Directly import asset inventory data from AWS

Migration Center lets you import data about assets, performance, and usage from your AWS infrastructure, and collect information about the following assets in your AWS account:

  • Amazon Elastic Compute Cloud (EC2)
  • Amazon Relational Database Service (RDS)
    • Microsoft SQL Server
    • MySQL
    • PostgreSQL
  • Amazon CloudFront (Preview)
  • Amazon Elastic Container Service (ECS) (Preview)
  • Amazon Elastic File System (EFS) (Preview)
  • Amazon Elastic Kubernetes Service (EKS) (Preview)
  • Amazon Redshift (Preview)
  • Amazon Simple Storage Service (S3) (Preview)
  • Amazon Virtual Private Cloud (VPC) (Preview)
  • AWS Lambda (Preview)
  • Elastic Load Balancing (ELB) (Preview)
  • Amazon Route53 (Preview)
  • Amazon DynamoDB (Preview)
  • NAT Gateway (Preview)

The following data is collected during AWS discovery:

Asset type Data collected
Amazon EC2
Click to show the collected data.
  • Instance details (ID, type, state)
  • Owner discount ID
  • Instance type details (CPU, memory)
  • Tags
  • Operating system information (from SSM)
  • Block device mappings and volume details
  • Performance metrics (CPU utilization, network I/O, disk I/O)
Amazon RDS
Click to show the collected data.
  • Database instance details (identifier, class, status)
  • Engine and engine version details
  • Allocated storage
  • Tags
  • Performance metrics (CPU utilization, network throughput, IOPS, free storage)
  • Performance insights (free memory)
Amazon S3
Click to show the collected data.
  • Bucket details (name, ARN, region, creation date)
  • Tags
  • Versioning status
  • Lifecycle rules
  • Performance metrics (bucket size by storage class, number of objects)
Amazon EKS
Click to show the collected data.
  • Per cluster:
    • Cluster details (name, ARN, version, status, endpoint)
    • Tags
    • Role ARN
    • VPC configuration
    • Logging configuration
    • Launch types (EC2 or Fargate)
  • Per managed node group:
    • Node group details (name, ARN, AMI type, instance types, disk size)
    • Scaling configuration (min, max, selected size)
    • Associated auto scaling groups
  • Per Fargate profile:
    • Profile details (name, pod execution role ARN)
    • Subnets
    • Selectors (namespace, labels)
Amazon ECS
Click to show the collected data.
  • Per cluster:
    • Cluster details (name, ARN, status)
    • Tags
    • Number of services and tasks
    • Registered container instances
  • Per service:
    • Service details (name, ARN, launch type)
    • Task definition
    • Scheduling strategy
    • Deployment configuration
    • Load balancer information
  • Per task:
    • Task details (ARN, last status, selected status)
    • CPU and memory
    • Container information
ELB
Click to show the collected data.
  • Per load balancer (version 1 and 2):
    • Details (name, ARN/ID, DNS name, type, scheme)
    • Tags
    • VPC and availability zones
    • Listeners and rules
    • Target groups and target health
    • Instance health (for classic ELBs)
AWS Lambda
Click to show the collected data.
  • Per function:
    • Configuration (name, ARN, runtime, role, handler, timeout)
    • Tags
    • Memory size and ephemeral storage
    • Package type and code size
    • Architectures
    • Layers
    • Environment variables
    • Tracing configuration
    • Event source mappings
    • Concurrency settings
Amazon CloudFront
Click to show the collected data.
  • Per distribution:
    • Details (ID, ARN, domain name, status, enabled)
    • Tags
    • Aliases (CNAMEs)
    • Origins and origin groups
    • Cache behaviors
    • Price class, HTTP version, IPv6 enabled
Amazon EFS
Click to show the collected data.
  • Per file system:
    • Details (ID, ARN, name, creation time)
    • Tags
    • Total size (standard and infrequent access)
    • Performance and throughput mode
    • Encryption status
    • Lifecycle policies
    • Backup policy
    • Replication configurations
    • Mount targets and access points
Amazon Redshift
Click to show the collected data.
  • Per provisioned cluster:
    • Cluster details (identifier, ARN, status, version)
    • Tags
    • Node type and count
    • Database name
    • VPC and IAM roles
    • Encryption status
    • Snapshot and aqua configuration
  • Per serverless workgroup:
    • Workgroup details (name, ARN, status, base RPU)
    • Tags
    • Namespace information (database name, IAM roles, KMS key)
    • VPC endpoint
    • Snapshot copy configurations
Amazon VPC
Click to show the collected data.
  • Per VPC:
    • VPC details (ID, ARN, state, CIDR block, tenancy)
    • Tags
    • DHCP options ID
    • Associated subnets
    • Associated network ACLs
Amazon DynamoDB
Click to show the collected data.
  • Table details (name, ARN, creation time, status, size bytes, item count, class)
  • Tags
  • Billing mode
  • Provisioned throughput
  • Streams information
  • Replicas
  • Continuous backups & Point-in-time recovery status
Amazon NAT Gateway
Click to show the collected data.
  • NAT Gateway details (ID, ARN, creation time, state)
  • Tags
  • VPC ID and Subnet ID
  • Connectivity type
  • Associated addresses
Amazon Route53
Click to show the collected data.
  • Hosted Zone details (name, ID, ARN, private zone, comment, record set count)
  • Tags
  • Caller reference
  • Linked service
  • Name servers
  • VPC associations
  • Resource record sets

Migration Center collects metrics for the last 30 days except for database memory usage. For database memory usage, AWS saves only up to 7 days of data by default, so Migration Center collects data for only the last 7 days.

Before you begin

  1. Make sure that you have enabled the Cloud Run Admin API on the project.
  2. Make sure that you have an AWS access key ID and secret access key to authenticate to your AWS account. For more information, see Manage access keys for IAM users.
  3. Create a secret by using Secret Manager for your AWS secret access key.
  4. Create a dedicated service account to run the AWS discovery. For instructions, see Create service accounts.
  5. Make sure that you grant the following required permissions and roles to the service account.

Run AWS discovery

AWS discovery lets you scan and collect information about the assets in your AWS account. The collected information is automatically imported into Migration Center for assessment.

To run AWS discovery, follow these steps:

  1. Go to the Data import page.

    Go to Data import

  2. Click Add data > AWS discovery.

  3. For AWS account ID, provide your AWS access key ID.

  4. For AWS account secret, provide your AWS secret access key.

  5. Optional: For AWS region, enter the AWS region to scan for your AWS assets. If you don't enter a region, assets from all enabled AWS regions are discovered.

  6. Click Start AWS discovery.

To view the discovered assets, go to the Assets page, and then click Refresh.

What's next