How JediHill Migrated 214 VMware VMs to AWS Sydney in 4 Months — A Fintech Case Study

When VMware Licensing Becomes a Business Risk

For many enterprises, the true cost of staying on VMware only becomes visible when the renewal invoice arrives. For FinLync — a global fintech company powering financial data integration for banks and financial institutions across Asia-Pacific — that moment arrived at exactly the wrong time.

With over 200 engineers scaling a complex financial platform, FinLync was running 202 VMware ESXi virtual machines alongside 12 VMs on Alibaba Cloud. Rising licensing costs, limited elasticity, and a fragmented two-cloud infrastructure were quietly eroding their engineering velocity and cost predictability.

They needed to move. They needed to move fast. And they needed to do it without disrupting a platform that financial institutions depended on daily.

JediHill was engaged to make it happen.

The Migration Blueprint: Lift & Shift to AWS Sydney

Before a single VM was moved, JediHill conducted an AWS Optimization and Licensing Assessment (OLA) — a comprehensive analysis of FinLync's VMware estate, workload utilisation, and infrastructure sizing. The OLA produced a detailed Total Cost of Ownership model that showed AWS would reduce infrastructure costs by 30–35% while delivering superior scalability and operational resilience.

With the business case validated and AWS Migration Acceleration Program (MAP) funding secured, the full migration scope was confirmed: 214 virtual machines, targeting AWS ap-southeast-2 (Sydney) across three Availability Zones.

The approach: Lift & Shift, executed with precision.

The Architecture: Built for a Regulated Financial Platform

The target AWS architecture was designed with four priorities: security, resilience, operational observability, and a clear path to modernisation. Here's how it came together.

Migration Layer

Live replication of VMware workloads was handled by AWS Application Migration Service (MGN), enabling continuous block-level replication with minimal downtime. Connectivity between on-premises and AWS was established via AWS Direct Connect and VPN Gateway, with Amazon CloudFront accelerating content delivery for distributed users. Amazon Route 53 managed DNS migration.

Networking & Security Perimeter

Inside the VPC, traffic flows through AWS WAF for web application protection, NAT Gateway (×5) for outbound private subnet traffic, and an Internet Gateway for public-facing services. Amazon Cognito handles user authentication at the application layer. AWS KMS (CMK) manages encryption key lifecycle, with AWS CloudTrail and Amazon CloudWatch providing full audit trails and real-time observability.

Compute — EC2 Lift & Shift

The 136 VMware VMs were re-hosted as:

• EC2 Linux Fleet (71 VMs) — Monitoring & Util servers, Batch Workers, Web & API Servers

• EC2 Windows Fleet (65 VMs) — Application Servers, Active Directory, Finance & Reporting systems, Windows App Servers

  
  

All compute runs in Private Subnets, fronted by Application Load Balancer and Network Load Balancer in Public Subnets for controlled inbound traffic.

Compute — Kubernetes Modernisation

Alongside the EC2 migration, containerised workloads were moved into an Amazon EKS Cluster with dedicated node groups: Data Workers, Infrastructure Workers, App Workers, and EKS Control Plane — laying the groundwork for future cloud-native evolution.

Data & Storage Layer

The migration preserved full data integrity across a multi-service storage architecture:

• Aurora PostgreSQL — primary relational database

• RDS SQL Server Multi-AZ — high-availability Windows SQL workloads

• ElastiCache Redis — in-memory caching for real-time financial data

• EFS Shared File System — shared storage across compute workloads

• FSx for Windows — native Windows file services for Active Directory-integrated workloads

• Amazon S3 — backup and archival storage

  
  

AI/ML Foundation

An Amazon SageMaker environment was provisioned as part of the architecture, positioning FinLync for future AI-driven financial analytics workloads — a capability that would have been complex to build on their previous VMware infrastructure.

The Results

Beyond the numbers, FinLync gained something harder to quantify: predictable infrastructure costs, elastic scaling for transaction volume spikes, and a modern, auditable security posture that meets the compliance expectations of their banking customers.

What Made This Migration Work

1. OLA before everything. The AWS Optimization and Licensing Assessment turned an abstract cost conversation into a board-ready business case. Without quantified TCO data, large-scale migration projects stall. With it, FinLync moved from assessment to approved project in weeks.

2. Direct Connect from day one. Establishing dedicated network connectivity before beginning replication eliminated bandwidth uncertainty and gave the team confidence in cutover timelines for production financial workloads.

3. Architecture for what comes next. The EKS cluster, SageMaker environment, and Aurora PostgreSQL layer weren't just migration targets — they were foundations for FinLync's next phase of modernisation. A lift-and-shift that also leaves the door open for cloud-native evolution.

Thinking About Your VMware Environment?

With VMware licensing costs continuing to rise post-Broadcom acquisition, more enterprises are actively evaluating AWS as their long-term infrastructure platform. JediHill specialises in making that transition structured, funded, and low-risk — from OLA assessment through to production cutover.

📩 Talk to our migration team: www.jedihillatlas.com | hello@jedihillatlas.com