How Authress Designed for Resilience and Survived a Major AWS Outage

How Authress Designed for Resilience and Survived a Major AWS Outage

Briefly

"Identity and authentication services company Authress shared its strategy to stay operational during major cloud infrastructure outages like the massive October 2025 AWS outage that disrupted many major services. The company's resilience architecture relies on strategies like multi-region deployment and minimizing reliance on AWS control plane services, Authress CTO Warren Parad explains. Parad says the AWS October 20 incident was the worst seen in a decade. Even so, Authress maintained its SLA reliability commitments thanks to a reliability-first design centered on a failover routing strategy."

"Simply put - our strategy is to utilize DNS dynamic routing. This means requests come into our DNS and it automatically selects between one of two target regions, the primary region that we're utilizing or the failover region in case there's an issue. A critical part of this approach is rapid incident detection, enabling the DNS layer to determine when to switch traffic between regions. Parad notes that Authress intentionally avoids relying on AWS Route 53's default health checks or any third-party service to monitor availability:"

"We wouldn't know if that's an issue of communication between AWS's infrastructure services, or an issue with the default Route 53 health check endpoint, or some entangled problem with how those specifically interact with our code that we're actually utilizing."

"Authress custom solution performs several checks across the database, SQS, and the core authorizer logic, while also profiling requests latency end to end. This allows them to reliably determine whether the primary region, out of six total, is experiencing issues and to update the DNS based on that."