How to introduce resiliency with AWS S3 bucket without any downtime

Question

We have a S3 hosted static web application. Here are some more details about its hosting. We have hosted it on AWS. We have route53 entry pointing to cloudfront which in turn points to S3 bucket. To make sure we are resilient, we plan to go for CRR(cross-region replication) for our S3 bucket. But that is only part of the solution to make our app resilient. We have three approaches in mind.

Approach 1

Create a health check on route53 to check s3 bucket availability in primary region. If we get a 503 error, we trigger a lambda which updates cloudfront origin to be s3 bucket from secondary region. But this approach would give us 30-40mins of downtime as cloudfront update takes that much time of propogate.

Approach 2

This approach involves route53 entry pointing to cloudfront entry and in case of failure from health check for S3 and cloudfront, have failover pointing directly to the secondary S3 bucket named. More details here: https://read.iopipe.com/multi-region-s3-failover-w-route53-64ff2357aa30 Downside of this approach is during failover, we would be over HTTP instead of HTTPS. This is again not acceptable

Approach 3

Deploy your application in two regions with two addresses. If one region goes down, you can add logic in cloudfront to redirect to second address. This again looks like a overkill but most acceptable approach till now

Can someone point out which approach should we go with. Is approach 3 our only option given the constraints. Also, if you know some other better approach, that would be awesome. I read AWS documentation about using lambda@edge but I am not sure if that would work. Suggestions?

Answer 1

Thanks to @Krease for pointing out the perfect solution. AWS allows you to create origin groups which allows you to have you secondary or failover S3 bucket. More details can be found here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html