Microsoft Workloads on AWS

Introducing the AWS Well-Architected Microsoft Workloads Lens

In this blog post, we will introduce the AWS Well-Architected Microsoft Workloads Lens, a comprehensive framework designed to help you build and operate Microsoft-based systems on Amazon Web Services (AWS) with confidence.

Organizations continue to run Microsoft workloads on AWS to leverage the scalability, reliability, and innovation of the cloud while maintaining their investments in Microsoft technologies. Whether you’re running Windows Server, SQL Server, Active Directory (AD), .NET applications, or a combination of these, architecting these workloads correctly is crucial for success.

Why a Microsoft-specific lens?

The AWS Well-Architected Framework has long been the gold standard for evaluating cloud architectures across six pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. However, Microsoft workloads come with unique considerations—from licensing complexities and Active Directory integration to SQL Server high availability and .NET application modernization.

The Microsoft Workloads Lens extends the core Well-Architected Framework by incorporating best practices gleaned from thousands of customer implementations. AWS Solutions Architects have extensive experience architecting Microsoft solutions across diverse industries, and this lens captures that collective knowledge in a systematic, actionable format.

What’s inside the lens?

The Microsoft Workloads Lens provides a structured approach to evaluating your Microsoft architectures through real-world scenarios and pillar-specific best practices.

Six real-world scenarios

The lens addresses the most common challenges organizations face when running Microsoft workloads on AWS:

  1. Microsoft SQL Server migration: Whether you’re looking to lift-and-shift to Amazon Elastic Compute Cloud (Amazon EC2), re-platform to Amazon Relational Database Service (Amazon RDS) for SQL Server, or modernize to Amazon Aurora, the lens provides clear guidance on migration approaches, licensing considerations, and optimization strategies.
  2. .NET application modernization: Learn how to evolve from .NET Framework monoliths to cloud-native cross-platform .NET microservices, leveraging containers, serverless architectures, and modern development practices.
  3. Active Directory integration: Establish seamless identity management across hybrid environments using AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD), AD Connector, or self-managed Active Directory on Amazon EC2, with comprehensive guidance on trust relationships and single sign-on (SSO) implementation.
  4. Windows Server & File Services migration: Modernize file services using Amazon FSx for Windows File Server or Amazon FSx for NetApp ONTAP while maintaining NTFS permissions and Active Directory integration.
  5. Windows-Based infrastructure modernization: Navigate end-of-support scenarios and hardware refresh cycles with strategic migration approaches using AWS Application Migration Service (AWS MGN) and comprehensive automation.
  6. High Availability & Disaster Recovery: Design resilient architectures with Multi-AZ deployments, cross-region replication, and automated failover procedures that meet your Recovery Time Objective (RTO) and Recovery Point Objective (RPO) requirements.

Pillar-specific best practices

Each of the six Well-Architected pillars includes Microsoft-specific guidance:

Cost Optimization helps you maximize value through right-sizing, flexible licensing models (including bring your own license, or BYOL), managed services adoption, and strategic modernization. The lens covers everything from Windows EC2 optimization to SQL Server edition selection and containerization strategies.

Operational Excellence focuses on comprehensive observability using Microsoft Performance Counters, Windows Event Logs, and Application Performance Monitoring (APM) for .NET applications, combined with operational automation through Infrastructure as Code (IaC) and AWS Systems Manager.

Performance Efficiency guides you in selecting appropriate cloud resources, optimizing compute and storage solutions, and establishing performance measurement practices that ensure your Microsoft workloads run efficiently.

Reliability emphasizes designing for failure, implementing robust monitoring and incident response, and automating recovery procedures to maintain high availability for mission-critical Microsoft applications.

Security extends core security principles with Microsoft-specific configurations, identity integration patterns, and data protection strategies that leverage both Microsoft and AWS security capabilities.

Sustainability addresses efficient resource utilization and sustainability-driven architecture design, helping you minimize environmental impact while maintaining business effectiveness.

Key design principles

The lens establishes foundational design principles specifically for Microsoft workloads:

  • Assess holistically: Use tools like AWS Optimization and Licensing Assessment (AWS OLA) and Migration Evaluator (ME) to understand your current state before designing or migrating.
  • Define clear goals: Whether reducing licensing costs, improving availability, or enhancing security, let your objectives shape architectural decisions.
  • Leverage AWS native services: Reduce operational burden with managed offerings like Amazon RDS for SQL Server, Amazon FSx for Windows File Server, and AWS Managed Microsoft AD.
  • Optimize licensing and costs: Right-size resources, automate scheduling, and evaluate BYOL strategies to maximize value.
  • Design for resilience: Implement Multi-AZ deployments, SQL Server Always On, and regular disaster recovery testing.
  • Embrace modernization incrementally: Where feasible, adopt containers and serverless solutions to unlock agility and cost optimization.

How to use the lens

We designed the Microsoft Workloads Lens for architects, developers, and operations teams working with Microsoft technologies on AWS. You can:

  1. Conduct systematic reviews: Use the lens questions to evaluate your current Microsoft architecture and identify improvement areas.
  2. Access through the AWS Well-Architected Tool: Perform structured reviews and track remediation progress over time.
  3. Leverage hands-on labs: Explore practical implementations through AWS Well-Architected Labs.
  4. Engage with AWS Partners: Work with AWS Partner Network (APN) Partners who specialize in Microsoft workloads for expert guidance.

Incorporating agentic AI

AWS Solutions Architects have extensive experience in layering in agentic AI tooling and capabilities based on your workflows. Architecting Microsoft solutions using modern tooling and this lens is a powerful combination. For example, using AWS Transform for full-stack Windows modernization yields amazing results:

  • Thomson Reuters: used AWS agentic AI tooling to drive a 4X velocity boost in their modernization efforts — and continue to modernize 1.5 million lines of code every month — cutting application transformation time from months to just a two-week sprint.
  • Experian: saved 300 engineering days in one year with AWS AI tooling – enhancing engineering productivity.
  • CSL: drove 17 data center exits in 30 months — and accelerated Microsoft application discovery time by 12x for each application wave.

Real-world impact

Organizations using the Microsoft Workloads Lens best practices have achieved significant benefits:

  • Reduced licensing costs through strategic BYOL implementation and edition optimization.
  • Improved availability with Multi-AZ deployments and automated failover.
  • Enhanced security posture through integrated Microsoft and AWS security controls.
  • Faster modernization with clear migration paths and proven patterns.
  • Operational efficiency through automation and managed services adoption.

Getting started

The Microsoft Workloads Lens complements rather than replaces the core Well-Architected Framework. We recommend:

  1. Start with a general Well-Architected Framework Review to establish baseline cloud architecture principles.
  2. Apply the Microsoft Workloads Lens to address Microsoft-specific considerations.
  3. Prioritize improvements based on business impact and technical feasibility.
  4. Implement changes incrementally and measure the results.
  5. Conduct regular reviews as your workloads and AWS services evolve.

Conclusion

Running Microsoft workloads on AWS offers opportunities for innovation, cost optimization, and operational excellence. The AWS Well-Architected Microsoft Workloads Lens provides the structured guidance you need to make informed decisions and continuously improve your Microsoft-based architecture.

Whether you’re just beginning your cloud journey or optimizing existing workloads, this lens serves as your roadmap to success. It combines AWS’s deep cloud expertise with Microsoft-specific best practices, ensuring you can confidently architect, migrate, and operate Windows Server, SQL Server, Active Directory, .NET applications, and other Microsoft technologies on AWS.

Ready to get started? Access the Microsoft Workloads Lens through the AWS Prescriptive Guidance and the lens file or reach out to your AWS account team to learn more about conducting a Well-Architected Review for your Microsoft workloads.

Learn more

Luciano Bernardes

Luciano Bernardes

Luciano is a Senior Solutions Architect at Amazon Web Services (AWS), specializing in infrastructure migration and modernization. With over 19 years of infrastructure experience, he works with customers and consulting partners across the United States and Latin America.

Carlos Felicio

Carlos Felicio

Carlos is Senior Partner Technical Account Manager at AWS LATAM. He has worked in the technology market for the past 26 years. His portfolio includes numerous consolidations and migrations in hybrid environments with Microsoft workloads. Currently, he works as a Senior TAM, assisting partners with questions and usage of AWS to provide better benefits to their customers' workloads.

Bruno Lopes

Bruno Lopes

Bruno Lopes is a Sr. Specialist Solutions Architect at AWS LATAM. With over 18 years of IT experience, he specializes in legacy application modernization. His expertise spans hybrid environments and technical enablement as a Technical Trainer and Evangelist. As a Solutions Architect, he simplifies the adoption of advanced technologies, helping customers overcome daily challenges with innovative solutions.

Vitor Euphrasio da Silva

Vitor Euphrasio da Silva

Vitor Euphrasio da Silva is a Sr. Specialist Solutions Architect at AWS, specializing in infrastructure migrations and modernization for Enterprise customers. He partners with organizations throughout their cloud adoption journey, architecting innovative solutions that leverage Generative AI capabilities to drive business transformation. With over 20 years of proven experience in designing and implementing complex cloud infrastructure solutions, Vitor delivers measurable business value for enterprise clients across the LATAM region.