Availability Zones Are Not Data Centers
Within a given account, an EC2 instance in one AZ (such as us-east-1a) and an EC2 instance in another AZ (such as us-east-1b) may safely be assumed to be in distinct data centers.
However, this is not necessarily true when you are using more than one AWS account. When you create an EC2 instance in account 1 that is in AZ us-east-1a, and an EC2 instance in account 2 that is in AZ us-east-1c, these two instances might, in fact, be in the same data center. They may actually be located on the same physical server!
Why is this the case? It is because the AZ names do not statically map directly to specific data centers. Instead, the data center(s) used for “us-east-1a” in one account might be different than the data center(s) used for “us-east-1a” in another account.
When you create an AWS account, they “randomly” create a mapping of availability zone names to specific data centers. This means that one account’s view of “us-east-1a” will be physically present in a very different location than another account’s view of “us-east-1a”. This is demonstrated in Table #table(awsazmappings). Here we show an arbitrary number of data centers (arbitrarily numbered 1 through 8) within a single region. Then, we show a possible mapping between AZ names and those data centers for four sample accounts.
Data Center |
AWS Account 1 |
AWS Account 2 |
AWS Account 3 |
AWS Account 4 |
… |
DC #1 |
us-east-1a |
us-east-1d |
|
us-east-1e |
... |
DC #2 |
us-east-1a |
us-east-1c |
us-east-1a |
us-east-1a |
... |
DC #3 |
us-east-1b |
us-east-1a |
us-east-1d |
us-east-1d |
... |
DC #4 |
us-east-1c |
|
us-east-1a |
us-east-1b |
... |
DC #5 |
us-east-1d |
us-east-1b |
us-east-1c |
us-east-1c |
... |
DC #6 |
us-east-1e |
|
us-east-1b |
|
... |
DC #7 |
|
|
us-east-1e |
|
... |
DC #8 |
|
us-east-1e |
|
|
... |
Table 27-3. Unexpected availability zone mappings.
From this, you’ll notice a few things. First, a single AZ for an account can, in fact, be contained in multiple distinct data centers. This means the two EC2 instances you create within a single account and a single AZ may be on the same physical server, or they could be in completely different data centers. Second, two EC2 instances created in different accounts may or may not be in the same data center, even if the AZs are different.
For example, in Table 27-3, if account #1 creates an instance in us-east-1b, and account #3 creates an instance in us-east-1d, those two instances will both be created in data center #3.
This is important to keep in mind for one simple reason: just because you have two EC2 instances in two accounts in two different AZs, does not mean they can be assumed to be independent for availability purposes.
As discussed in Two Mistakes High, maintaining independence of replicated components is essential for availability and risk management purposes. However, when using multiple AWS accounts, the AWS AZ model does not enforce this. The AZ model can be used to enforce this only when dealing within a single AWS account.
Why would you ever want to use more than one AWS account? Actually, this is fairly common. Many companies create multiple AWS accounts used by different groups within the company. AWS might do this for billing purposes, permissions management, or other reasons. Sometimes security policies dictate the use of multiple AWS accounts.
Ever Wonder Why?
[note]Ever wonder why, when AWS announces an outage, they will say that an outage impacts “some availability zones” in a given region, but they do not say which ones?
The reason is because of how the system is mapped: if they have a problem in, say DC#4, that might mean your “us-east-1a,” whereas for the next person it might be “us-east-1c.” They cannot give the name of a specific AZ, because the name of the AZ is different for each account.
Why does AWS use this weird mapping? One of the main reasons is for load balancing. When people launch EC2 instances, they tend not to launch them evenly distributed across all availability zones. In fact, “us-east-1a” is a more common AZ for people to launch EC2 instances than “us-east-1e.” This is governed as much by human nature as anything. If AWS did not do this artificial remapping, AZs earlier in the alphabet would be overloaded, whereas AZs later in the alphabet would be less loaded. By creating this artificial mapping, they are able to load balance usage more effectively.