Turbot Disaster Recovery Shared Accountability

Overview

Turbot is a licensed software product that is a critical component of our customers infrastructure operations environment. It is each customers’ responsibility to plan for disaster recovery of core infrastructure as part of their business continuity planning process. The level of importance and acceptable business impact from potential disasters depends on many factors and each customer must assess the workloads they are running on AWS and develop appropriate plans to deal with disaster scenarios.

Turbot relies on core services from both our customers internal network and from AWS to function properly. In this document we outline the aspects of the shared accountability model that are applicable to a Turbot software implementation:

AWS: Responsible for Data Center Physical Plant (e.g. Power), Physical Security, Physical Infrastructure, AWS Physical and Software Defined Network, Hypervisor, AWS Console, AWS IAM, and AWS PaaS services.

Customer: Responsible for LAN Network, WAN Connectivity to AWS, DNS, NTP, AD, Applications, 3rd Party software licensing and configuration.

Turbot: Support & enhancement the software product and any contracted services. The standard Turbot license does not provide for disaster recovery services or SLAs beyond standard support. Please contact Turbot Professional Services if you are interested in a custom DR/BC services contract.

Disaster Recovery Response

A large-scale disaster that impacts an entire AWS region (e.g. us-east-1), including all availability zones and key services relied upon by Turbot (DynamoDB, S3, Elasticache, ELB, SQS, Cloudwatch, and IAM), would impact a significant number of AWS and Turbot customers. Should such a natural or man-made disaster render the entire region unusable for an extended period, we would support our customers in redeploying turbot to an alternate AWS region on a best-effort basis.

Turbot DR Process:

  1. Customer Operations Team: Selection of an appropriate alternative region
  2. Customer Operations Team: Networking and routing of network traffic to that alternate region
  3. Customer Operations Team: Creation of new account and/or providing root account access keys to Turbot
  4. Customer Operations Team: Testing of network connectivity between the new region and core services - AD/LDAP - DNS - NTP - http/https - SSH - Network Firewall Rules
  5. Turbot Support: Deployment of new cluster to alternate region
  6. Turbot Support: Restore backup of DynamoDB configuration (RPO 24hours)
  7. Turbot Support & Customer Operations Team: Test configuration

This process will only restore the Turbot cluster to an alternate region, any individual customer AWS accounts (and the applications) running in the effected region would also need to be recovered by the customer’s application and operations teams, following their own independent DR plan.

Was this article helpful?
0 out of 0 found this helpful