Rehost SQL server on Amazon EC2
With Rehost SQL server on Amazon EC2 template, you can rehost your SQL servers on-premises to Amazon EC2 using native backup and restore. You can also migrate databases that are encrypted with transparent data encryption.
This template must be used along with AWS Direct Connect. To use the template without AWS Direct Connect, send us an email at mh-orchestrator-interest@amazon.com with your AWS account number and AWS Region where you have registered the Migration Hub Orchestrator plugin.
Prerequisites
You must set up the source and target environments before creating a migration workflow.
Source environment setup
-
When configuring the Migration Hub Orchestrator plugin, ensure that the username that is provided to connect to your Windows machine has the
SYSAdmin
permission on the SQL server instance. -
Ensure that PowerShell is enabled on the server that contains your SQL server instance.
-
Install AWS.Tools on the server that contains your SQL server instance, with the following command.
Install-Module -Name AWS.Tools.Installer
For more information, see What are AWS Tools for PowerShell?
-
Create an IAM policy with the following permissions.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "kms:GenerateDataKey", "kms:CreateKey" ], "Resource": "*" } ] }
-
Configure a name profile for AWS Command Line Interface that uses the preceding IAM user. For more information, see Using AWS credentials.
-
Install the
DBA.Tools
module on your Windows machine, with the following command.Cmd: Install-Module dbatools
Target environment setup
-
(Optional)If you want to use BYOL for SQL server, use AWS VM Import/Export to import your VM image.
-
(Optional) Use AWS Launch Wizard to deploy your target SQL server.
-
Launch Wizard attaches the
AmazonEC2RoleForLaunchWizard
instance role by default when creating the target environment. -
After creating the target environment with Launch Wizard, attach the
AWSMigrationHubOrchestratorInstanceRolePolicy
managed policy toAmazonEC2RoleForLaunchWizard
. For more information, see AWS managed policies for Migration Hub Orchestrator.
-
-
If you are not using Launch Wizard to create your target environment, attach the
AWSMigrationHubOrchestratorInstanceRolePolicy
managed policy to your instance role. -
Add the following permissions to your instance role.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:GetObject", "kms:Decrypt", "s3:ListAllMyBuckets", "s3:ListBucket" ], "Resource": "*" } ] }
-
Create a username in your target SQL server with
SYSAdmin
permission. -
Provide credentials in AWS Secrets Manager for the username created in your target SQL server.
-
Sign in to https://console.aws.amazon.com/secretsmanager/
. -
On the AWS Secrets Manager page, select Store a new secret.
-
For Secret type, select Other type of secret and enter the following keys.
-
username
- enter your username -
password
- enter your password
-
-
Select Next and enter a name for the key pair beginning with
migrationhub-orchestrator-
.secretname123
Important The Secret ID must begin with the prefix
migrationhub-orchestrator-
and must only be followed by an alphanumeric value. -
Select Next and then, select Store.
-
Create a migration workflow
-
Go to https://console.aws.amazon.com/migrationhub/orchestrator/
, and select Create migration workflow. -
On Choose a workflow template page, select Rehost SQL server on Amazon EC2 template.
-
Configure and submit your workflow to begin migration.
Topics
Details
Enter a name for your workflow. Optionally, you can enter a description and add tags. If you intend to run multiple migrations, we recommend adding tags to enhance searchability. For more information, see Tagging AWS resources.
Application
Select the application you want to migrate. For more information, see Define applications.