This document describes how to run an inventory discovery on your Amazon Web Services (AWS) account by using the Migration Center discovery client CLI.
The mcdc CLI lets you collect information about your
Amazon Elastic Compute Cloud (EC2) instances and Amazon Relational
Database Service (RDS) databases on AWS. The mcdc CLI then
sends the collected information to Migration Center for assessment.
Information collected during inventory discovery
The mcdc CLI collects the following information from your EC2
instances:
- Instance type, ID, name, and region.
- Machine size, including CPU, memory, and storage size.
- Operating system name, version, and architecture.
- Power state (on or off).
- Network interfaces and associated IP and MAC addresses.
- Disk information, including interface type, volume type, label, and size.
- Hyperthreading support.
- Performance data for each EC2 instance:
- Input and output operations per second (IOPS)
- CPU utilization
- Network ingress and egress
The mcdc CLI collects the following information from
your RDS databases:
- Platform
- Database engine
- Name
- Generated ID
- Version
- Edition
- Disk allocated bytes
- Physical core count
- Memory bytes
- Performance data for each database:
- Memory usage
- Disk IOPS
- Network ingress and egress
- CPU utilization
The mcdc CLI collects metrics for the last 30 days
except for database memory usage. For database memory usage, AWS
saves only up to 7 days of data by default, so
the mcdc CLI collects data for only the last 7 days.
Supported databases
The following databases are supported:
- Microsoft SQL Server
- MySQL
- PostgreSQL
Limitations
When running an inventory discovery on your AWS account, the
mcdc CLI has the following limitations:
- The following information for EC2 instances is not collected:
- Memory usage.
- Free disk space. To collect this information, run a guest discovery.
- You cannot run the
mcdcCLI on Linux machines to collect data from AWS Windows EC2 instances. To collect information from Windows EC2 instances, run themcdcCLI on a Windows machine.
Before you begin
Before you begin the inventory discovery, make sure that you have completed the following steps:
- Review the requirements for downloading and running the
mcdcCLI. - Choose where to download the
mcdcCLI and complete the steps to download themcdcCLI. - Make sure that you have access to your AWS account.
Choose where to download the mcdc CLI
You can download the mcdc CLI to both Linux and Windows
machines. We recommend using a Windows EC2 instance to
download and run the mcdc CLI, because it supports all
available collection methods.
You can download the mcdc CLI to a location with access to
your target assets, such as the following:
- AWS CloudShell
- A Linux EC2 instance
- A Windows EC2 instance
- Any computer where you have installed the
mcdcCLI and have remote access to your AWS account.
For instructions to download the mcdc CLI,
see Download mcdc CLI.
Create an AWS IAM policy
To let the mcdc CLI read the EC2 and RDS inventory data,
create an AWS IAM policy
with the following permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeRegions",
"ec2:DescribeInstances",
"ec2:DescribeVolumes",
"ec2:DescribeInstanceTypes",
"rds:DescribeDBInstances",
"rds:DescribeDBEngineVersions",
"ssm:DescribeInstanceInformation",
"cloudwatch:GetMetricData"
],
"Resource": "*"
}
]
}
Authenticate to AWS
To let the mcdc CLI access your AWS environment,
authenticate your account using one of the following methods:
Use your existing AWS credentials
To use your existing AWS credentials, run the mcdc CLI
commands directly from the AWS Cloud Shell.
If you run the mcdc CLI from the AWS Cloud Shell, you
can use your existing credentials without an access key. In this case, the
mcdc CLI can access your AWS environment to
discover VM instances, as granted by your credentials.
Create an access key for the mcdc CLI
To create an access key for the mcdc CLI, follow
these steps:
- Create a dedicated IAM user to interact with the AWS API.
- Attach the IAM policy you created in the previous section to your new user.
In the AWS console, navigate to the IAM user that you created in the previous step, and click User > Security Credentials > Create access key > Other > Next > Create access key.
For more information, see Create an access key.
Store the access key ID and access key. You need this information to scan your AWS inventory.
Optional: Set up access to collect guest operating system data
Guest operating system data enriches pricing reports, license reports, and asset details exports. This data also helps assess suitability for containerization journeys to Google Kubernetes Engine, GKE Autopilot, and Cloud Run. If you don't want to collect operating system data, you can skip this section.
To collect guest operating system data, the workstation running the mcdc CLI
must connect to the target EC2 instances. Make sure that the following
ports are open on the target EC2 instances:
- Port 22 (SSH) for Linux machines
- Port 135 (WMI) for Windows machines
Discover EC2 instances and RDS databases
To discover EC2 instances and RDS databases, follow these steps:
In the command line terminal, change to the directory where you downloaded the
mcdcCLI.Run the discovery:
AWS CloudShell
To discover EC2 instances and RDS databases in your AWS account, run the following command:
Linux
./mcdc discover aws --host-config
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Windows
mcdc.exe discover aws --host-config
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Replace the following:
- AWS_SERVICE_NAME: the AWS service name (
rdsorec2). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered. - AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
AWS access key
To discover EC2 instances and RDS databases by using your AWS access key ID and access key, run the following command:
Linux
./mcdc discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_ACCESS_KEY
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Windows
mcdc.exe discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_ACCESS_KEY
[--services AWS_SERVICE_NAME]
[--region AWS_REGION]Replace the following:
- AWS_ACCESS_KEY_ID: the access key ID you created in the
Create an access key for the
mcdcCLI section. - AWS_ACCESS_KEY: the access key that you created in the
Create an access key for the
mcdcCLI section. - AWS_SERVICE_NAME: the AWS service name (
rdsorec2). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered. - AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
The output should look similar to the following:
[+] Collecting EC2... Collecting region eu-west-1 Collected 73 EC2 instances [+] Collecting RDS... [+] Collecting region eu-west-1 [✓] Collected 1 DB instances [✓] Collected total of 1 DB instances [✓] Collection completed.- AWS_SERVICE_NAME: the AWS service name (
To review the collected data, run the following command:
Linux
./mcdc discover ls
Windows
mcdc.exe discover ls
Optionally, use the
--asset-typesparameter to display only VMs or databases. For example, to display only VM instances, rundiscover ls --asset-types=vm; to display only databases, rundiscover ls --asset-types=db.The output should look similar to the following:
VM Assets PLATFORM VM ID NAME COLLECTED DATA OS IP ADDRESSES i-011d6234b5769fe2a abc-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.1 i-08f7e5e469508460f def-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.2 i-09e28bb6eggg94db8 ghi-ol9.3 AWSVM Linux/UNIX 192.0.2.3 Database Assets GENERATED ID PROVIDER ENGINE arn:aws:rds:eu-west-1:12345678912:db:abc-sqlserver RDS SQL Server
What's next
- Learn how to run a guest discovery.
- Learn how to export collected data to Migration Center.