We get asked this question fairly often now: our business runs on Azure, but we want to move to AWS. Can you help? The technical answer is always yes. The more interesting question is whether the business has thought through what a compliant migration actually looks like — particularly if they're subject to APRA oversight.
This post is aimed at financial services firms, superannuation administrators, and insurers in Adelaide and South Australia thinking about an Azure-to-AWS migration. If you're not in a regulated industry, most of this still applies, but the stakes are lower.
Why businesses migrate from Azure to AWS
The most common reasons we see:
- Cost. AWS's pricing model often works out cheaper for certain workloads, particularly compute-heavy or storage-intensive ones. Businesses that built their Azure environment without much cost discipline sometimes find a fresh start on AWS, with proper tagging and reserved instances, materially cheaper.
- Ecosystem fit. If your engineering team has stronger AWS experience, or your tooling (data pipelines, ML infrastructure, third-party integrations) is built around AWS services, staying on Azure is friction.
- Vendor relationship. Sometimes it's as simple as a contract negotiation that went better with AWS.
What it's almost never about: Azure being technically inferior for the use case. Both platforms are capable. The decision is usually commercial or operational.
What APRA actually requires
APRA doesn't tell you which cloud to use. What it does require, primarily through CPS 234 (Information Security) and SPS 231 (Outsourcing), is that you:
- Maintain information security capability commensurate with your risk profile throughout any material change to your IT environment
- Notify APRA of material outsourcing arrangements (and a cloud migration qualifies)
- Ensure your data remains accessible and recoverable at all points in the process
- Keep your board and senior management informed of material information security risks
The migration window is where most compliance gaps happen. Businesses get focused on the technical cutover and leave documentation, notification timelines, and security control continuity as afterthoughts.
The data residency question
Both Azure and AWS have Australian data centres — Azure in Melbourne and Sydney, AWS in Sydney (ap-southeast-2) and Melbourne (ap-southeast-4, launched 2023). So residency itself isn't the barrier it once was.
The issue is what happens during transit. When you're moving data between platforms, does it leave Australia? With a poorly planned migration using generic tooling, it can. A proper migration plan specifies the transfer path explicitly and documents that data stayed within Australian jurisdiction throughout. That documentation is what your auditors will ask for.
What a compliant Azure-to-AWS migration looks like in practice
Before you start:
- Map every workload and classify it by sensitivity and regulatory status
- Identify which workloads trigger APRA notification requirements
- Document your current security controls so you have a baseline to maintain
- Notify APRA of the material outsourcing change (timing requirements vary by licence type)
During migration:
- Use a phased approach — don't migrate everything at once. Run parallel environments so you can fall back without a gap in service.
- Verify AWS region settings explicitly at the resource level. "Sydney region" by default doesn't guarantee every service stays in Sydney; some AWS services are global by nature and need specific configuration.
- Keep your audit trail continuous. Log access and changes in both environments during the transition period.
After cutover:
- Decommission Azure resources in a documented sequence, not ad hoc
- Update your security policies and incident response plan to reflect the new environment
- Test your backup recovery procedure in AWS before you consider the migration complete
- Brief your board on the completed change and the security posture of the new environment
What to look for in an Adelaide cloud migration partner
The search queries that land businesses on this page are usually people trying to figure out who they can trust with this. Reasonable question. A few things worth checking:
They understand APRA, not just AWS. A technically strong cloud engineer who hasn't worked with regulated financial services clients will get the AWS part right and miss the compliance documentation that your auditors need. Ask specifically: have you migrated workloads for APRA-regulated entities before? What did you produce for their regulatory reporting?
They plan the migration in writing before touching anything. A migration plan that exists only in someone's head is a compliance risk. You want a written migration plan that covers workload sequencing, data transfer paths, security control continuity, rollback procedures, and the notification timeline. If a partner can't produce that as a deliverable, look elsewhere.
They're local enough to be accountable. Not a hard requirement, but for regulated businesses, having your migration partner in the same timezone and reachable by phone matters. If something goes wrong at 11pm during a cutover, you want someone you can call.
Timeline and cost expectations
For a mid-sized Adelaide financial services business (say, 50-200 staff, a mix of SaaS and internally hosted workloads), a compliant Azure-to-AWS migration typically takes 10-16 weeks from scoping to decommission of the last Azure resource. The phased approach adds time compared to a lift-and-shift, but the compliance benefits and the reduced risk of service disruption justify it.
Cost varies significantly by complexity. What we can say: the cost of a poorly planned migration that creates a CPS 234 gap, triggers an APRA review, or results in a data incident during transit will exceed the cost of doing it properly the first time.
Where we fit
We're an Adelaide-based consultancy that handles cloud migration and infrastructure work for South Australian businesses, including financial services firms and organisations with APRA-regulated workloads. Our cloud consulting service covers the full Azure-to-AWS migration lifecycle, including compliance documentation and post-migration security review.
If you're in the early stages of evaluating whether to move, get in touch. We can usually tell you within an hour whether your situation is straightforward or complicated, and what a realistic timeline and cost looks like. No pitch deck, no obligation.
For broader context on what good cloud cost management looks like after migration, our post on cloud cost optimisation for small businesses is worth reading alongside this one.
