Actions menu - Application Migration Service

Add MGN connector Edit connector Delete MGN connector Actions menu

Use the actions menu to manage your MGN connector.

Topics

Add MGN connector
Edit connector
Delete MGN connector
Actions menu

Add MGN connector

To add an MGN connector, click Add MGN connector, to open the Add MGN connector page. Set up your MGN connector by providing the following:

Connector name: The MGN connector name is used to identify the connector. This field is mandatory, and limited to 256 characters. The name must be unique (case-insensitive) per account per Region.
Obtain the SSM hybrid activation parameters (installation key and ID), which is required in order install the SSM agent on the MGN connector. For more information on SSM activation parameters see here.
- In the SSM hybrid activation set the AWSApplicationMigrationConnectorManagementRole in the management account.
- Activation setting → select an existing IAM role → AWSApplicationMigrationConnectorManagementRole
- See the permissions page for the required permissions of AWSApplicationMigrationConnectorManagementRole.
Temporary IAM credentials of the MGNConnectorInstallerRole role that you created here.
- Request temporary security credentials through AWS STS through the AssumeRole API.
- Learn more about how temporary credentials work.

To download the MGN connector software, use the following commands:

Download the installer command - Copy and paste the command into the command prompt of the server you’ve designated for the MGN connector. This will download the AWS MGN installer.
Copy and paste this command into the command line on your MGN connector - Copy and paste the command into the command prompt of the same server. This will install the AWS MGN connector software.

After the MGN connector is installed it automatically begins communicating with the console and appears in the MGN connectors list.

Next, you must register source servers to the MGN connector.

You may install multiple MGN connectors to handle large amount of source servers or multiple data centers. Each MGN connector is able to handle up to 500 source servers. AWS MGN supports up to 50 MGN connectors per account per region.

Edit connector

To edit an MGN connector, click Edit. When the Edit MGN connector page opens, you can modify the MGN connector name and tags.

To finalize your changes, click Save changes.

Delete MGN connector

To delete an MGN connector, click Delete. When the Delete MGN connector dialog opens, verify that you want to delete the selected MGN connector. Once an MGN connector is uninstalled, it can no longer be used to manage your source servers.

Note

Deleting the MGN connector will disassociate the servers from the MGN connector, but will not delete them from servers inventory.

The Actions menu allows you to perform various actions on the selected MGN connector.

Register server credentials
- Once you have the MGN connector set up and ready to use, you can register source servers to the MGN connector. To do so click on the MGN connector name, then click “Register servers“.
- The servers list contain the source servers that were imported via the import feature or discovered by the agentless replication process.
- Select the source servers you want to register to the MGN connector. Click the "Register servers with the MGN connector" button.
- In order to perform actions on your source server, you must provide source server credentials. Server credentials are stored in AWS Secrets Manager. You can use an existing secret from the AWS Secrets Manager or create a new one.
  - Use existing secret
    
    Using AWS Secrets Manager AWS MGN can use the stored source server credentials and API keys in order to connect to the source machine and perform actions on it. You must specify the secret that stores the source server credentials, using an existing secret.
    
    You may designate the same secret for multiple source servers, if they share the same credentials.
    
    Be sure to add the AWSApplicationMigrationServiceManaged tag to the secret. The value is ignored, and may be left empty.
  - Create new secret
    
    Secret name - Enter a name for your new secret. The name you specify will be saved in AWS Secret Manager.
    
    Encryption key - To encrypt, either use the KMS key provided by Secret Manager or create your own customer managed KMS key.
    
    For Windows servers:
    
    Communication protocol – the protocol used for communication between the MGN connector and source servers. Using HTTPS is recommended to ensure secure and encrypted communication between the MGN connector and the source servers.
    
    UserName – A user that is authorized to install the agent and perform actions on the source server.
    
    Password – The specific source server's password.
    
    CertificateAuthority (Optional) - The certificate authority to validate during the WinRM connection.
    
    For Linux servers:
    
    UserName – A user that is authorized to install the agent and perform actions on the source server.
    
    Provide one of the following:
    
    Password – The specific source server's password.
    
    PrivateKey – The source server’s private key.
    
    HostKey (Optional) – include the host key to validate it during SSH connection.
    
    Tags - Secret key-value pairs will be assigned to the new secret. Note that AWSApplicationMigrationServiceManaged tag will also be added.
    
    Here is the structure of the secrets manager entry:
    
    { "WinUserName":"windows_username", "WinPassword":"windows_password", "WinCertificateAuthority":"", "WinCaValidation":false, "LinuxUserName":"linux_username", "LinuxPrivateKey":"linux_private_key", "LinuxHostKey":"linux_host_key", "LinuxHostKeyValidation":false }
  - Note
    The CA/HostKey validation is turned on by default, indicated by the validation flag being set to true. Provide the CA or HostKey in the json for validation. If you don’t provide it, you must explicitly disable validation by setting the validation flag to false. The key algorithm in HostKey, must be provided in the following format:
    "HostKey": "algorithm_name thumbprint"
    List of supported algorithms: "ssh-ed25519", "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "rsa-sha2-512", "rsa-sha2-256", "ssh-rsa", "ssh-dss"
Once you have defined the credentials for your source servers, you can use the MGN connector to perform actions on them.
The Verify prerequisites action ensures the AWS replication agent can be installed on each of the source servers. The verification process ensures there’s enough disk space, RAM and CPU for installing the AWS replication agent.
Following the prerequisite check, you can proceed to install the replication agent, to start your migration execution.
After performing an action, you can view the command history for information on the command status.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Interacting with the MGN connector page

MGN connector details