iCompaas Support

Profile Applicability:

• Level 2

Description:

Launch settings in AWS Elastic Disaster Recovery (EDR) define how recovery instances are created during failover or testing. Proper configuration ensures that instances are launched with the correct instance type, security groups, subnets, and other parameters. Misconfigured launch settings can lead to failed recoveries, security issues, or application malfunction during a disaster recovery event.

Rationale:

Properly configured launch settings ensure:

• Recovery instances function as expected during drills or actual failovers
  

• Networking, security groups, and IAM roles are appropriately applied
  

• Recovery operations meet recovery time objectives (RTO) and recovery point objectives (RPO)
  

• Production-like environments are accurately replicated during recovery
  

Default Value:

Launch settings are generated automatically based on AWS defaults or the first observed configuration but often require manual adjustments for production readiness.

Impact:

Pros:
 • Ensures successful and functional instance launches during DR events
• Enables fine-grained control over networking, IAM roles, and instance sizing
 • Prevents misconfigured or failed recovery during critical failover scenarios

Cons:
 • Requires upfront planning and validation
• Misconfigurations may go unnoticed until a recovery event occurs
 • Needs to be maintained as source environments evolve

Pre-requisites:

IAM Permissions Required:
 drs:UpdateLaunchConfiguration
 drs:GetLaunchConfiguration
 drs:DescribeSourceServers
 ec2:DescribeInstances
 ec2:DescribeSubnets, ec2:DescribeSecurityGroups

Remediation:

Test Plan:

Using AWS Console:

1. Log in to the AWS Management Console
2.  Navigate to Elastic Disaster Recovery (EDR)
3. Go to the Source Servers tab
4. Select a source server and choose Launch settings
5. Confirm that instance type, subnet, security group, tags, and scripts are properly configured
6. Verify that the recovery instance mapping reflects production intent

Using AWS CLI:

aws drs get-launch-configuration \
  --source-server-id s-xxxxxxxxxxxxxxxxx

Implementation Plan:

Using AWS Console:

1. Navigate to Elastic Disaster Recovery Console
2. Go to Source Servers and select the server
3. Click Edit launch settings
4.  Set the desired instance type, subnet, and security group
5. Apply any required tags or user data scripts
6. Save the configuration and document the changes for DR readiness

Using AWS CLI:

aws drs update-launch-configuration \
  --source-server-id s-xxxxxxxxxxxxxxxxx \
  --launch-disposition STARTED \
  --target-instance-type m5.large \
  --copy-private-ip true \
  --copy-tags true
aws drs get-launch-configuration \
  --source-server-id s-xxxxxxxxxxxxxxxxx

Backout Plan:

Using AWS Console:

1.  Reopen the Launch settings page
2. Restore previous values manually (document backup recommended)
3. Reapply known-good settings from a working recovery test

Using AWS CLI:

aws drs update-launch-configuration \
  --source-server-id s-xxxxxxxxxxxxxxxxx \
  --target-instance-type t3.medium \
  --launch-disposition STOPPED

References:

• https://docs.aws.amazon.com/drs/latest/userguide/recovery-launch-settings.html
• https://docs.aws.amazon.com/cli/latest/reference/drs/update-launch-configuration.html
• https://docs.aws.amazon.com/drs/latest/userguide/configure-networking.html