This document describes the steps to run an inventory discovery on your AWS account by using the Migration Center discovery client CLI.
The mcdc CLI lets you collect information about your Amazon Elastic
Compute Cloud (EC2) instances and Amazon Relational Database Service (RDS) databases on AWS.
The mcdc CLI then sends this information to
Migration Center, where you can continue with your assessment.
Information collected during the inventory discovery
The mcdc CLI collects the following information from
your EC2 instances:
- Instance ID, name, and region
- Instance type
- Machine size, including CPU, memory, and storage size
- Guest OS: name, version, architecture
- Power state (on/off)
- Network interfaces and associated IP and MAC addresses
- Disks: interface type, volume type, label, size
- Performance data
- Hyperthreading support
The mcdc CLI collects the following information from
your RDS databases:
- Platform
- Engine
- Name
- Generated ID
- Version
- Edition
- Disk allocated bytes
- Physical core count
- Memory bytes
- Performance data
Supported databases
The following databases are supported:
- Microsoft SQL Server
- MySQL
- PostgreSQL
Before you begin
- Review the requirements for downloading and running the
mcdcCLI. - Complete the steps to download the
mcdcCLI. - Make sure that you have access to your AWS account. We recommended using AWS configuration and credentials on workstations configured to work with AWS tools, such as the AWS CLI.
Configure AWS
The following sections describe how to configure your AWS account to
allow the mcdc CLI to collect data from your EC2 instances.
Create an AWS IAM policy
Create an AWS IAM policy with the following permissions to read inventory data:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeRegions",
"ec2:DescribeInstances",
"ec2:DescribeVolumes",
"ec2:DescribeInstanceTypes",
"rds:DescribeDBInstances",
"rds:DescribeDBEngineVersions",
"ssm:DescribeInstanceInformation",
"cloudwatch:GetMetricData"
],
"Resource": "*"
}
]
}
Choose an authentication method on AWS
- Create a dedicated IAM user to interact with the AWS API.
- Attach the IAM policy you created in the previous step to your new user.
Choose an authentication method.
- Create an AWS sessions token by using the
get-session-tokenAWS CLI command. - Configure settings that AWS Command Line Interface (AWS CLI) uses to interact with AWS. For more information, see Configuring settings for the AWS CLI.
Create an access key. In the AWS console, navigate to the IAM user that you created in the previous step: User > Security Credentials > Create access key > Other > Next > Create access key.
Store the AWS authentication information that is created when you create the access key. You will need it to scan the AWS inventory with the
mcdcCLI.
- Create an AWS sessions token by using the
Discover EC2 instances and RDS databases
In the command line terminal, change to the directory where you downloaded the
mcdcCLI.Run the discovery:
To collect inventory information from your EC2 instances and RDS databases from a specific AWS region, do the following:
Linux
./mcdc discover aws --session-token AWS_SESSION_TOKEN
--services AWS_SERVICE_NAME
[--region AWS_REGION]Windows
mcdc.exe discover aws --session-token AWS_SESSION_TOKEN
--services AWS_SERVICE_NAME
[--region AWS_REGION]To authenticate to AWS by using your host AWS CLI configuration, specify the
--host-configflag, which automatically locates your AWS configuration:Linux
./mcdc discover aws --host-config --services AWS_SERVICE_NAME
[--region AWS_REGION]Windows
mcdc.exe discover aws --host-config --services AWS_SERVICE_NAME
[--region AWS_REGION]To authenticate to AWS by using your AWS access key ID and secret key, specify the
--access-key-idand--secret-access-keyflag:Linux
./mcdc discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_SECRET_ACCESS_KEY
--services AWS_SERVICE_NAME
[--region AWS_REGION]Windows
mcdc.exe discover aws --access-key-id AWS_ACCESS_KEY_ID
--secret-access-key AWS_SECRET_ACCESS_KEY
--services AWS_SERVICE_NAME
[--region AWS_REGION]Replace the following:
- AWS_SESSION_TOKEN: the session token that you created in the Configure the AWS environment section.
- AWS_ACCESS_KEY_ID: the access key ID you created in the Configure the AWS environment section.
- AWS_SECRET_ACCESS_KEY: the secret access key you created in the Configure the AWS environment section.
- AWS_HOST_CONFIG: the host AWS CLI configuration. For more information, see Configuring settings for the AWS CLI.
- AWS_REGION: the AWS region where your EC2 instances and RDS databases are located. This flag is optional. If you don't provide this flag, assets from all enabled AWS regions are discovered.
- AWS_SERVICE_NAME: the AWS service name (
rdsorec2). This flag is optional. If you don't provide this flag, both EC2 instances and RDS databases are discovered.
The output should look similar to the following:
[+] Collecting EC2...
Collecting region eu-west-1
Collected 73 EC2 instances
[+] Collecting RDS...
[+] Collecting region eu-west-1
[✓] Collected 1 DB instances
[✓] Collected total of 1 DB instances
[✓] Collection completed.
When the discovery finishes, review the collected data by running the discover ls
command.
Linux
./mcdc discover ls
Windows
mcdc.exe discover ls
Optionally, use the --asset-types parameter to display only VMs or databases.
For example, run discover ls --asset-types=vm to display only VM instances,
or discover ls --asset-types=db to display only databases.
The output should look similar to the following:
VM Assets
PLATFORM VM ID NAME COLLECTED DATA OS IP ADDRESSES
i-011d6234b5769fe2a abc-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.1
i-08f7e5e469508460f def-rhel9.0-arm AWSVM Red Hat Enterprise Linux 192.0.2.2
i-09e28bb6eggg94db8 ghi-ol9.3 AWSVM Linux/UNIX 192.0.2.3
Database Assets
GENERATED ID PROVIDER ENGINE
arn:aws:rds:eu-west-1:12345678912:db:abc-sqlserver RDS SQL Server
What's next
- Learn how to run a guest discovery.
- Learn how to export collected data to Migration Center.