AWS Recovery

Recovering Resources

Recover AWS Resources

From the navigation menu, go to Cloud Resilence > Cloud Assemblies.

The Cloud Assemblies page appears.
Click the AWS assembly that you want to recover.

The Cloud Assembly page of the AWS appears.
On the Timeline tab, click the protected timeline.

The Protection page of the timeline appears.
In the upper-right corner of the page, click Recover.

The Recover Resources page of the timeline appears.
Enter the name of the recovery.
Select the recovery profile.
Select the recovery type.
Select the VPC type.
Select the recovery regions.
Select the resources to recover.
Click Recover to create a new recovery.

Recovery Scenarios

Appranix covers the following recovery scenarios during the recovery of the protected resources.

Same region recovery

Using Appranix, the user can recover the entire assembly, only the selected resources or choose the resources using tags in the same region.

For more information about the recovery of the VPC in the same region, see Recovering Cloud Assembly in Same Region.

Note

When recovering in the same region - same VPC, the EC2 instance, RDS instance, and the EFS will get recovered. If there is any Load Balancer associated with the EC2 instance, it will not get recreated, or the EC2 will not be attached to the existing Load Balancer. Appranix carefully avoided this so that the SRE can manually add the recovered EC2 instance to the Load Balancer if intended.
Recovering the resources in the same region might have resource conflicts with existing production environment resources. Appranix avoids creating overlapping resources with different IP addresses for the instances.

Cross-region recovery / Cross-account recovery

Using Appranix, the users can recover the entire assembly, the selected resources or choose resources using tags. The cross-region recovery or cross-account recovery can be chosen from the recovery option list.

There are two use cases covered under the other region recovery:

Create new VPC
Use existing VPC

For more information about the recovery of the VPC in the other region, see Recovering Cloud Assembly to Other Region.

Note

If the user has attached a certificate to the AWS Load Balancer in the primary region, it is mandatory to copy the certificate manually to other recovery regions. The certificates in both primary and recovery regions should have a tag with the key “Name.” The same value should be present in primary and recovery regions for Appranix identification. During recovery, Appranix attaches the certificates in the recovery regions automatically using these tags. This setting has to be done before protection so that the metadata information is correctly captured for the recovery to be successful.
AWS does not support creating snapshots for the RDS instance read replicas. If the RDS instance has a read replica, it will be excluded during the protection and recovery by Appranix.
For cross-account recovery, RDS instances, RDS clusters, and EFS are yet to be supported.
Only EBS volumes with custom keys are supported in cross-account recovery. EBS volumes with the default AWS encryption key are not supported.

Advanced recovery options

Skip protection for recovered resources: By enabling this option, the following tag will added in the recovered resources (KEY: ax-aps-protection, VALUE: ignore). Any resource with the above mentioned tag will be ignored by Appranix protection. The mentioned tag need to be removed from the recovered resource to protect it again. This option will mostly benefit in same VPC recovery.
Isolated network
- Disable outbound internet communication: By enabling this option, Appranix removes all the outbound internet traffic connecting to the recovered VPC. This is achieved by modifying the recovered VPC security groups without affecting the internal VPC traffic.
- Disable inbound internet communication: By enabling this option, Appranix removes all the inbound traffic from the recovered VPC connecting to the internet. This is achieved by modifying the recovered VPC security groups without affecting the internal VPC traffic.
Use existing loadbalancer: This option is available only for same VPC and cross-zone recovery. By enabling this option, the recovered resource will use the existing load balancer, avoiding load balancer duplication as well.
DNS Record Update (Route 53): When you choose to enable this option, Appranix will initiate the process of creating and updating the DNS records in your Hosted Zone within the specified recovery region. This action ensures that your domain's routing and accessibility are securely maintained, aligning with the chosen DR region. Know more

Delete recovered resources

Appranix allows you to delete recovered resources using the RESET option. Reset helps in deleting the recovered resources and rolling back the AWS resources to the original state before the recovery is triggered. It helps to reduce the AWS billing that can incur due to recovery testing.

You can delete a recovery either on demand or by scheduling a reset. To reset a schedule, you can do it while configuring recovery or after the completion of recovery.

Delete Recovered Resources

From the navigation menu, go to Cloud Resilence > Cloud Assemblies.

The Cloud Assemblies page appears.
Click the AWS assembly that you want to reset.

The Cloud Assembly page of the AWS appears.
On the Timeline tab, click the Recovered tab.
Click the recovered timeline that you want to reset.

The Protection page of the recovered timeline appears.
In the row for the recovered timeline, click the actions button , and then select Reset Now.

The Reset Recovery dialog box appears.
In the box, type DELETE.
Click Delete.

Once the reset action is triggered, the reset status changes to Reset In Progress. After the reset is completed, the changes to Reset completed. The Recovery Logs tab contains recovery and reset logs. It provides all the details of the execution for recovery and the reset process details.

Note

Appranix safely fails the reset request on the recovered resources if any configuration drift is noted from the original recovered resource configuration.