Earlier this month, Iranian drone strikes damaged three AWS data centers in the UAE and Bahrain, causing outages and disruptions to multiple services. The events, which affected multiple facilities within the same AWS region, sparked discussion in the community about how geopolitical conflict can directly impact global cloud infrastructure and multi-AZ deployments.
Soon after the war with Iran started, multiple drones damaged AWS data centers in the Middle East. In the late hours of March 1st, Iranian drone strikes hit three AWS data centers in the UAE and Bahrain, spanning different AZs. The cloud provider acknowledged:
> In the ME-CENTRAL-1 (UAE) Region, two of our three Availability Zones (mec1-az2 and mec1-az3) remain significantly impaired. The third Availability Zone (mec1-az1) continues to operate normally, though some services have experienced indirect impact due to dependencies on the affected zones. In the ME-SOUTH-1 (Bahrain) Region, one facility has been impacted.
While one AZ remained operational in the UAE region, the region itself was disrupted as key functionalities and databases depending on redundancy and capacity across multiple data centers became severely impaired or degraded.
AWS defines a region as a minimum of three isolated, physically separate AZs within a geographic area. AZs are by design separated by a meaningful distance, far enough that a natural disaster affecting one is unlikely to affect another, but must remain within 100 km of each other to keep latency low between data centers inside the region. While the cloud provider claims that architecting across multiple AZs protects from "power outages, lightning strikes, tornadoes, earthquakes, and more", the model had not previously been tested in conflict zones.
A popular joke among practitioners had always been that a meteor strike would be required to take out an entire region, but a few drones suddenly seemed a more concrete risk, raising discussions that many had misunderstood single-region deployments. Amazon reached out to customers with different notifications, including those with data in the Bahrain region, where the majority of AZs remained available, writing:
> Due to active conflict, we recommend that customers with data in the Bahrain (ME-SOUTH-1) Region take steps to replicate critical data to other AWS Regions. AWS infrastructure is designed to be highly resilient, but given the uncertainty of the current situation, we encourage our customers to replicate Amazon S3 data from the ME-SOUTH-1 Region to another AWS Region. Harshwardhan Choudhary, release and deployment consultant at ABN AMRO Clearing Bank, comments:
> This is the first documented wartime kinetic attack on a major hyperscaler data center — and it's a wake-up call for every cloud architect (...) Multi-AZ is NOT disaster recovery. It protects you from hardware failures, not a missile hitting an entire availability zone cluster in the same city.
Customers with workloads running in the Middle East were advised to activate their disaster recovery plans, restore systems using remote backups stored in other regions, and reroute application traffic away from the affected areas. A timeline for the full recovery of the affected data centers has not been provided. AWS writes:
> Even as we work to restore these facilities, the ongoing conflict in the region means that the broader operating environment in the Middle East remains unpredictable. We strongly recommend that customers with workloads running in the Middle East take action now to migrate those workloads to alternate AWS Regions (...) we recommend considering AWS Regions in the United States, Europe, or Asia Pacific, as appropriate for your latency and data residency requirements.
Gregor Hohpe, co-author of Enterprise Integration Patterns and author of The Software Architect Elevator, argues that multi-cloud is not the solution:
> The risk is regional, not tied to a provider. The folks who took out ME-CENTRAL can just as easily take out Azure or any other data center. So, the mitigation is reducing your regional exposure, not your vendor exposure (unless you like to play provider Whac-a-mole) (...) A lot of organizations still haven't lived up to the fact that the cloud requires a different operating model. They still think resilience can be achieved through procurement or infrastructure. Paul Barrett, head of disaster recovery at Pay10 Global in Dubai, wrote about lessons from the UAE AWS outage for regulated entities. Mohamed Radwan, senior cloud architect at T-Systems International, warns:
> Data residency isn't just a best practice, it's the law. Moving workloads to other regions during a crisis might bring services back online, but it risks moving sensitive data outside national borders.
Third-party companies, such as MariaDB, have documented how they handled the migration of data out of the Middle East regions. AWS customers affected by the events and in need of further assistance were invited to contact AWS Support directly.