AWS Fault Injection Service features

Overview

AWS Fault Injection Service (FIS) is a fully managed fault injection service that makes it easier for teams to discover an application’s weaknesses at scale in order to improve performance, observability, and resilience.  You can find a  list of supported fault injections here .

Simple Setup

AWS Fault Injection Service makes it easy to get started building and running fault injection experiments, without needing to install any agents. Fully managed fault injection actions are used to define actions such as stopping an instance, throttling an API, and failing over a database. Fault Injection Service supports Amazon CloudWatch so that you can use your existing metrics to monitor Fault Injection Service experiments.

Run real-world scenarios

Scenarios are pre-defined test conditions that help evaluate your applications' resilience against various impairments, such as application slowdowns in an Availability Zone (AZ), power interruptions in an AZ, or cross-Region connectivity disruption. These scenarios help reduce the undifferentiated heavy lifting by providing ready-to-use targets and fault actions for possible application impairments.

To run a scenario, simply access the scenario library in the FIS console, choose a scenario, then configure your specific application parameters. Each scenario includes a detailed description of the test conditions and suggested metrics to monitor your application's performance during the experiment to help you strengthen your application's resilience. You can view all supported scenarios in the AWS FIS User Guide. 

Fine-grained safety controls

When running experiments in live environments, there’s a risk of unintended impact. To provide guardrails and keep your fault injection experiments under control, AWS Fault Injection Service allows you to target based on environments, application, and other dimensions using tags. For example, you could increase CPU utilization on 10% of your instances with the tag “environment”:“prod”. Fault Injection Service also has the option to set rules based on Amazon CloudWatch Alarms or other tools to stop an experiment. For example, an experiment can be set to stop before completion if a web page response time decreases below an acceptable level.

Integrated security model

AWS Fault Injection Service is integrated with AWS Identity and Access Management (IAM) so that you can control which users and resources have permission to access and run Fault Injection Service experiments, and which resources and services can be affected.

Visibility throughout an experiment

AWS Fault Injection Service provides visibility throughout every stage of an experiment via the console and APIs. As an experiment is running you can observe what actions have executed. After an experiment has completed you can see details on what actions were run, if stop conditions were triggered, how metrics compared to your expected steady state, and more. To support accurate operational metrics and effective troubleshooting, you can also identify what resources and APIs are affected by a Fault Injection Service experiment.

Console and pragmatic access

You can use AWS Fault Injection Service with the AWS Management Console, AWS CLI, and AWS SDKs. The Fault Injection Service APIs allow you to programmatically access the service so that you can integrate fault injection testing into your continuous integration and continuous delivery (or CI/CD) pipeline, and custom tooling.