Use AMS Self-Service Provisioning (SSP) mode to access AWS Elastic Disaster Recovery capabilities directly in your AMS managed account. AWS Elastic Disaster Recovery minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications using affordable storage, minimal compute, and point-in-time recovery. You can increase IT resilience when you use AWS Elastic Disaster Recovery to replicate on-premises or cloud-based applications running on supported operating systems. Use the AWS Management Console to configure replication and launch settings, monitor data replication, and launch instances for drills or recovery.
To learn more, see AWS Elastic Disaster Recovery
AWS Elastic Disaster Recovery in AWS Managed Services FAQs
Q: How do I request access to AWS Elastic Disaster Recovery in my AMS account?
Request access by submitting a Management | AWS service | Self-provisioned service | Add (review required) (ct-3qe6io8t6jtny) change type.
This RFC provisions the following IAM role to your account:
customer_drs_console_role.
After its provisioned in your account, you must onboard the role in your federation solution.
Q: What are the restrictions to using AWS Elastic Disaster Recovery in my AMS account?
There are no restrictions to use AWS Elastic Disaster Recovery in your AMS account.
Q: What are the prerequisites or dependencies to using AWS Elastic Disaster Recovery in my AMS account?
After you have access to the console role, you must initialize the Elastic Disaster Recovery service to create the needed IAM roles within the account.
You must submit a Management | Other | Other RFC to create a clone of the
customer-mc-ec2-instance-profileinstance profile and attach theAWSElasticDisasterRecoveryEc2InstancePolicypolicy. You must specify which machines to attach the new policy to.If the instance isn't using the default instance profile, then AMS can attach
AWSElasticDisasterRecoveryEc2InstancePolicythrough automation.
You must use a customer-owned KMS key for cross-account recovery. The source account's KMS key must be updated following the policy to allow target account access. For more information, see Share the EBS encryption key with the target account.
The KMS key policy must be updated to allow the allow
customer_drs_console_roleto view the policy if you don't want to switch roles to view.For cross-account, cross-Region disaster recovery, AMS must set up the source and target account as Trusted Accounts and deploy the Failback and in-AWS right-sizing roles through AWS CloudFormation.
