Architect Multi-Region Disaster Recovery with AWS Services

ADVANCED
180 minutes
5 tasks

In this lab, you will design a multi-region disaster recovery architecture using AWS services, focusing on enterprise-grade scalability and resilience. You will integrate AWS Organizations, AWS IAM Identity Center, and AWS Transit Gateway to set up a robust architecture that meets performance and cost efficiency targets. You will also implement automated provisioning through AWS CloudFormation, ensuring compliance with organizational security requirements across regions. Through hands-on tasks, you will apply best practices in building HA/DR solutions suitable for enterprise environments, integrating detailed configurations for high availability and fault tolerance.

Scenario

ACME Corporation, a multinational enterprise, requires a disaster recovery solution to ensure business continuity for its e-commerce platform. Currently operating in the us-east-1 region, the company aims to expand its DR capabilities to the us-west-2 region to achieve a recovery time objective (RTO) of 1 hour and recovery point objective (RPO) of 15 minutes. The architecture must support a scalable and resilient infrastructure, accommodating an average of 10,000 users per minute, with a maximum budget of $10 per DR operation cycle.

Learning Objectives

  • Design a multi-region disaster recovery architecture using AWS Organizations and Transit Gateway
  • Implement automated DR setup with AWS CloudFormation
  • Ensure security compliance using IAM Identity Center and SCPs
  • Optimize costs within defined budget constraints

tasks (5)

task 1: Initialize the multi-region AWS infrastructure with CloudFormation

30 min

task 2: Set up multi-region connectivity with AWS Transit Gateway

40 min

task 3: Configure IAM Identity Center for secure access across accounts

40 min

task 4: Deploy Security Controls using AWS Config and Security Hub

35 min

task 5: Cost optimization using reports and trusted advisor

35 min

Prerequisites

  • Understanding of AWS VPC and networking concepts
  • Knowledge of IAM and AWS Identity Center
  • Familiarity with CloudFormation templates

Skills Tested

Multi-region disaster recovery architecture designAWS Organizations and IAM Identity Center integrationAWS Transit Gateway for cross-region networkingCost optimization practices in AWS