inadvertently turning off all the routing controls for an application, which would stop all traffic flow, resulting in a fail-open scenario. Or you might want to implement a master "on/off" switch to disable a set of routing controls, perhaps to prevent automation from rerouting traffic. To establish safeguards like these for routing control in Application Recovery Controller, you create safety rules.

You configure safety rules with a combination of routing controls, rules, and other options that you specify. Each safety rule is associated with a single control panel, but a control panel can have more than one safety rule. When you create safety rules, keep in mind that safety rule names must be unique within each control panel.

There are two types of safety rules, assertion rules and gating rules, which you can use to safeguard failover in different ways.

Assertion rule

With an assertion rule, when you change a routing control state or set of routing control states, Application Recovery Controller enforces that the criteria that you set when you configured the rule is met, or else the routing control states aren't changed.

An example of when this is useful is to prevent a fail-open scenario, like a scenario where you stop traffic from going to one cell but do not start traffic flowing to another cell. To avoid this, an assertion rule makes sure that at least one routing control in a set of routing controls in a control panel is On at any given time. This ensures that traffic is allowed to flow to at least one Region or Availability Zone for an application.

To see an example AWS CLI command that creates an assertion rule to enforce this criteria, see Create safety rules in Get started with routing control by using the AWS CLI.

For detailed information about the assertion rule API operation properties, see AssertionRule in the Routing Control API Reference Guide for Amazon Route 53 Application Recovery Controller.

Gating rule

With a gating rule, you can enforce an overall "on/off switch" over a set of routing controls so that whether those routing control states can be changed is enforced based on a set of criteria that you specify in the rule. The simplest criteria is whether a single routing control that you specify as the "switch" is set to On or Off.

To implement this, you create a gating routing control, to use as the overall switch, and target routing controls, to control traffic flow to different Regions or Availability Zones. Then, to prevent manual or automated state updates to the target routing controls that you've configured for the gating rule, you set the gating routing control state to Off. To allow updates, you set it to On.

To see an example AWS CLI command that creates a gating rule that implements this kind of overall switch, see Create safety rules in Get started with routing control by using the AWS CLI.

For detailed information about the gating rule API operation properties, see GatingRule in the Routing Control API Reference Guide for Amazon Route 53 Application Recovery Controller.