<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Aws on Azarudeen.com</title><link>http://azarudeen.com/tags/aws/</link><description>Recent content in Aws on Azarudeen.com</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Tue, 01 Jul 2025 10:00:00 +0530</lastBuildDate><atom:link href="http://azarudeen.com/tags/aws/index.xml" rel="self" type="application/rss+xml"/><item><title>Agents On Call: DNS Races, Feature Files, and the AI-Assisted Postmortem</title><link>http://azarudeen.com/posts/11-jul-2025-to-present-agents-on-call/</link><pubDate>Tue, 01 Jul 2025 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/11-jul-2025-to-present-agents-on-call/</guid><description>&lt;h1 id="agents-on-call-jul-2025--jul-2026"&gt;Agents On Call (Jul 2025 – Jul 2026)&lt;/h1&gt;
&lt;p&gt;This window opened with a brutal autumn: within a month, AWS, Azure, and
Cloudflare each suffered a headline global outage, making &amp;ldquo;the internet is three
companies in a trench coat&amp;rdquo; a mainstream news take. Meanwhile the biggest
&lt;em&gt;practice&lt;/em&gt; shift since the SRE book has been underway — AI agents moving from
summarizing incidents to responding to them.&lt;/p&gt;
&lt;h2 id="the-incidents-defining-the-period-so-far"&gt;The incidents defining the period (so far)&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;AWS us-east-1, October 20, 2025&lt;/strong&gt; — A &lt;strong&gt;latent race condition in DynamoDB&amp;rsquo;s
automated DNS management&lt;/strong&gt; produced an empty DNS record for the regional
endpoint; the automation couldn&amp;rsquo;t self-repair, and failures cascaded through
the many AWS services (and thousands of customer apps) that depend on DynamoDB
in us-east-1. Roughly 14–15 hours of disruption; Snapchat alone drew ~3 million
outage reports. The most consequential us-east-1 event since December 2021 —
and an &amp;ldquo;automation deadlock&amp;rdquo; case study: the fix required humans to disable
the automation that was supposed to prevent exactly this.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Azure Front Door, October 29, 2025&lt;/strong&gt; — An inadvertent configuration change
broke Microsoft&amp;rsquo;s global edge/CDN layer for ~8 hours, taking down the Azure
portal, M365 entry points, and customer sites — days before earnings, a week
after AWS&amp;rsquo;s turn. A separate &lt;strong&gt;East US2 networking config outage lasting
roughly 50 hours&lt;/strong&gt; underlined that regional incidents can now outlast news
cycles.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, November 18, 2025&lt;/strong&gt; — A database permissions change caused the
Bot Management &lt;strong&gt;feature file to double in size&lt;/strong&gt;, exceeding a hard-coded
limit in the core proxy; processes crash-looped globally. X, ChatGPT, and
Canva threw 5xx errors for hours. Cloudflare&amp;rsquo;s same-week postmortem
(&lt;a href="https://blog.cloudflare.com/18-november-2025-outage/"&gt;blog.cloudflare.com&lt;/a&gt;)
echoed their 2019 regex writeup: an internally-generated &amp;ldquo;content&amp;rdquo; artifact,
globally propagated, hitting an untested limit.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, December 5, 2025 and February 20, 2026&lt;/strong&gt; — A ~25-minute traffic
outage, then a BGP withdrawal affecting Bring-Your-Own-IP customers — smaller
events, but notable for the now-routine speed and detail of disclosure.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&lt;em&gt;(This is a living post, updated through July 2026.)&lt;/em&gt;&lt;/p&gt;</description></item><item><title>When the Map Burns with the Territory: BGP Lockouts and Cascading Dependencies</title><link>http://azarudeen.com/posts/08-oct-2021-to-dec-2022-when-the-map-burns-with-the-territory/</link><pubDate>Fri, 01 Oct 2021 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/08-oct-2021-to-dec-2022-when-the-map-burns-with-the-territory/</guid><description>&lt;h1 id="when-the-map-burns-with-the-territory-oct-2021--dec-2022"&gt;When the Map Burns with the Territory (Oct 2021 – Dec 2022)&lt;/h1&gt;
&lt;p&gt;The defining image of this window is Facebook engineers reportedly unable to
badge into their own buildings because the outage had taken down the systems
that controlled the doors. Incident after incident showed recovery tooling,
communications, and even physical access welded to the infrastructure they were
supposed to repair.&lt;/p&gt;
&lt;h2 id="the-incidents-that-defined-the-period"&gt;The incidents that defined the period&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Facebook/Meta, October 4, 2021&lt;/strong&gt; — A routine maintenance command
disconnected Facebook&amp;rsquo;s backbone; its DNS servers, by design, &lt;strong&gt;withdrew their
BGP routes&lt;/strong&gt; when they couldn&amp;rsquo;t reach the datacenters. Facebook, Instagram,
and WhatsApp vanished from the internet for ~6 hours. Internal tools and
remote access died too, forcing physical datacenter visits
(&lt;a href="https://engineering.fb.com/2021/10/04/networking-traffic/outage/"&gt;engineering.fb.com&lt;/a&gt;).&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Roblox, October 28–31, 2021&lt;/strong&gt; — A 73-hour outage from a subtle interaction
between a Consul feature and BoltDB performance. The postmortem, co-published
with HashiCorp months later, was praised for depth and for neither party
hiding behind the other.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;AWS us-east-1, December 7, 2021&lt;/strong&gt; — An automated scaling activity triggered
a thundering herd on the &lt;strong&gt;internal network&lt;/strong&gt; connecting AWS&amp;rsquo;s own services;
monitoring and support tooling were among the casualties, slowing diagnosis
(&lt;a href="https://aws.amazon.com/message/12721/"&gt;aws.amazon.com/message/12721&lt;/a&gt;).
Two further December us-east-1 incidents made &amp;ldquo;why is everything in one
region?&amp;rdquo; a CTO-level question.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Log4Shell, December 2021&lt;/strong&gt; — A logging library CVE that turned every Java
shop&amp;rsquo;s December into an incident. The response was run like an outage and
postmortem&amp;rsquo;d like one; SBOMs went from acronym to mandate.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Atlassian, April 2022&lt;/strong&gt; — A maintenance script given the wrong IDs
&lt;strong&gt;permanently deleted&lt;/strong&gt; ~400 customers&amp;rsquo; cloud sites; restoration took up to
two weeks because recovery was designed for whole-service rollback, not
per-customer restore. The postmortem&amp;rsquo;s candor about that gap was the lesson.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Rogers, July 8, 2022&lt;/strong&gt; — A maintenance update removed a routing filter and
the resulting BGP flood crashed Canada&amp;rsquo;s largest network — including 911
access and Interac payments — for ~a day. National reviews followed;
reliability became telecom regulation.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, June 21, 2022&lt;/strong&gt; — A BGP change during a datacenter conversion
took down 19 of their busiest locations; postmortem published same day.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;UK heatwave, July 2022&lt;/strong&gt; — Google and Oracle cloud regions in London
throttled by cooling failures: climate as a reliability factor.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Southwest Airlines, December 2022&lt;/strong&gt; — Crew-scheduling software collapsed
under a winter storm; ~17,000 flights cancelled. The eventual reckoning
(including a record fine) made &amp;ldquo;legacy system risk&amp;rdquo; a board agenda item.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-the-postmortems-reveal"&gt;What the postmortems reveal&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;1. Recovery must not depend on the thing being recovered.&lt;/strong&gt; Facebook&amp;rsquo;s DNS,
AWS&amp;rsquo;s monitoring, Atlassian&amp;rsquo;s restore tooling — each incident extended because
the repair path ran through the failure. Out-of-band management networks,
break-glass access, and offline runbooks became the era&amp;rsquo;s universal action item.&lt;/p&gt;</description></item><item><title>The us-east-1 Problem: Control Planes, Quotas, and a 49-Second CDN Outage</title><link>http://azarudeen.com/posts/07-jul-2020-to-sep-2021-the-us-east-1-problem/</link><pubDate>Wed, 01 Jul 2020 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/07-jul-2020-to-sep-2021-the-us-east-1-problem/</guid><description>&lt;h1 id="the-us-east-1-problem-jul-2020--sep-2021"&gt;The us-east-1 Problem (Jul 2020 – Sep 2021)&lt;/h1&gt;
&lt;p&gt;The incidents of this window share a shape: a small, deep dependency — a thread
limit, a quota system, one customer&amp;rsquo;s config — radiating outward until half the
internet notices. Postmortem readers learned to ask a new first question: &lt;em&gt;what
does everything else depend on?&lt;/em&gt;&lt;/p&gt;
&lt;h2 id="the-incidents-that-defined-the-period"&gt;The incidents that defined the period&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;AWS Kinesis / us-east-1, November 25, 2020&lt;/strong&gt; — Adding capacity to Kinesis&amp;rsquo;s
front-end fleet pushed servers past an &lt;strong&gt;OS thread limit&lt;/strong&gt;; the fleet needed a
slow full restart, and dependent services (Cognito, CloudWatch — and vendors'
status pages) failed with it
(&lt;a href="https://aws.amazon.com/message/11201/"&gt;aws.amazon.com/message/11201&lt;/a&gt;).
The postmortem taught thousands of engineers what a cell-based architecture is
— by describing its absence.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Google, December 14, 2020&lt;/strong&gt; — The identity/quota system took down Gmail,
YouTube, and Google Cloud auth for ~47 minutes: an automated quota migration
reported usage as zero and rationed the auth service to death. Safety systems
that can&amp;rsquo;t distinguish &amp;ldquo;no usage&amp;rdquo; from &amp;ldquo;no data&amp;rdquo; became a postmortem archetype.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Slack, January 4, 2021&lt;/strong&gt; — First workday of the year; provisioning couldn&amp;rsquo;t
scale up in AWS fast enough, and Slack&amp;rsquo;s own dashboards were degraded during
the response (&lt;a href="https://slack.engineering/slacks-outage-on-january-4th-2021/"&gt;slack.engineering&lt;/a&gt;).&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;OVHcloud fire, March 2021&lt;/strong&gt; — A Strasbourg datacenter burned; some customers
learned their &amp;ldquo;backups&amp;rdquo; lived in the building that was on fire. Physical DR
returned to the conversation.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Fastly, June 8, 2021&lt;/strong&gt; — A dormant bug shipped in May was triggered by &lt;strong&gt;one
customer&amp;rsquo;s valid configuration change&lt;/strong&gt;, dropping ~85% of Fastly&amp;rsquo;s network.
Global outage in seconds; identified in minutes; largely restored in under an
hour (&lt;a href="https://www.fastly.com/blog/summary-of-june-8-outage"&gt;fastly.com&lt;/a&gt;).
Reuters, gov.uk, and Amazon went dark together — 49 minutes that made
&amp;ldquo;CDN concentration&amp;rdquo; a mainstream news topic.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Akamai Edge DNS, July 2021&lt;/strong&gt; — A bug triggered by a configuration update took
down banks and airlines for about an hour. Same lesson, different CDN.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-the-postmortems-reveal"&gt;What the postmortems reveal&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;1. Control plane vs data plane became the sharpest lens.&lt;/strong&gt; Google&amp;rsquo;s quota
system, AWS&amp;rsquo;s front-end metadata fleet, Fastly&amp;rsquo;s config distribution — in each
case the &lt;em&gt;management&lt;/em&gt; machinery failed while the underlying capacity was fine.
&amp;ldquo;Static stability&amp;rdquo; (the data plane keeps working when the control plane is
down) became the design goal to cite.&lt;/p&gt;</description></item><item><title>Typos That Broke the Internet: S3, GitLab, and Radical Transparency</title><link>http://azarudeen.com/posts/04-oct-2016-to-dec-2017-typos-that-broke-the-internet/</link><pubDate>Sat, 01 Oct 2016 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/04-oct-2016-to-dec-2017-typos-that-broke-the-internet/</guid><description>&lt;h1 id="typos-that-broke-the-internet-oct-2016--dec-2017"&gt;Typos That Broke the Internet (Oct 2016 – Dec 2017)&lt;/h1&gt;
&lt;p&gt;If one window proved that public, honest postmortems build more trust than they
cost, it&amp;rsquo;s this one. A livestreamed database recovery and a typo that took down
half the web produced two of the most-read incident reports in history.&lt;/p&gt;
&lt;h2 id="the-incidents-that-defined-the-period"&gt;The incidents that defined the period&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Dyn DNS DDoS, October 21, 2016&lt;/strong&gt; — The Mirai botnet, built from IoT devices,
took down a major managed-DNS provider and with it Twitter, Netflix, Reddit,
and GitHub for much of a day. The industry&amp;rsquo;s introduction to &lt;em&gt;dependency
concentration&lt;/em&gt;: dozens of &amp;ldquo;independent&amp;rdquo; sites shared one DNS provider.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;GitLab database incident, January 31, 2017&lt;/strong&gt; — An exhausted engineer, fighting
replication lag, ran &lt;code&gt;rm -rf&lt;/code&gt; on the &lt;strong&gt;primary&amp;rsquo;s&lt;/strong&gt; data directory. Five backup
mechanisms failed or were misconfigured. GitLab &lt;strong&gt;livestreamed the recovery on
YouTube&lt;/strong&gt; and published a minute-by-minute postmortem
(&lt;a href="https://about.gitlab.com/blog/2017/02/10/postmortem-of-database-outage-of-january-31/"&gt;about.gitlab.com&lt;/a&gt;).
~6 hours of data was lost — and GitLab&amp;rsquo;s reputation arguably &lt;em&gt;improved&lt;/em&gt;.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;AWS S3 us-east-1, February 28, 2017&lt;/strong&gt; — An operator debugging the billing
system mistyped a playbook parameter and removed far more capacity than
intended; the index subsystem required a full restart it hadn&amp;rsquo;t had in years
(&lt;a href="https://aws.amazon.com/message/41926/"&gt;aws.amazon.com/message/41926&lt;/a&gt;).
Thousands of sites broke — including, memorably, AWS&amp;rsquo;s own status page, whose
health icons were hosted on S3.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudbleed, February 2017&lt;/strong&gt; — A parser bug leaked memory across Cloudflare
customers into cached pages. Cloudflare&amp;rsquo;s forensic-grade disclosure set a new
bar for security postmortems.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;British Airways, May 2017&lt;/strong&gt; — A datacenter power event (a contractor and a
UPS) grounded flights globally; the vague public explanation became the
counterexample to GitLab-style transparency.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Equifax breach, 2017&lt;/strong&gt; — An unpatched Struts vulnerability; the postmortem
lesson was less about the bug than about asset inventory and patch governance.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-the-postmortems-reveal"&gt;What the postmortems reveal&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;1. Transparency won, decisively.&lt;/strong&gt; GitLab and AWS gave specifics (the command,
the parameter, the safety checks now added); BA gave vagueness. The market
noticed which companies it trusted more afterward. &amp;ldquo;Publish the real postmortem&amp;rdquo;
became a competitive strategy, not a legal risk.&lt;/p&gt;</description></item></channel></rss>