What is an AWS Well-Architected Framework Review?

An AWS Well-Architected Framework Review (WAFR) is a structured assessment of cloud workloads against AWS best practices designed to identify risks, optimise costs, and improve security and reliability. By completing a review, organisations gain visibility into infrastructure and receive actionable recommendations to align with AWS standards.

What are the AWS Well-Architected Framework pillars?

The five pillars are Security, Reliability, Cost Optimisation, Operational Excellence, and Performance Efficiency. Each pillar represents a foundational category for building secure, efficient, and resilient cloud systems. Every AWS Well-Architected Framework Review evaluates workloads against these pillars to uncover strengths, risks, and improvement opportunities.

What benefits can a company expect from an AWS Well-Architected Framework Review?

Typical benefits include reduced cloud costs through workload rightsizing, strengthened security by eliminating vulnerabilities, greater compliance readiness in regulated industries, operational efficiency gains through automation, and potential eligibility for AWS service credits when high-risk issues are remediated.

How can Perfsys help with AWS Well-Architected Framework Reviews?

Perfsys is an AWS Advanced Consulting Partner specialising in Well-Architected Framework Reviews. The team performs structured reviews across all five pillars, identifies and remediates high-risk issues, provides actionable recommendations for cost optimisation and security improvements, and implements automation tools to reduce manual effort.

How many vulnerabilities did the financial services client have, and how were they addressed?

The client had over 60 critical vulnerabilities, including 207 findings with publicly available exploits. Perfsys addressed these through immediate remediation: rotating long-lived IAM credentials, enabling AWS IAM Access Analyzer, implementing vulnerability management workflows, and recommending runtime upgrades for deprecated Lambda functions.

What cost savings did the AWS Compute Optimizer identify?

AWS Compute Optimizer identified a 41% potential monthly savings opportunity on ECS Fargate workloads, equivalent to approximately $16.99 USD per month. The analysis also flagged under-provisioned Lambda functions, allowing the client to balance cost reductions with performance requirements.

AWS Well-Architected Framework Review: Pillars & Case Study Results

Introduction

Cloud infrastructure is the backbone of modern financial services. But without careful governance, costs can rise unpredictably, vulnerabilities can go unnoticed, and compliance can be put at risk.

This was the situation faced by a London-based financial services provider relying on AWS for mission-critical operations. With legacy systems, aged credentials, and limited visibility into workloads, the company needed clarity and a path to optimization.

Through an AWS Well-Architected Framework Review (WAFR), grounded in the five AWS Well-Architected Framework pillars — security, reliability, cost optimization, operational excellence, and performance efficiency — Perfsys identified hidden risks, unlocked cost savings, and helped the client strengthen both security and operational efficiency.

About the Client

Company Name: Financial Services Company (Confidential)

Founded: 2010

Headquarters: London, United Kingdom

Industry: Financial Services / Fintech (Foreign Exchange, International Payments, Treasury Risk Management)

Company Size: 11–50 employees

Background

A London-based financial services company provides foreign exchange services to corporates and private clients. Operating in a sector where trust, compliance, and efficiency are non-negotiable, the company depends heavily on AWS infrastructure to run its core services.

But due to staff changes and accumulated legacy systems, the client found themselves in a challenging situation:

Nobody had a complete picture of how the AWS environment was structured.
AWS bills were growing unpredictably, without clear explanations.
Concerns were raised about whether the setup was secure and aligned with best practices.

With compliance, costs, and security at stake, the company turned to Perfsys for help.

Legacy AWS system diagram showing visibility and management gaps before the Well-Architected Framework Review.

The Challenge

The client's leadership team needed confidence that their AWS environment was well-managed, cost-effective, and secure. Key challenges included:

1. Visibility Gap

Multiple workloads were running, but with little documentation or centralized understanding.
Legacy maintenance from former staff created "black box" systems.

2. Cost Concerns

AWS bills were rising, but stakeholders lacked a clear understanding of which resources or services were responsible.

3. Security & Compliance Risks

Aged IAM credentials (one access key active for 1198 days).
Deprecated Lambda runtimes (Node.js 14/16, Python 3.8).
Lack of automated credential audits or vulnerability management.

4. Reliability Gaps

RDS backups not encrypted.
Service quotas not actively monitored, risking sudden outages.
Some Lambda functions with timeouts set to 900 seconds, leading to potential inefficiencies and risks.

Our Approach

To give the client clarity and confidence, Perfsys recommended an AWS Well-Architected Framework Review (WAFR) — a structured audit across the AWS Well-Architected Framework pillars, focusing on security, reliability, and cost optimization.

Step 1: Structured Review

Evaluated 24 of 57 Well-Architected questions, focusing on security, reliability, and cost optimization.
Collected data from AWS Well-Architected Tool, Inspector, and Trusted Advisor.

Step 2: Vulnerability Scanning

Performed a deep-dive with Amazon Inspector, uncovering 20+ critical vulnerabilities, including remote code execution flaws in Windows and Chromium.
Created a risk map to prioritize fixes based on exploitability and business impact.

Amazon Inspector – Critical Findings by Workload

Amazon Inspector – Findings Overview and Remediation Paths

Step 3: Immediate Remediation

Security: Rotated long-lived IAM credentials, enabled IAM Access Analyzer, and implemented vulnerability management workflows.
Compute & Costs: Enabled AWS Compute Optimizer to identify under- and over-provisioned resources. The analysis revealed rightsizing opportunities in ECS services on Fargate, with an estimated 41% monthly savings ($16.99 USD) if optimized.

AWS Compute Optimizer report showing rightsizing opportunities and estimated monthly savings.

Reliability: Recommended encryption for RDS backups, activated Trusted Advisor quota alerts, and identified reliability risks in Lambda configurations.

Step 4: Additional Recommendations

Upgrade Lambda runtimes to supported versions.
Require EC2 IMDSv2 for stronger instance metadata security.
Fix FSx domain connectivity issues with Microsoft AD.
Enable AMI deregistration protection to prevent accidental deletions.

Want to uncover hidden risks and save on AWS costs?

Our experts can guide you through an AWS Well-Architected Framework Review tailored to your workloads.

Start Your Review

Results

As a direct outcome of the AWS Well-Architected Framework Review , the client secured $5,000 in AWS credits, improved compliance, and gained clear visibility into future cost optimization opportunities.

Improved cloud security posture, validated by vulnerability scanning and IAM hardening.
Clear cost optimization path: Compute Optimizer surfaced 41% potential savings on ECS Fargate workloads.
Compliance alignment: stronger credential management, encryption of backups, and proactive quota monitoring.
Confidence restored: the client's leadership gained full visibility into how their infrastructure worked and how to manage it going forward.

Client Feedback

The CTO shared their experience in a verified Clutch review :

"The team was very methodical and delivered within their set timelines. Thanks to Perfsys’ efforts, we were able to improve our cloud security posture and solve existing issues. The efficiency and expertise they demonstrated were impressive."

— CTO, Financial Services Company, London (Clutch Review, Feb 2025)

The client awarded Perfsys 5.0 out of 5 across all categories: quality, schedule, cost, and willingness to refer.

Conclusion

This project illustrates how Perfsys helps organizations facing staff changes, legacy complexity, and rising AWS costs. By applying the AWS Well-Architected Framework Review, we:

Exposed and remediated hidden risks.
Brought clarity to cloud operations.
Unlocked financial credits and cost optimization opportunities.
Built a roadmap for secure, compliant, and resilient AWS operations.

This case study demonstrates how an AWS Well-Architected Framework Review helps financial services organizations transform uncertainty into confidence, while aligning with the AWS Well-Architected Framework pillars of cost optimization, security, and reliability.

FAQ

Eugene Orlovsky

CEO & Founder | Serverless architect with 10+ years of hands-on experience designing cloud-native architectures on AWS, backed by multiple AWS certifications. He is writing bridges deep technical expertise with real-world business strategy, covering topics from AWS best practices to scaling tech-driven organizations.

AWS Well-Architected Framework Review for a Fintech/Financial Services Provider

Introduction

About the Client

Background

The Challenge