Automatic failover system between AWS and Azure using Cloudflare DNS health monitoring. Built with Terraform and automated via GitHub Actions.
This project implements high-availability web hosting across two cloud providers. AWS S3 + CloudFront serves traffic under normal conditions. When AWS becomes unavailable, Cloudflare automatically redirects users to Azure Blob Storage based on health check results.
Primary origin: AWS S3 bucket behind CloudFront CDN Secondary origin: Azure Blob Storage static website Failover logic: Cloudflare Load Balancer with HTTP health checks Monitoring: CloudWatch (AWS) and Azure Monitor Deployment: GitHub Actions workflow
AWS Module
- S3 bucket with website configuration
- CloudFront distribution with Origin Access Identity
- CloudWatch alarms for 5xx errors and traffic drops
Azure Module
- Storage account with static website enabled
- LRS replication for cost optimization
- Azure Monitor alerts for availability
Cloudflare Module
- Health check monitor querying
/health.json - Load balancer pools for each cloud provider
- Automatic failover after 2 failed checks
terraform/
modules/aws/ S3, CloudFront, monitoring
modules/azure/ Blob storage, monitoring
modules/cloudflare/ DNS, health checks
main.tf Provider configs, module calls
variables.tf Input variables
outputs.tf Resource identifiers
website/
index.html Dashboard showing active provider
health.json Health check response
.github/workflows/
deploy.yml Terraform apply + S3/Azure sync
S3 bucket blocks public access. CloudFront Origin Access Identity enforces CDN-only access. HTTPS enforced on all endpoints. Content Security Policy headers prevent XSS. Azure Storage requires TLS 1.2+.
Website design by Claude Code.