You Didn't Migrate to the Cloud. You Migrated Your Architecture.
If your cloud run-rate is higher than the on-premises footprint it replaced, the instinct is to blame the bill — to hunt for orphaned snapshots, idle load balancers, and oversized instances. That instinct is not wrong, but it is incomplete. The more uncomfortable diagnosis is that your organization did not migrate workloads to the cloud; it migrated an entire set of architectural assumptions that were designed for a cost model that no longer applies.
The Architecture Smuggling Problem
Every migration carries invisible cargo. When teams execute a lift-and-shift, they move not just the workload but the provisioning logic, the scheduling patterns, the network topology, and the capacity philosophy that were built for a static, CapEx-funded data center. Those assumptions were rational in their original environment. In the cloud, they become a structural tax.
The problem is not that cloud providers charge too much. The problem is that the architecture being billed against a utility model was never designed for one. A workload that was sized, scheduled, and networked for a private data center will behave expensively in the cloud for the same reason a diesel generator behaves expensively as a primary power source: it was built for a different context. Lift-and-shift migrations replicate the inefficiencies of the on-premises environment, and those inefficiencies — invisible under a sunk-cost CapEx model — become highly visible under pay-per-use billing.
Why Over-Provisioning That Was Free On-Prem Becomes Expensive in the Cloud
On-premises infrastructure is typically purchased to handle peak or near-peak load and then runs at that capacity regardless of actual utilization. The economics of that model are straightforward: once the hardware is purchased, the marginal cost of leaving it powered on is negligible. Over-provisioning is not waste — it is insurance, and the premium is already paid.
Cloud billing inverts that logic entirely. Cloud providers bill for compute on a utility model, meaning idle capacity that was a sunk cost on-premises becomes ongoing variable spend in the cloud. Every hour an over-provisioned instance sits at 5% CPU utilization is an hour you are paying for 95% of a resource you are not using.
This is not a hypothetical inefficiency. Average CPU utilization across enterprise server fleets is typically between 12% and 18%, meaning the vast majority of provisioned capacity sits idle at any given moment. When that utilization profile is transplanted into a cloud environment without modification, the billing model converts what was a fixed, amortized cost into a recurring, compounding one.
The diagram below illustrates the structural mismatch between the two models:
The on-premises model rewards buying ahead. The cloud model penalizes it. Migrating without adjusting the provisioning philosophy means paying cloud-utility rates for on-premises-style overcapacity.
Right-Sizing Failure: The Largest Single Driver of Cloud Cost Overruns
Of all the structural cost problems that follow a lift-and-shift migration, right-sizing failure is the dominant one. The pattern is consistent: instances are sized to handle 99th-percentile peak load, then run continuously against workloads that are idle for substantial portions of the day, week, or month.
This is not a configuration oversight. It is the predictable output of a provisioning philosophy that was never updated. On-premises, sizing for the 99th percentile was prudent — you could not elastically acquire capacity when demand spiked, so you held it in reserve permanently. In the cloud, that reserve is billed at full rate whether it is used or not.
The utilization problem is compounded by the nature of enterprise workloads themselves. Many enterprise workloads exhibit highly variable demand profiles, with significant periods of near-zero utilization interspersed with short bursts of high load. A batch processing job that runs for two hours each night and sits dormant for the remaining twenty-two is a canonical example. Sized for its burst peak and billed for all twenty-four hours, it will consistently appear expensive relative to its actual computational output.
Right-sizing — reducing instance sizes to match observed utilization — is the most immediate lever available. But it is a mitigation, not a cure. If the workload architecture does not allow for elastic scaling, right-sizing simply moves the over-provisioning problem to a smaller instance type.
Commitments That Only Work When You Know Your Patterns: Reserved Instances and Savings Plans
Cloud providers including AWS, Azure, and Google Cloud offer reserved instance and savings plan pricing that can substantially reduce compute costs relative to on-demand rates. For workloads with stable, predictable utilization, these commitment vehicles are among the highest-ROI levers available in a cloud cost program.
The catch is structural. Reserved instances and savings plans require committing to a usage level for one or three years, creating real financial risk if actual usage falls below the commitment. An unused reservation does not refund itself.
Organizations that migrated via lift-and-shift often cannot accurately forecast future usage patterns because their workloads have not been decoupled from legacy scheduling and batch dependencies. When a workload's demand profile is entangled with on-premises job schedulers, legacy ETL pipelines, and manual operational triggers, predicting twelve months of cloud consumption with enough confidence to commit capital is genuinely difficult. The result is a choice between over-committing (paying for reservations that go unused) and under-committing (paying on-demand rates for workloads that would have qualified for discounts). Neither outcome is optimal, and both trace back to the same root cause: an architecture that was not designed to be observable or predictable in a cloud context.
The Silent Budget Killers: Data Egress and Inter-AZ Transfer Costs
Compute costs dominate post-migration cost reviews, which means data transfer costs tend to receive attention only after everything else has been examined. That sequencing is expensive.
Data egress — fees for transferring data out of a cloud provider's network to the internet or to other providers — is a significant and often underestimated cost component. It does not appear prominently in pre-migration TCO models for a straightforward reason: on-premises network traffic within a data center carries no per-byte charge. Internal bandwidth is a fixed infrastructure cost, not a variable one. Teams building TCO models for cloud migrations naturally anchor on the cost categories they already track, and per-byte egress charges have no on-premises analog.
Inter-availability-zone data transfer compounds the problem. Major cloud providers bill for data moving between availability zones within the same region, and architectures that were not designed with AZ topology in mind can generate substantial inter-AZ traffic without any single transaction appearing large. A three-tier application where the web tier, application tier, and database tier land in different AZs — a common outcome of a lift-and-shift that preserves the original network segmentation — will generate cross-AZ charges on every request that traverses tier boundaries. Multiplied across transaction volume, those charges accumulate to material cost that was invisible in the original data center.
These costs are persistent and structural. They do not respond to instance right-sizing or reservation purchases. They require architectural intervention.
Tuning the Bill Is Not the Fix: The Case for Workload Refactoring
FinOps hygiene — tagging discipline, reservation management, orphaned resource cleanup, rightsizing recommendations — is necessary. It is not sufficient. FinOps tooling and instance right-sizing address the symptoms of architectural mismatch without addressing the mismatch itself. An organization that optimizes its lift-and-shift architecture to the limit of what tuning can achieve will still be running an architecture that was designed for a cost model that no longer applies.
The durable fix is refactoring workloads to use cloud-native primitives so the architecture matches the billing model. This is a more significant investment than purchasing a FinOps platform, but it is the only intervention that changes the structural cost trajectory rather than managing it.
What Cloud-Native Alignment Actually Looks Like
Cloud-native alignment is not an abstract principle. It has concrete architectural expressions that directly address the cost drivers described above.
Serverless and event-driven compute for bursty workloads. Serverless and event-driven compute primitives charge only for actual execution time, making them structurally better suited to bursty or intermittent workloads than always-on virtual machines. A batch job that runs for two hours and idles for twenty-two is a strong candidate for migration to a serverless execution model. The billing model changes from "instance-hours reserved" to "execution-seconds consumed," and the cost profile follows the actual demand curve rather than the peak-provisioned ceiling.
Managed database services over self-managed EC2-hosted databases. Replacing self-managed databases running on EC2 instances with cloud-managed database services reduces the over-provisioning required to maintain headroom for unplanned load. Managed services handle scaling, patching, and failover in ways that allow tighter provisioning without sacrificing reliability — a meaningful structural improvement over the "provision generously and hope" approach that characterizes most lifted-and-shifted database tiers.
AZ-aware service collocation to reduce inter-AZ transfer. Collocating tightly coupled services within the same availability zone reduces inter-AZ transfer costs without sacrificing resilience when combined with proper failover design. This requires revisiting the network topology assumptions carried over from the on-premises environment and replacing them with topology decisions that reflect how cloud providers actually bill for data movement.
None of these changes are trivial. All of them produce cost reductions that are structural and durable rather than marginal and temporary.
A Diagnostic Framework for Post-Migration Cost Reviews
For CIOs and CTOs facing higher-than-expected run-rate costs, the first question is not "how do we reduce the bill" but "what kind of problem do we actually have." The answer determines the intervention.
A structured post-migration cost review should distinguish between two categories of workload: those that are candidates for right-sizing and those that require architectural refactoring to achieve sustainable cost reduction. Right-sizing candidates are workloads where the instance type or size is mismatched to observed utilization, but the architecture itself is sound — the workload scales predictably, its demand profile is observable, and its network topology does not generate structural transfer costs. Refactoring candidates are workloads where the cost problem is architectural: always-on instances serving intermittent demand, cross-AZ traffic patterns baked into the service topology, or utilization profiles so variable that no static instance size fits well.
Once workloads are categorized, refactoring candidates should be prioritized by the ratio of current waste — idle spend, transfer costs, over-provisioning headroom — to estimated refactoring effort, not by absolute spend alone. A moderately expensive workload with high idle spend and a well-understood refactoring path will deliver better ROI than a large workload with complex dependencies and modest waste. Sequencing by this ratio ensures that early refactoring investments produce visible returns that build organizational confidence for the larger efforts that follow.
The goal of this diagnostic is not to produce a cost-reduction roadmap in isolation. It is to answer a more fundamental question: is this organization managing a cloud bill, or is it managing a cloud architecture? The former is a continuous operational task with diminishing returns. The latter is a one-time investment with compounding benefits.
Cloud migrations that carry on-premises architectural assumptions into a utility billing environment will continue to generate structural overspend regardless of how diligently the bill is managed. The path to sustainable cloud economics runs through the architecture, not around it.
Principal Enterprise Architect
Neil is a principal enterprise architect with 30 years of software engineering experience, specializing in digital experience platforms and web content management systems. He has led some of the largest CMS implementations in the world across pharma, healthcare, banking and financial services, consumer packaged goods, travel, and insurance — working primarily with commercial platforms like Sitecore and Adobe Experience Manager, with additional depth in WordPress, Drupal, and Liferay. He writes about the architectural decisions behind enterprise content platforms — CMS selection, replatforming strategy, and the patterns that separate the implementations that compound from the ones that get rebuilt every five years.
