Abstract

The financial industry's service delivery model is constrained by unique requirements; volatile traffic, high fault-tolerance engineering needs, and regulatory compliance require security controls to demonstrate their effectiveness. The purpose of this research is to explore whether cloud native architecture based on AWS primitives and Kubernetes can provide scalable and secure solutions for the financial sector, including compliance for financial sector operational resiliency and regulatory compliance standards (GDPR security obligations, PCI DSS, SOC 2 and other related security obligation). To achieve this objective, authoritative documentation from the Cloud Native Computing Foundation (cloud native computing foundation) and the official documentation for Kubernetes and AWS, along with relevant security documents published by NIST (containerization, micro-services, service mesh, zero trust architecture) and the financial sector's guidelines for managing risk were synthesized. A compliance aware reference architecture was proposed, which defines and enforces system boundaries (network, identity, workload, and data) that employs declarative automation to tie runtime telemetry to audit evidence. Scalability is viewed as a closed-loop feedback mechanism, enabling consideration of load balancing, platform autoscaling, and Kubernetes control loops that include security externalities such as an EDoS attack against autoscaling. The security aspects of identity, least privilege, encryption/key management, segmentation, vulnerability management, tamper evident logging, and incident response preparedness were also examined. The case studies cited within the document represent regulated or finance adjacent production deployment examples that were utilized to support the analysis with measurable outcomes and implementation realities.