Cloud Outage Retrospective

On October 20, 2025, one broken Amazon DynamoDB address in Northern Virginia knocked large parts of Amazon Web Services offline for more than 15 hours, and apps like Slack, Atlassian, and Snapchat felt it far outside that one region. Amazon said the first fault was a Domain Name System resolution problem for DynamoDB, the database service many other Amazon systems depend on. (aboutamazon.com) The surprise was not that one service failed. The surprise was that a problem in one region spread through the “control plane,” which is the management layer that creates servers, checks health, and routes traffic, like an airport tower directing planes across many runways. (thousandeyes.com) Amazon’s own post-event summary says a latent race condition in DynamoDB’s Domain Name System management system created an empty record for the regional endpoint `dynamodb.us-east-1.amazonaws.com`. In plain English, Amazon’s internal phone book briefly erased the number for a critical service, and automated repair did not fix it fast enough. (aws.amazon.com) Amazon said it identified the DynamoDB naming failure by 12:26 a.m. Pacific time on October 20 and mitigated it by 2:24 a.m. Pacific time. Recovery still dragged on because internal subsystems remained impaired, and Amazon temporarily throttled some Elastic Compute Cloud instance launches to stabilize the platform. (aboutamazon.com) That second phase is the part executives usually miss. ThousandEyes said the outage began as a Domain Name System race condition but turned into a wider cascade across dependent systems, including networking and higher-level service management, which is why fixing the first bug did not instantly bring customers back. (thousandeyes.com) Northern Virginia, called US-East-1 inside Amazon, is not just another data center cluster. It is Amazon Web Services’ oldest and largest region, and many companies still anchor global identity, deployment, and monitoring workflows there even when their customer traffic runs elsewhere. (networkworld.com) That is why “multi-region” can fail in practice. A company can keep copies of its app in Oregon, Frankfurt, and Tokyo, but if the login system, deployment tools, or traffic controls still depend on Northern Virginia, those extra regions are more like backup storefronts that all share one cash register. (wiv.ai) The 2026 retrospective in International Business Times uses that outage to make a financial argument, not just a technical one. It says unplanned information technology downtime in 2025 caused hundreds of billions of dollars in global losses, and it argues that resilience plans should be measured in recovery time and revenue at risk, not just architecture diagrams. (ibtimes.com) That framing changes the boardroom question from “Are we multi-region?” to “How many dollars do we lose if one control plane is down for six hours?” It also forces companies to test whether they can deploy, authenticate users, and fail over without touching the same shared management systems that failed last October. (ibtimes.com) Amazon’s outage report is unusually valuable because it shows how a tiny software timing bug can become a business event with global reach. The lesson from October 20, 2025 is not that cloud computing is fragile by default; it is that independence has to exist in production systems, not just in slide decks. (aws.amazon.com)