AWS Route 53 provides a "Failover routing policy" which will normally route traffic to a primary endpoint, but will switch to a secondary endpoint if the primary endpoint is failing (according to a health check). Since this is done at the DNS level, I'm wondering if this "failover change" needs time to propagate over DNS servers across the world, similarly as other DNS changes require time to propagate?
Yes, the fixed TTL is either merely 60 seconds or fully configurable depending on the exact service you use though, so at most you'll only get maximum downtime for about a minute until the cache expires and your resolver sends a new query to AWS.