Scaling AWS Fault Injection Service across your organization using Account Controls
AWS Cloud Operations Blog
This article discusses scaling AWS Fault Injection Service (FIS) across an organization using account controls and Service Control Policies (SCPs). Key points include:
- Chaos engineering helps verify system resilience by injecting controlled failures
- Organizations can use SCPs and IAM permissions to enable FIS experiments safely
- Two key roles are recommended:
- AWS-FIS-Experiment-Orchestrator: Creates and manages experiment templates
- AWS-FIS-Experiment-Executor: Executes fault injection actions
- SCPs act as guardrails to prevent unauthorized network changes
- Standardizing FIS roles helps organizations adopt chaos engineering securely
The approach enables controlled network fault experiments while maintaining organizational security and network integrity.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Apr 12
2025
2025
Scaling AWS Fault Injection Service across your organization and accounts
Apr 12
2025
2025
Scaling AWS Fault Injection Service Across Your Organization And Regions
Jun 26
2025
2025
Best practices for utilizing AWS Systems Manager with AWS Fault Injection Service
Sep 3
2024
2024
AWS Fault Injection Service introduces additional safety control
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.