This document describes how to run an inventory discovery on your Amazon Web Services (AWS) account by using the Migration Center discovery client CLI.
The mcdc
CLI lets you collect information about your
Amazon Elastic Compute Cloud (EC2) instances and Amazon Relational
Database Service (RDS) databases on AWS. The mcdc
CLI then
sends the collected information to Migration Center for assessment.
Information collected during inventory discovery
The mcdc
CLI collects the following information from your EC2
instances:
- Instance type, ID, name, and region.
- Machine size, including CPU, memory, and storage size.
- Operating system name, version, and architecture.
- Power state (on or off).
- Network interfaces and associated IP and MAC addresses.
- Disk information, including interface type, volume type, label, and size.
- Hyperthreading support.
- Performance data for each EC2 instance:
- Input and output operations per second (IOPS)
- CPU utilization
- Network ingress and egress
The mcdc
CLI collects the following information from
your RDS databases:
- Platform
- Database engine
- Name
- Generated ID
- Version
- Edition
- Disk allocated bytes
- Physical core count
- Memory bytes
- Performance data for each database:
- Memory usage
- Disk IOPS
- Network ingress and egress
- CPU utilization
The mcdc
CLI collects metrics for the last 30 days
except for database memory usage. For database memory usage, AWS
saves only up to 7 days of data by default, so
the mcdc
CLI collects data for only the last 7 days.
Supported databases
The following databases are supported:
- Microsoft SQL Server
- MySQL
- PostgreSQL
Limitations
When running an inventory discovery on your AWS account, the
mcdc
CLI has the following limitations:
- The following information for EC2 instances is not collected:
- Memory usage.
- Free disk space. To collect this information, run a guest discovery.
- You cannot run the
mcdc
CLI on Linux machines to collect data from AWS Windows EC2 instances. To collect information from Windows EC2 instances, run themcdc
CLI on a Windows machine.
Before you begin
Before you begin the inventory discovery, make sure that you have completed the following steps:
- Review the requirements for downloading and running the
mcdc
CLI. - Choose where to download the
mcdc
CLI and complete the steps to download themcdc
CLI. - Make sure that you have access to your AWS account.
Choose where to download the mcdc
CLI
You can download the mcdc
CLI to both Linux and Windows
machines. We recommend using a Windows EC2 instance to
download and run the mcdc
CLI, because it supports all
available collection methods.
You can download the mcdc
CLI to a location with access to
your target assets, such as the following:
- AWS CloudShell
- A Linux EC2 instance
- A Windows EC2 instance
- Any computer where you have installed the
mcdc
CLI and have remote access to your AWS account.
For instructions to download the mcdc
CLI,
see Download mcdc
CLI.
Create an AWS IAM policy
To let the mcdc
CLI read the EC2 and RDS inventory data,
create an AWS IAM policy
with the following permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeRegions",
"ec2:DescribeInstances",
"ec2:DescribeVolumes",
"ec2:DescribeInstanceTypes",
"rds:DescribeDBInstances",
"rds:DescribeDBEngineVersions",
"ssm:DescribeInstanceInformation",
"cloudwatch:GetMetricData"
],
"Resource": "*"
}
]
}
Authenticate to AWS
To let the mcdc
CLI access your AWS environment,
authenticate your account using one of the following methods:
Use your existing AWS credentials
To use your existing AWS credentials, run the mcdc
CLI
commands directly from the AWS Cloud Shell.
If you run the mcdc
CLI from the AWS Cloud Shell, you
can use your existing credentials without an access key. In this case, the
mcdc
CLI can access your AWS environment to
discover VM instances, as granted by your credentials.
Create an access key for the mcdc
CLI
To create an access key for the mcdc
CLI, follow
these steps:
- Create a dedicated IAM user to interact with the AWS API.
- Attach the IAM policy you created in the previous section to your new user.
In the AWS console, navigate to the IAM user that you created in the previous step, and click User > Security Credentials > Create access key > Other > Next > Create access key.
For more information, see Create an access key.
Store the access key ID and access key. You need this information to scan your AWS inventory.
Optional: Set up access to collect guest operating system data
Guest operating system data enriches pricing reports, license reports, and asset details exports. This data also helps assess suitability for containerization journeys to Google Kubernetes Engine, GKE Autopilot, and Cloud Run. If you don't want to collect operating system data, you can skip this section.
To collect guest operating system data, the workstation running the mcdc
CLI
must connect to the target EC2 instances. Make sure that the following
ports are open on the target EC2 instances:
- Port 22 (SSH) for Linux machines
- Port 135 (WMI) for Windows machines
Discover EC2 instances and RDS databases
To discover EC2 instances and RDS databases, follow these steps:
In the command line terminal, change to the directory where you downloaded the
mcdc
CLI.Run the discovery:
AWS CloudShell
To discover EC2 instances and RDS databases in your AWS account, run the following command:
Linux
./mcdc discover aws --host-config
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Windows
mcdc.exe discover aws --host-config
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Replace the following:
- AWS_SERVICE_NAME: the AWS service name (
rds
orec2
). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered. - AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
AWS access key
To discover EC2 instances and RDS databases by using your AWS access key ID and access key, run the following command:
Linux
./mcdc discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_ACCESS_KEY
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Windows
mcdc.exe discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_ACCESS_KEY
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Replace the following:
- AWS_ACCESS_KEY_ID: the access key ID you created in the
Create an access key for the
mcdc
CLI section. - AWS_ACCESS_KEY: the access key that you created in the
Create an access key for the
mcdc
CLI section. - AWS_SERVICE_NAME: the AWS service name (
rds
orec2
). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered. - AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
The output should look similar to the following:
[+] Collecting EC2... Collecting region eu-west-1 Collected 73 EC2 instances [+] Collecting RDS... [+] Collecting region eu-west-1 [✓] Collected 1 DB instances [✓] Collected total of 1 DB instances [✓] Collection completed.
- AWS_SERVICE_NAME: the AWS service name (
To review the collected data, run the following command:
Linux
./mcdc discover ls
Windows
mcdc.exe discover ls
Optionally, use the
--asset-types
parameter to display only VMs or databases. For example, to display only VM instances, rundiscover ls --asset-types=vm
; to display only databases, rundiscover ls --asset-types=db
.The output should look similar to the following:
VM Assets PLATFORM VM ID NAME COLLECTED DATA OS IP ADDRESSES i-011d6234b5769fe2a abc-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.1 i-08f7e5e469508460f def-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.2 i-09e28bb6eggg94db8 ghi-ol9.3 AWSVM Linux/UNIX 192.0.2.3 Database Assets GENERATED ID PROVIDER ENGINE arn:aws:rds:eu-west-1:12345678912:db:abc-sqlserver RDS SQL Server
What's next
- Learn how to run a guest discovery.
- Learn how to export collected data to Migration Center.