EhList.ca
Canadian software alternatives to popular software tools

Switch Guide: Moving from AWS to Aptum

AWS is the world's dominant cloud provider — but it's an American company operating under US jurisdiction, including the CLOUD Act, which allows US law enforcement to compel AWS to hand over data stored on its servers, even data in Canadian AWS regions. For Canadian enterprises, financial institutions, healthcare organizations, and government contractors, that's a risk that can't be mitigated by simply choosing ca-central-1. Aptum Technologies, headquartered in Toronto, is Canada's enterprise hybrid cloud provider with data centres across Canada and a contractual commitment to Canadian data sovereignty.

Why Canadian Businesses Are Making the Switch

The US CLOUD Act of 2018 fundamentally changed the calculus for Canadian organizations using US-owned cloud providers. Even when using AWS's ca-central-1 (Montreal) region, AWS as a US company remains legally obligated to comply with US government data requests. This creates genuine compliance exposure for organizations subject to PIPEDA, provincial health privacy laws (PHIPA, HIA), or federal security requirements. Aptum's infrastructure is wholly Canadian-owned, operated, and legally governed — meaning Canadian privacy law is the only law that applies. Beyond compliance, many Canadian enterprises find that Aptum's managed services model reduces operational overhead compared to AWS's sprawling service catalogue.

Quick Comparison

AWSAptum
HQSeattle, WashingtonToronto, Canada 🍁
Data residencyca-central-1 (US-owned)Canadian-owned data centres
Legal jurisdictionUS (CLOUD Act applies)Canada only
Service modelSelf-managed cloudManaged hybrid cloud
Compliance certsMany (global)SOC 2, PCI DSS, PIPEDA-aligned
SupportTiered (paid for good support)Dedicated Canadian support team
PricingPay-as-you-go (complex)Predictable managed pricing

Step-by-Step Migration Guide

  1. Engage Aptum's migration team — Aptum offers guided migration services. Contact them early to get a dedicated migration architect assigned. Unlike migrating between AWS regions, moving to a different provider requires careful planning — don't go it alone.
  2. Inventory your AWS workloads — Use AWS Config or the AWS Migration Hub to generate a full inventory of your running services: EC2 instances, RDS databases, S3 buckets, Lambda functions, EKS clusters, and any managed services (SES, SQS, SNS, etc.).
  3. Classify workloads by migration complexity — Sort workloads into three tiers: (1) lift-and-shift (VMs and databases that move as-is), (2) refactor (workloads using AWS-specific services that need adaptation), and (3) rebuild (workloads tightly coupled to AWS-native services).
  4. Migrate databases first in test — Stand up Aptum environments in parallel. Start by migrating a non-production database using logical replication or backup/restore, then validate performance before touching production.
  5. Set up Aptum networking — Configure your VPC equivalent, subnets, security groups, and VPN or Direct Connect equivalent on Aptum's platform. Aptum's team will guide you through their network topology.
  6. Migrate lift-and-shift workloads — Move EC2-equivalent workloads using VM export from AWS and import to Aptum. Use tools like CloudEndure or Velero for containerized workloads.
  7. Handle AWS-specific services — Replace AWS-native services: use Kafka for SQS/SNS equivalents, MinIO or Ceph for S3-compatible object storage, and managed PostgreSQL for RDS.
  8. Migrate DNS and run parallel — Point DNS to Aptum endpoints and run both environments in parallel for 2–4 weeks, validating each workload before cutting over production traffic.
  9. Decommission AWS — After successful cutover, terminate AWS resources methodically. Use AWS Cost Explorer to confirm no residual billable resources remain. Keep S3 backups for a defined retention period.

Data Migration Checklist

  • ☐ AWS workload inventory completed (Config/Migration Hub)
  • ☐ Workloads classified by migration complexity
  • ☐ Aptum migration architect engaged
  • ☐ Target Aptum environment architecture designed
  • ☐ Non-production environment migrated and tested
  • ☐ Database migrations completed with validation
  • ☐ S3 data migrated to Aptum object storage
  • ☐ AWS-specific service dependencies replaced
  • ☐ Networking, VPN, and security groups configured
  • ☐ DNS updated and parallel run completed
  • ☐ Production cutover executed
  • ☐ AWS resources decommissioned
  • ☐ Final AWS billing confirmed at $0

Watch Out For

  • AWS-native service lock-in: If you've built heavily on Lambda, DynamoDB, Step Functions, or other AWS-native services, those workloads require refactoring before they can move. Build time for this into your migration plan — it's not a lift-and-shift.
  • Data egress costs: AWS charges substantial data egress fees. Migrating large data volumes can cost tens of thousands of dollars in AWS exit fees. Budget for this upfront and consider negotiating with AWS.
  • IAM and secrets management: Your AWS IAM roles, policies, and Secrets Manager secrets don't transfer. Document all IAM policies and recreate equivalent controls in Aptum's environment before cutting over.
  • Container registries: If you use ECR, pull all container images locally and push them to Aptum's registry or a self-hosted registry before migration.
  • Reserved instances: If you have active AWS Reserved Instances, you may have contracted commitments. Review your RI terms — they may be sellable on the AWS Reserved Instance Marketplace.
Aptum
🍁 5/5
Toronto, ON
Canadian enterprise hybrid cloud provider with data centres across Canada. Managed cloud, colocation, and network services with Canadian data sovereignty.

See all Canadian alternatives to AWS →