The contract to which you refer is entirely inferred, is it not? Amazon claims the AZ's should be independent[1]:
Each availability zone runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Common points of failures like generators and cooling equipment are not shared across Availability Zones. Additionally, they are physically separate, such that even extremely uncommon disasters such as fires, tornados or flooding would only affect a single Availability Zone.
Yet what Amazon guarantees, by way of their SLA, is only 99.95% for a region[2,3]:
The Amazon EC2 SLA guarantees 99.95% availability of the service within a Region over a trailing 365 day period.
Ah - sorry! I don't mean a legal contract, I mean more of a technical contract. e.g. "I won't pass a null pointer" style contract.
In fact, the first bit you quoted provides an even stricter technical contract than the one on the main EC2 page - it states some degree of natural disaster tolerance, heavily suggesting separate datacenters (not just different floors). Thanks for pointing that out.
Whatever the common point of failure turns out to be, it does seem to have been shared across AZs, in violation of their FAQ.
Each availability zone runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. Common points of failures like generators and cooling equipment are not shared across Availability Zones. Additionally, they are physically separate, such that even extremely uncommon disasters such as fires, tornados or flooding would only affect a single Availability Zone.
Yet what Amazon guarantees, by way of their SLA, is only 99.95% for a region[2,3]:
The Amazon EC2 SLA guarantees 99.95% availability of the service within a Region over a trailing 365 day period.
[1] http://aws.amazon.com/ec2/faqs/#How_isolated_are_Availabilit...
[2] http://aws.amazon.com/ec2/faqs/#What_does_your_Amazon_EC2_Se...
[3] Of course, they're not even meeting that right now. :-(