Best PracticesVendorsAWSCIO Insights

Migration to AWS: A Foundation for Enterprise Transformation

To realize the maximum benefits of moving to AWS, you need to build a solid enterprise foundation and accelerate the migration journey.

This entry is part 1 of 3 in the series Managing Cloud Migration Projects

To realize the maximum benefits of moving to AWS, you need to build a solid enterprise foundation and accelerate the migration journey.

In this session, learn techniques such as: planning and implementing a landing zone, executing migrations with a migration factory, and iterating toward modern application architectures.

Mr. Paras Bhuva, Tech Lead for AWS migration specialist, who has also worked with enterprises such as the united health group, Anthem, Humana, and other customers, provided a detailed view about migration to AWS that is a foundation for enterprise transformation.

He discussed in the video about the Migration to AWS, how users set up the right foundation for enterprise transformation. His video is about the migration methodology, landing zone, and Migration Factory for accelerating the pace of user migration to AWS.

Continuing at 2:37, Mr. Bhuva discusses the question: Why are migrations the foundation for transformation? And explained through statistics to have more innovation, the fast movement to keep up all-new startups that are coming in for completion because of the average lifespan of an S&P company has gone down to only 15 years, 2/3 of the IT budget goes towards keeping the lights on, and 66% of the CEOs still believe there is a security risk because of unavailability of innovation and quick movement. 

He has discussed some of the proven business values of migrating to AWS that includes 31% infrastructure cost savings, 62% IT staff productivity boost, 94% application downtime reduction, and 3x more features delivered per year.

One word comes up; if you had the downtime, it could take a long time and a lot of resources to come up with that has gone down to 94% because of the way you can now architect on Aws, the multi secure architectures, multi-region architectures, all the fault Lawrence that has built with these architectures has become more comfortable because of taking away undifferentiated heavy lifting of even managing EC two instances.

Customers and companies are making progress and leading the way based on the features and services that they provide to their customers. The development velocity that AWS provides, with three x more features, which tells about the aims of the experiment a lot more than one can have in the past.

Elements of a Successful journey

Some of the elements of a successful journey that can be used by different organizations to succeed are discussed in this video:

  1. Executive Sponsorship: this includes aligning of all requirements and brings different stakeholder with you to achieve because of massive migration and company-wide transformation will not happen until the time user have support from the top, the results in a very likely higher chance of succeeding. 
  2. Cloud-First strategy: Create vision; incentivize team members to follow your lead.
  3. Organizational Change: Define new operating models, policies, processes, economics: provide training.
  4. Adoption Roadmap: Start small and iterate, measure, manage and update Plan,
  5. Cloud Center of Excellence: Provide centralized expertise: guide decentralized innovations
  6. Principles and standards: Publish guidance and guard rails for how to adopt Cloud successfully.
  7. Experiment: Define architectures, patterns, governance; measure, monitor, iterate.

Migration journey

At 6:08 he elaborated migration journey and its look that includes: 

  1. Business case: Different thoughts of users are pointed like how much am I going to pay once I am there? What are my savings? What do I have, and how do I move it right, so you have to prepare first for the migration right. One has to build it after aligning the entire thing. It is undoubtedly right about the base your TCD have on utilization rather than an allocation, which results in a lot of savings. Other factors of saving money include, like optimizing cost using serverless going from a monologist or microservice model, oracle,  aurora, a commercial platform, data warehouse platform rush shift, etc. 
  2. Portfolio discovery and Planning: Customers always come across a company that has an up to date CMDB because of incomplete information and trust issues, which is why customers need to do a portfolio discovery and analysis.
  3.  Migrate using a factory approach: Afterwards  the most wanted need of customers is setting up this factory approach.
  4. Operate and Optimize: It is just not about operating in the Cloud but making sure that the user is continuously optimizing for every aspect of their cloud usage of the IT  the infrastructure of their business. It is about making sure regarding optimization for security, compliance, and all the other hosts.

Landing zone

He gave an example of an airport through which he tries to explain the scenario of AWS migration. Like, think if someone is responsible for running an airport in a thriving metropolis and so being an architect, he has to build a massive airport that can support international flights, hundreds of domestic flights every day. He will be aware of each single minute detail of expensive infrastructure, includes passengers, workers, baggage, customs, immigration, etc. because he wants it running on a peak capacity.  

This same scenario applies to AWS. The client needs to think who has access to what, how does traffic flow from his arms frame rate center to AWS, etc. in a big model, in short, he needs to know about everyone and everything which is doing what. 

Account Models

At 10:31, he stated that some customers might start with one account. In comparison, some have multiple accounts or an organization with various teams when one account is not enough because accidentally mistakes are made of deleting files, etc. if many things are installed or added.

The solution has isolation by separation with no spinning that is an account with a distinct level that can also be managed through specific security or compliance controls of the company along with different business processes. If a bad actor steps in the report, it can be shut, but if a bad actor steps in the main account, then there is an issue.

Isolation can also be got through billing that would be less in a separate account because as there are no fees of creating accounts but have to pay with the start of initiating resources. Separation limits all the problems.


Primary goals of building a massive piece of this infrastructure:

  1. Automated
  2. Scalable 
  3. Self Service 
  4. Guardrails not blockers 
  5. Auditable 
  6. Flexible

Building a landing zone

He, in this video, explained the infrastructure that one should make for the migration, optimization landing zone of the customers. He recommended starting with business needs and requirements. Then figure out about the account structure, network, its core services and their connection with domains, the security of logging, configuration and image, etc., which must be updated with the latest security software.

Think of access and identity solution, of federation and access to users by providing it to app teams for building applications of AWS, along with catalog or approved list of software AWS for automation. In the end, look at the factors of its deployment.

Recommended AWS multi-account framework

Foundational OUs are taken care of by two teams’ security and infrastructure team. This framework includes log achieve, shared services, networks, security tooling, sec read-only, sec break glass, etc. This is all done to make infrastructure more secure. Other OUs are sandbox, Workload, Policy staging, Suspended, Individual business users, exceptions, and deployment.

Migration using a factory approach

He discusses phases for migration using the factory approach. Portfolio assessment in which initiation, discovery, analyzation, and Planning is for smooth movement and fulfills needs. The movement of the backlog is from design, migration, integration, and validation with repeatable assets. Operations and optimization are done through cutover apps.

Critical Roles of migration factory

The critical roles of members of Executive Sponsor, Migration Program Manager are discussed in the video by Mr. Paras Bhuva are:

  1. Migration Factory: Portfolio Leads, Migration Leads.
  2. Cloud applications: App owners, support teams.
  3. AWS Foundation: Cloud platform team, Cloud  security team, cloud operations team.

At 27:30, he stated Seven R’s of Migration that includes Refactor, Re platform, Repurchase, Rehost, Relocate, Retain or Retire and AWS Migration tools Assessment phase, Readiness, and Planning phase, Migration phase.

Setting up a migration factory

Set up a Migration tiger team with Cross-functional representation. Establish a cloud adoption road map, create foundational standards.

  • Create a migration trigger team through cross-functional representation, establishing a cloud adoption roadmap, and creating fundamental rules.
  • Seed the migration backlog with pilot applications, application portfolio discovery, and through Planning, and prioritizing.
  • Define app migration by defining the approach, methodology, operational model, and process.
  • Run migration factory in an agile manner by Executing or Migrating, daily standups, weekly sprint
  • Continuous Improvement is seen through Streamline and optimization, elimination of technical debt, Increase in migration velocity.

He has given an example of the results fender dealer portal modernization that has done customization in 41 regions, with ten currencies, eight languages, and 2 ERP systems.

They eliminated hardware purchasing and maintenance with site performance of 50% page load time improvement due to which their customer satisfaction and orders went up significantly. They are paying 51 cents for ten plus lambda functions in production that are very cost-effective.

Their truly modern architecture built by them contains a bunch of lambda functions, using SAS, elastic, chase, etc. The other architecture of web applications scale across millions of concurrent users based on the needs and manages infrastructure. 

Rajiv Cyrus: Voice of customer

Rajiv Cyrus of UHG tells about the challenges that they face as large enterprises with adopting public clouds and Amazon. He is having a pretty big company with 3,000 employees, 40,000 software engineers; hence the only optum has 121 million consumers. 

At 38:30, he has broken his talk into two parts. One is Cloud transformation that includes enterprise-wide changes that they acquire organically. It requires pulling together diverse groups of leaders and stakeholders to work together on a shared vision and goal.

Strategic elements

Without support from the top, a cloud migration effort will likely not succeed, 

  • Leadership support includes Identification of parameters that when to migrate, while not in need of evacuating data centers, and only those migrate who can go lines of  business and companies who were demanding a full environment. Expectations are also, a part of it in which first-wave only applications and teams that could help advancement in the framework. “Cloud bar” set very    high. 
  • Vision will guide Plan, at optimum, needed by a system to allow public cloud-native capabilities in a safe, secure way as; Cloud-native, flexibility, modern, everything as code, community involvement. 
  • He discussed a strategy for stakeholders to work with key groups to hone through which the vision sets; the security standard was established for private data center needs, use of enormous pressure to public clouds. Some team’s desires do not fit with the vision of having a strong desire to level up the application teams to be cloud-ready, modernize application stack.
  • Plan is the first milestone was about organizational change, in which accountability and the definition of done is determined by working with the stakeholders. Refactor security standards from private cloud focus to public cloud focus, establish and communicate the intake process to stem the side of rogue cloud usage, set foundations for a community of practice to help accelerate adoption. 


Iterations are done in which a valuable decision is to set everything as a concise and logical code by putting it in SCM or GitHub. From the start, when everything is automated, advantages begin that include security endorsements, governance processes, monitoring controls, etc. The environment can easily be understood when all infrastructure is codified can be applied to security controls against configuration. Do not fixate on the process, cycle through stages when needed as Leadership support, vision, Stakeholders, Plan. 

Accelerate to the Cloud by building an acceleration framework to embody principles that enable teams to deliver value safely, quickly and sustainably in the Cloud. This is done through the intake process, configuration validation, security baseline, Reusable patterns, Safe experimentation. 

The intake process is a scientific workflow that teams must follow to obtain a production account. It presents a complete cloud architecture plan by using a library pattern and also endorsed by the security system. It demonstrates the ability to manage the environment has the ability to use IAC principles and can react to security incidents endorsed while monitoring situations and applications.  

DCE: Disposable Cloud Environment has used a sandbox to develop and test cloud application environments instead of an actual production like account results in Transient developer accounts at scale, instant access, financial protection, weekly reset protection, Account lifecycle management and out of box tools and resources. 

Accelerator Launchpad in which each cloud account comes with security controls baked into ensuring the security compliance while allowing application teams, the freedom to use as much AWS as they desire. 

He appreciated his team, which is good at infrastructure automation, giving a lift to business teams, mitigating risks, delivering compliance, and enabling operations. UGH, apps, and services include controls, configuration, and logging and network baselines.

Accelerator inner source includes infrastructure as code, having 200+ modules, 100% tested, contributions from hundreds of developers, pre-security endorsed and can give shape to a best infrastructure. 

Accelerator Augmentation and education helps product teams to accelerate their journey to the Cloud by advising organizations towards good outcomes as an introduction and onboarding, education and training, vendor partnerships, coaching, and advisory, community network, inner source. 


Automate: Save 70% or more through automating operation and deployment and reduce operating and maintenance labor 3 million automated configuration changes in 2019.

Optimize: Save 40% or more through automated scaling, and eliminate unused capacity. 

Modernize: Save 90% or more with modern platforms and architecture and replace per-server costs with per-member costs cloud usage doubling every six months hundreds of AWS accounts. 


  1. Executive Sponsorship is critical for large scale migration and transformations. 
  2. Building an AWS landing zone to allow for scale, experimentation and innovation. 
  3. Building a migration factory early, drive repeatability, automate, and continuously optimize.  
Series NavigationNasdaq: Moving mission-critical, low-latency workloads to AWS >>

Leave a Reply

Back to top button