Lift and Shift Migration from Microsoft Azure to AWS

The customer is a European leading technology company operating as a Software-as-a-Service (SaaS) platform focused on artificial intelligence–driven solutions. Its platform enables organizations to consume and integrate advanced AI capabilities, leveraging data processing and large language models as part of their business processes. Given the nature of its offering, the customer’s workloads are business-critical and require high standards of availability, security, scalability, and operational efficiency.

Customer Context and Business Challenge

At the start of the engagement, the customer’s core production workloads were running on Microsoft Azure. While the platform was operational, the existing setup did not meet the customer’s objectives for infrastructure modernization and alignment with Well-Architected best practices.

In particular, the environment was not based on a Kubernetes architecture and did not leverage managed cloud services, which limited the ability to standardize deployments, improve operational maturity, and address the risks identified during the Well-Architected Review.

From an operational and governance perspective, the environment was implemented using a single-account model, which constrained isolation, governance, and scalability as the platform evolved. Findings from the Well-Architected Review identified multiple High and Medium Risk Items, particularly across the Operational Excellence and Security pillars, indicating gaps in areas such as workload standardization, observability, and security controls.

From a business perspective, these technical and operational limitations represented both immediate and long-term risks. Without modernizing its infrastructure and aligning it with cloud-native and Well-Architected best practices, the customer risked increased operational overhead, reduced platform reliability, and slower delivery of new capabilities as customer adoption grew.

Additionally, the customer identified a strategic objective to enable future commercialization of its services through AWS Marketplace. Achieving this objective required first establishing a secure, scalable, and well-architected AWS foundation that supports standardized operations and compliance with AWS best practices.

In this context, the customer engaged Teracloud to support a migration and modernization initiative with the goal of transitioning workloads from Azure to AWS, modernizing the infrastructure through the adoption of Kubernetes and managed AWS services, and aligning the platform with the AWS Well-Architected Framework. This initiative was designed to reduce operational risk, improve platform resilience, and establish a cloud foundation capable of supporting both current service demands and future business growth.

Migration Strategy and Replatform Approach

Based on the customer’s business and technical objectives, a combined migration and modernization strategy was defined for this engagement. The primary goal was to migrate existing workloads from Microsoft Azure to AWS while simultaneously modernizing the application platform to leverage cloud-native services and improve scalability, security, and operational efficiency.

As part of the planning phase, multiple migration strategies within the AWS 7Rs framework were evaluated, including rehost, replatform, and refactor. A replatform (lift, tinker, and shift) approach was selected as the most appropriate strategy, enabling the customer to modernize its application architecture by adopting managed AWS services—such as Amazon EKS—without requiring a full application rewrite.

This approach allowed the customer to achieve faster time to value while reducing migration risk, preserving core application functionality, and establishing a modern, scalable foundation on AWS. The migration and modernization activities were executed in a coordinated manner, ensuring business continuity while enabling the adoption of AWS-native operational and security best practices.

As a first step, a technical and operational discovery process was conducted to assess the customer’s infrastructure, workloads, and operational processes. For this purpose, Teracloud applied a standardized and repeatable methodology that combines an automated assessment tool (CloudFit) with structured discovery workshops. CloudFit leverages a custom lens built on the AWS Well-Architected Tool, developed by Teracloud and aligned with the AWS Well-Architected Framework. This approach provided a consistent mechanism to evaluate workloads across multiple architectural dimensions, enabling an objective assessment of current-state practices related to architecture, operations, security, and performance.

This discovery process made it possible to establish a clear baseline of the existing workloads, identify operational risks, and highlight improvement opportunities relevant to the migration and modernization strategy. The findings were further complemented with information gathered during the project scoping phase and formally documented in the Statement of Work (SoW).

Customer Goals and Objectives

Based on the assessment outcomes and the findings of the Well-Architected Review, the customer and Teracloud defined a set of clear business and technical objectives to guide the migration and modernization initiative. These objectives were established by working backwards from the desired operational maturity and the platform’s long-term growth strategy.

The primary objectives of the engagement were to:

Modernize the infrastructure by transitioning to a Kubernetes-based architecture, enabling standardized deployments, improved scalability, and operational consistency.
Adopt managed AWS services, including Amazon Aurora, to improve database reliability, performance, and operational efficiency.
Align the platform with AWS Well-Architected best practices, addressing the High and Medium Risk Items identified during the Well-Architected Review, particularly across the Operational Excellence and Security pillars.
Establish a governed AWS foundation that supports scalable operations, improved observability, and consistent security controls.

In addition to these primary goals, a secondary goal was defined, a forward-looking objective to prepare the platform and operational practices to support future commercialization through AWS Marketplace, once the infrastructure and governance model are fully aligned with AWS best practices.

Migration Strategy Selection

To achieve these objectives, a replatform migration strategy was selected as the most appropriate approach within the AWS 7Rs framework.

The existing environment running on Microsoft Azure provided a functional application baseline; however, achieving the desired outcomes required introducing architectural and operational improvements rather than performing a direct lift and shift. A full refactor was intentionally excluded, as it would have introduced unnecessary complexity, extended project timelines, and increased delivery risk without being required to meet the stated objectives.

The replatform strategy enabled the customer to:

Migrate workloads from Azure to AWS while preserving core application functionality.
Introduce Kubernetes (Amazon EKS) as the standard execution environment.
Replace self-managed or non-optimized components with AWS managed services, such as Amazon Aurora.
Improve operational maturity and security posture without rewriting application code.

By adopting this replatform approach, the customer was able to modernize its infrastructure and operational model while maintaining business continuity. This strategy established a scalable and well-architected AWS foundation that supports current platform needs and positions the company to pursue future growth initiatives, including distribution through AWS Marketplace.

Execution Overview

Teracloud executed a structured replatform approach to migrate core production workloads from Microsoft Azure to Amazon Web Services (AWS). The execution focused on modernizing the platform’s operational foundation—specifically through the adoption of Kubernetes and AWS managed services—while preserving the existing application business logic to minimize risk and avoid unnecessary disruption.

The migration strategy was designed to be executed in a controlled and structured manner, minimizing operational risk while enabling measurable improvements aligned with the objectives defined during the assessment phase.

Key elements of the execution approach included:

A technical discovery and assessment phase, leveraging the CloudFit report and Well-Architected Review findings to establish a clear baseline of the existing environment and to prioritize remediation actions.
Definition of a target AWS architecture aligned with AWS Well-Architected principles, with a focus on scalability, security, reliability, and operational excellence.
Incremental implementation of Kubernetes-based workloads and AWS managed services to reduce migration risk and ensure platform stability throughout the transition.
Validation activities conducted after each major implementation step to confirm functional correctness, performance, and operational readiness prior to moving forward.

The execution leveraged a standardized AWS foundation, incorporating governed account structures, networking, and security controls aligned with AWS best practices. Where applicable, managed AWS services were adopted to reduce operational overhead, improve observability, and strengthen the platform’s overall reliability and security posture.

The solution was designed and implemented following AWS best practices, with a clear emphasis on achieving measurable business and technical outcomes, which are reflected in the Key Performance Indicators (KPIs) described in the following section.

Organizational Diagram

This design contemplates the creation of the production account designated for this migration and is capable of evolving alongside the company’s growth in the cloud, by adding organizational units with their own accounts and shared accounts.

Architecture Diagram

Scope of Migrated Workloads

The scope of this engagement included the migration and modernization of the customer’s core application platform and supporting services from Microsoft Azure to AWS. The workloads included in scope are represented in the architecture diagram below and comprise the application runtime, container orchestration layer, databases, networking components, and supporting services required for production and non-production environments.

All components depicted in the architecture diagram were part of the project scope and were migrated and modernized as part of this engagement. The diagram reflects the target AWS architecture under which the workloads operate in production following the completion of the migration and modernization activities.

Key Technologies Implemented

Key Performance Indicators

To demonstrate the success of the migration and its direct impact on the customer’s business and operational objectives, Teracloud defined and measured the following Key Performance Indicators (KPIs).

These KPIs were selected to reflect the primary goals of the engagement: infrastructure modernization, improvement of the Well-Architected posture, and establishment of a scalable and governed AWS foundation.

KPI #1 — Improvement of Well-Architected Posture (Operational Excellence & Security)

Objective

Improve the infrastructure alignment with the AWS Well-Architected Framework, specifically addressing the Operational Excellence and Security pillars High Risk Items (HRIs) and Medium Risk Items (MRIs) identified during the assessment phase.

The focus on these two pillars was intentional, as the identified non-compliant items were concentrated in Operational Excellence and Security, and directly impacted one of the primary objectives of the engagement: modernizing the infrastructure and improving operational maturity.

Baseline (Pre-Migration)

At the start of the engagement, production workloads were running on Microsoft Azure. A Well-Architected Review conducted during the assessment phase (CloudFit report) identified multiple infrastructure and operational risks that could not be fully addressed within the existing environment.

Identified risks before migration:

High Risk Items (HRIs): 6
Medium Risk Items (MRIs): 5
Total risk items: 11

Pillars impacted

Operational Excellence Pillar

Lack of standardized deployment mechanisms.
Limited operational automation and observability.
Inconsistent operational practices across environments.

Security Pillar

Gaps in identity and access management.
Limited centralized logging and security monitoring.
Inconsistent enforcement of security baselines.

Estimated baseline alignment with Well-Architected best practices: ~45% (5 of 11 items fully or partially addressed).

Target

Remediate all infrastructure and platform-level HRIs and MRIs within the scope of the migration.
Achieve at least 80% alignment with the AWS Well-Architected Framework for the Operational Excellence and Security pillars post-migration.

Actual Result (Post-Migration)

Following the migration from Azure to AWS and the adoption of a replatform strategy, the customer implemented Amazon EKS, Amazon Aurora, and AWS-native security and operational services.

Post-migration results

HRIs remaining: 0
MRIs remaining: 1

The remaining MRI was classified as an application-level improvement, explicitly out of scope for the replatform engagement.

Resolved risks by pillar

Operational Excellence: 6 of 6 items resolved.
Security: 4 of 5 items resolved.

Estimated post-migration alignment: ~91% (10 of 11 items addressed).

Measurement Methodology

Comparison of Well-Architected Review findings before and after migration.
Mapping of each identified HRI and MRI to specific remediation actions implemented on AWS.
Explicit exclusion of application-level risks from post-migration calculations when out of scope.

Business Impact

Significant reduction of operational and security risk.
Improved operational maturity, observability, and governance.
A stable, well-architected platform capable of supporting future growth.

KPI #2 — Infrastructure Modernization and Platform Standardization

Objective

Modernize the customer’s infrastructure by transitioning from a Docker-based environment on Microsoft Azure to a Kubernetes-based platform on AWS, and by replacing existing database services with AWS managed database offerings.

The objective was to enable standardized deployments, improved scalability, operational consistency, and enhanced database reliability and performance, in alignment with the platform’s modernization roadmap.

Baseline (Pre-Migration)

Prior to the migration, workloads were operating on Microsoft Azure with the following characteristics:

Workloads running on Azure without a Kubernetes-based execution environment.
Containerized applications deployed without a centralized orchestration platform.
Databases running on:
- Microsoft SQL Server databases.
- Azure Database for PostgreSQL.
Limited ability to standardize deployment processes and operational practices across environments.
Higher operational effort due to non-unified infrastructure patterns.

Baseline status

0% of workloads running on Kubernetes.
0% of workloads using AWS managed compute or database services.

Target

Migrate all production workloads from Azure to AWS using a replatform strategy.
Implement Amazon EKS as the standard execution environment for application workloads.
Adopt Amazon Aurora (PostgreSQL-compatible) for PostgreSQL databases.
Adopt Amazon RDS for SQL Server for Microsoft SQL Server databases.
Ensure all migrated workloads operate under standardized deployment, monitoring, and operational practices.

Actual Result (Post-Migration)

Following the execution of the migration and modernization initiative:

100% of identified production workloads were migrated from Azure to AWS.
Amazon EKS was successfully implemented as the standard Kubernetes platform for all application workloads.
Amazon Aurora (PostgreSQL-compatible) was adopted for PostgreSQL databases.
Amazon RDS for SQL Server was implemented for Microsoft SQL Server workloads.
Standardized deployment, monitoring, and operational practices were established across the platform.

Modernization status

100% of targeted workloads running on Kubernetes (Amazon EKS).
100% of targeted databases running on AWS managed database services.

Measurement Methodology

Validation of migrated workloads against the Statement of Work (SoW).
Verification of Kubernetes-based execution through Amazon EKS cluster configuration and workload deployment.
Confirmation of database modernization through:
- Amazon Aurora PostgreSQL instances.
- Amazon RDS for SQL Server instances.
Operational validation through runtime checks, monitoring configuration, and post-migration verification.

Business Impact

Improved scalability and reliability through Kubernetes and managed database services.
Reduced operational overhead by eliminating self-managed infrastructure components.
Consistent and standardized operational model aligned with AWS Well-Architected best practices.
A modern AWS platform foundation aligned with the customer’s current technical roadmap.

KPI Summary

Together, these KPIs provide concrete evidence that the engagement delivered meaningful business and operational value. The customer transitioned from a fragmented cloud environment to a modern, standardized, and well-architected AWS platform, establishing a strong foundation for future growth, operational maturity, and eventual commercialization through AWS Marketplace.

Business and Operational Outcomes

Through the migration and modernization of the customer’s platform from Microsoft Azure to AWS, the customer achieved meaningful business and operational outcomes aligned with its growth strategy. By adopting a Kubernetes-based architecture on Amazon EKS and leveraging AWS managed services, the customer improved its ability to scale applications efficiently while reducing the operational burden associated with managing underlying infrastructure.

The modernization of the platform enhanced operational consistency and observability, enabling faster issue resolution and more predictable deployments. In parallel, the adoption of AWS-native security services and governance controls strengthened the platform’s security posture and reduced operational risk.

As a result, the customer established a modern, scalable, and well-governed AWS foundation that supports current production workloads and enables future initiatives, including increased automation and commercialization through AWS Marketplace.

Conclusion

Through a structured migration and replatform initiative to AWS, the customer successfully transformed a fragmented and risk-prone cloud environment into a modern, secure, and well-architected platform. By adopting Kubernetes, AWS managed services, and governance aligned with the AWS Well-Architected Framework, the customer significantly improved its security posture, operational maturity, and scalability. This new AWS foundation reduced operational risk and positioned the platform to support future growth initiatives and potential commercialization through AWS Marketplace.

Get in touch

Take your business to the next level.