AWS Fault Injection Simulator (FIS)

1. Introduction

AWS Fault Injection Simulator (FIS) is a fully managed fault injection service that lets you run controlled experiments on your AWS workloads. Built on the principles of chaos engineering, FIS enables you to simulate real-world failure conditions—such as stopping instances, injecting latency, or throttling APIs—to uncover hidden weaknesses and improve the resiliency, performance, and observability of your applications.

2. Core Concepts

2.1. Experiment Templates

An experiment template is the blueprint for your fault injection experiments. It defines:

Actions: The disruptive events (faults) you want to inject.
Targets: The AWS resources (or groups of resources identified via ARNs, tags, or filters) that the actions will affect.
Stop Conditions: Predefined guardrails (typically CloudWatch alarms) that automatically halt an experiment if your system’s performance deviates beyond an acceptable threshold.
IAM Role: The service role that grants FIS the permissions needed to perform the actions on your behalf.

2.2. Actions

Actions are the specific fault injection operations performed during an experiment. AWS provides a set of preconfigured actions (such as stopping or rebooting EC2 instances, inducing CPU or memory stress, throttling API calls, or simulating network delays). These actions can run sequentially or in parallel, and each action’s duration and timing can be precisely configured.

2.3. Targets

Targets are the resources impacted by your fault injection actions. They can be specified directly by resource IDs or indirectly via tags and filters. This allows you to flexibly choose which instances, clusters, or other resources are affected by your experiments.

2.4. Stop Conditions

Safety is paramount when running experiments that impact real systems. FIS lets you define stop conditions using CloudWatch alarms (or other supported mechanisms). If a stop condition is met—indicating, for example, that a key metric has breached an acceptable threshold—the experiment is immediately halted to protect your system.

3. Key Features and Benefits

3.1. Simplicity and Agility

No Agents Required: FIS is fully managed, meaning you don’t have to install any agents on your resources.
Pre-Built Scenarios: AWS offers a Scenario Library with ready-to-use fault injection patterns that help simulate common failure modes (such as AZ outages or CPU throttling).

3.2. Fine-Grained Control and Safety

Guardrails: Through stop conditions and the use of fine-grained IAM permissions, you can run experiments safely even in production-like environments.
Tag-Based Targeting: You can limit experiments to specific resources by using tags (for example, targeting only instances with a tag of "environment": "prod").

3.3. Visibility and Integration

Operational Insights: FIS provides detailed logging and status information through the AWS Management Console, CLI, and SDKs. This enables you to monitor which actions were executed, how your application responded, and to drill down into metrics.
Programmatic Access: Fully accessible via APIs, AWS CLI, CloudFormation, and AWS SDKs, allowing you to integrate fault injection into your CI/CD pipelines.

3.4. Resiliency Improvement

Real-World Testing: By simulating failures in a controlled manner, FIS helps you validate your system’s steady state and recovery procedures, leading to higher application availability and improved customer experience.

4. Experiment Planning and Best Practices

Before running fault injection experiments, AWS recommends a careful planning phase:

Define Your Steady-State: Determine key technical and business metrics (e.g., latency, error rates) that characterize normal operation.
Formulate a Hypothesis: Articulate what you expect to happen during the fault injection (for example, “If an EC2 instance is stopped, the overall application latency will not increase by more than 5%”).
Test in Pre-Production: Always start in a test or pre-production environment to understand potential impacts before moving to production.
Implement Robust Monitoring: Ensure you have comprehensive monitoring and alerting in place (using Amazon CloudWatch) so that you can observe the impact in real time and trigger stop conditions as needed.

5. Conclusion

AWS Fault Injection Simulator (FIS) is a powerful, fully managed service designed to help you proactively identify and mitigate weaknesses in your applications. By enabling controlled, repeatable fault injection experiments based on chaos engineering principles, FIS:

Provides a blueprint (via experiment templates) to define actions, targets, and safety stop conditions.
Integrates seamlessly with AWS’s broad portfolio of services and monitoring tools.
Enhances the resiliency and reliability of your systems by allowing you to simulate real-world failure conditions in a safe, controlled manner.
Supports automation and integration into CI/CD pipelines, ensuring continuous validation of your application’s performance and operational robustness.

For more comprehensive details, please refer to the official AWS Fault Injection Service documentation.

1. Introduction​

2. Core Concepts​

2.1. Experiment Templates​

2.2. Actions​

2.3. Targets​

2.4. Stop Conditions​

3. Key Features and Benefits​

3.1. Simplicity and Agility​

3.2. Fine-Grained Control and Safety​

3.3. Visibility and Integration​

3.4. Resiliency Improvement​

4. Experiment Planning and Best Practices​

5. Conclusion​