Discover EC2 instances and databases on AWS

Stay organized with collections Save and categorize content based on your preferences.

This document describes the steps to run an inventory discovery on your AWS account by using the Migration Center discovery client CLI.

The mcdc CLI lets you collect information about your Amazon Elastic Compute Cloud (EC2) instances and Amazon Relational Database Service (RDS) databases on AWS. The mcdc CLI then sends this information to Migration Center, where you can continue with your assessment.

Information collected during the inventory discovery

The mcdc CLI collects the following information from your EC2 instances:

• Instance ID, name, and region
• Instance type
• Machine size, including CPU, memory, and storage size
• Guest OS: name, version, architecture
• Power state (on/off)
• Network interfaces and associated IP and MAC addresses
• Disks: interface type, volume type, label, size
• Performance data
• Hyperthreading support

The mcdc CLI collects the following information from your RDS databases:

• Platform
• Engine
• Name
• Generated ID
• Version
• Edition
• Disk allocated bytes
• Physical core count
• Memory bytes
• Performance data

Supported databases

The following databases are supported:

• Microsoft SQL Server
• MySQL
• PostgreSQL

Before you begin

1. Review the requirements for downloading and running the mcdc CLI.
2. Complete the steps to download the mcdc CLI.
3. Make sure that you have access to your AWS account. We recommended using AWS configuration and credentials on workstations configured to work with AWS tools, such as the AWS CLI.

Configure AWS

The following sections describe how to configure your AWS account to allow the mcdc CLI to collect data from your EC2 instances.

Create an AWS IAM policy

Create an AWS IAM policy with the following permissions to read inventory data:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:DescribeRegions",
        "ec2:DescribeInstances",
        "ec2:DescribeVolumes",
        "ec2:DescribeInstanceTypes",
        "rds:DescribeDBInstances",
        "rds:DescribeDBEngineVersions",
        "ssm:DescribeInstanceInformation",
        "cloudwatch:GetMetricData"
      ],
      "Resource": "*"
    }
  ]
}

Choose an authentication method on AWS

1. Create a dedicated IAM user to interact with the AWS API.
2. Attach the IAM policy you created in the previous step to your new user.

3. Choose an authentication method.

   • Create an AWS sessions token by using the get-session-token AWS CLI command.
   • Configure settings that AWS Command Line Interface (AWS CLI) uses to interact with AWS. For more information, see Configuring settings for the AWS CLI.

   • Create an access key. In the AWS console, navigate to the IAM user that you created in the previous step: User  > Security Credentials  > Create access key  > Other  > Next  > Create access key.

     Store the AWS authentication information that is created when you create the access key. You will need it to scan the AWS inventory with the mcdc CLI.

Discover EC2 instances and RDS databases

1. In the command line terminal, change to the directory where you downloaded the mcdc CLI.

2. Run the discovery:

   To collect inventory information from your EC2 instances and RDS databases from a specific AWS region, do the following:

   Linux

   ./mcdc discover aws --access-key-id AWS_ACCESS_KEY_ID 
   
   --secret-access-key AWS_SECRET_ACCESS_KEY 
   
   --session-token AWS_SESSION_TOKEN 
   
   --services AWS_SERVICE_NAME 
   
   --region AWS_REGION
   

   Windows

   mcdc.exe discover aws --access-key-id AWS_ACCESS_KEY_ID 
   
   --secret-access-key AWS_SECRET_ACCESS_KEY 
   
   --session-token AWS_SESSION_TOKEN 
   
   --services AWS_SERVICE_NAME 
   
   --region AWS_REGION
   

   To authenticate to AWS by using your host AWS CLI configuration, specify the --host-config flag, which automatically locates your AWS configuration:

   Linux

   ./mcdc discover aws  --host-config
   --services AWS_SERVICE_NAME 
   
   [--region AWS_REGION]
   

   Windows

   mcdc.exe discover aws  --host-config
   --services AWS_SERVICE_NAME 
   
   [--region AWS_REGION]
   

   To authenticate to AWS by using your AWS access key ID and secret key, specify the --access-key-id and --secret-access-key flag:

   Linux

   ./mcdc discover aws --access-key-id AWS_ACCESS_KEY_ID 
   
   --secret-access-key AWS_SECRET_ACCESS_KEY 
   
   --services AWS_SERVICE_NAME 
   
   [--region AWS_REGION]
   

   Windows

   mcdc.exe discover aws --access-key-id AWS_ACCESS_KEY_ID 
   
   --secret-access-key AWS_SECRET_ACCESS_KEY 
   
   --services AWS_SERVICE_NAME 
   
   [--region AWS_REGION]
   

   Replace the following:

   • AWS_SESSION_TOKEN: the session token that you created in the Configure the AWS environment section.
   • AWS_ACCESS_KEY_ID: the access key ID you created in the Configure the AWS environment section.
   • AWS_SECRET_ACCESS_KEY: the secret access key you created in the Configure the AWS environment section.
   • AWS_HOST_CONFIG: the host AWS CLI configuration. For more information, see Configuring settings for the AWS CLI.
   • AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
   • AWS_SERVICE_NAME: the AWS service name (rds or ec2). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered.

The output should look similar to the following:

  [+] Collecting EC2...
  Collecting region eu-west-1
  Collected 73 EC2 instances
  [+] Collecting RDS...
  [+] Collecting region eu-west-1
  [✓] Collected 1 DB instances
  [✓] Collected total of 1 DB instances
  [✓] Collection completed.

When the discovery finishes, review the collected data by running the discover ls command.

./mcdc discover ls

mcdc.exe discover ls

Optionally, use the --asset-types parameter to display only VMs or databases. For example, run discover ls --asset-types=vm to display only VM instances, or discover ls --asset-types=db to display only databases.

The output should look similar to the following:

    VM Assets
    PLATFORM VM ID       NAME              COLLECTED DATA   OS                          IP ADDRESSES
    i-011d6234b5769fe2a  abc-rhel9.0-arm   AWSVM            Red Hat Enterprise Linux    192.0.2.1
    i-08f7e5e469508460f  def-rhel9.0-arm   AWSVM            Red Hat Enterprise Linux    192.0.2.2
    i-09e28bb6eggg94db8  ghi-ol9.3         AWSVM            Linux/UNIX                  192.0.2.3

    Database Assets
    GENERATED ID                                         PROVIDER        ENGINE
    arn:aws:rds:eu-west-1:12345678912:db:abc-sqlserver   RDS             SQL Server

What's next

• Learn how to run a guest discovery.
• Learn how to export collected data to Migration Center.