With the AWS outages over the last few days, I've been wondering how you would set up a system using only AWS services that would be resistant to multi-availability zone outages across multiple services within a geographical region. Assume that the system that we are setting up is an API that will have heavy read/write traffic with a significant number of users, and that the startup running it is on a typical shoestring budget that makes AWS attractive.
What got a lot of startups in trouble was architecting systems that were fault-tolerant across availability zones within the US-East region, but when one availability zone went down, everybody's apps started flooding the other availability zones, causing more problems. A typical setup might have been an Elastic Load Balancer with EC2 instances in a few availability zones (with the ability to create new instances in other availability zones in response to outages), multi-AZ RDS database servers, and S3 backups to multiple AZ's.
What I'm looking for is ideas for taking this setup and expanding it to multiple geographical regions, using only AWS services. Would you have multiple stacks and use Route 53 DNS to route users to different regions? How would you keep databases in sync across regions? Would you use one region as a primary and periodically back up to