Create an IAM user Download the collector Deploy the collector

Deploying Application Discovery Service Agentless Collector

To deploy Application Discovery Service Agentless Collector, you must first create an IAM user and download the collector. This page walks you through the steps to take to deploy a collector.

Create an IAM user for Agentless Collector

To use Agentless Collector, in the AWS account that you used in Sign in to the Migration Hub console and choose a home Region, you must create an AWS Identity and Access Management (IAM) user. Then, set up this IAM user to use the following AWS managed policy AWSApplicationDiscoveryAgentlessCollectorAccess. You attach this IAM policy when you create the IAM user.

To use the database and analytics data collection module, create two customer managed IAM policies. These policies provide access your Amazon S3 bucket and the AWS DMS API. For more information, see Create a customer managed policy in the IAM User Guide.

Use the following JSON code to create the DMSCollectorPolicy policy.


{
    "Version": "2012-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Action": [
            "dms:DescribeFleetAdvisorCollectors",
            "dms:ModifyFleetAdvisorCollectorStatuses",
            "dms:UploadFileMetadataList"
        ],
        "Resource": "*"
    }]
}

Use the following JSON code to create the FleetAdvisorS3Policy policy.


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject*",
                "s3:GetBucket*",
                "s3:List*",
                "s3:DeleteObject*",
                "s3:PutObject*"
            ],
            "Resource": [
                "arn:aws:s3:::bucket_name",
                "arn:aws:s3:::bucket_name/*"
            ]
        }
    ]
}

In the preceding example, replace bucket_name with the name of the Amazon S3 bucket that you created in the prerequisites step.

We recommend that you create a non-administrative IAM user to use with Agentless Collector. When creating non-administrative IAM users, follow the security best practice Grant Least Privilege, granting users minimum permissions.

To create a non-administrator IAM user to use with Agentless Collector

In AWS Management Console, navigate to the IAM console, using the AWS account that you used to set the home Region in Sign in to the Migration Hub console and choose a home Region.
Create a non-administrator IAM user by following the instructions for creating a user with the console as described in Creating an IAM user in your AWS account in the IAM User Guide.

While following the instructions in the IAM User Guide:
- When on the step about selecting the type of access, select Programmatic access. Note, while not recommended, only select AWS Management Console access if you plan to use the same IAM user credentials for accessing the AWS console.
- When on the step about the Set permission page, choose the option to Attach existing policies to user directly. Then select the AWSApplicationDiscoveryAgentlessCollectorAccess AWS managed policy from the list of policies.
  
  Next, select the DMSCollectorPolicy and FleetAdvisorS3Policy customer managed IAM policies.
- When on the step about viewing the user's access keys (access key IDs and secret access keys), follow the guidance in the Important note about saving the user's new access key ID and secret access key in a safe and secure place. You'll need these access keys in Configuring Agentless Collector.
  
  It's an AWS security best practice to rotate access keys. For information about rotating keys, see Rotate access keys regularly for use cases that require long-term credentials in the IAM User Guide.

Download the Agentless Collector

To set up the Application Discovery Service Agentless Collector (Agentless Collector), you must download and deploy the Agentless Collector Open Virtualization Archive (OVA) file. The Agentless Collector is a virtual appliance that you install in your on-premises VMware environment. This step describes how to download the collector OVA file and the next step describes how to deploy it.

To download the collector OVA file and verify its checksum

Sign in to vCenter as a VMware administrator and switch to the directory where you want to download the Agentless Collector OVA file.
Download the OVA file from the following URL:

Agentless Collector OVA
Depending on which hashing algorithm you use in your system environment, download either the MD5 or SHA256 to get the file containing the checksum value. Use the downloaded value to verify the ApplicationDiscoveryServiceAgentlessCollector file downloaded in the preceding step.
Depending on your variation of Linux, run the version appropriate MD5 command or SHA256 command to verify that the cryptographic signature of the ApplicationDiscoveryServiceAgentlessCollector.ova file matches the value in the respective MD5/SHA256 file that you downloaded.
```
$ md5sum ApplicationDiscoveryServiceAgentlessCollector.ova
```
```
$ sha256sum ApplicationDiscoveryServiceAgentlessCollector.ova
```

Deploy Agentless Collector

Application Discovery Service Agentless Collector (Agentless Collector) is a virtual appliance that you install in your on-premises VMware environment. This section describes how to deploy the Open Virtualization Archive (OVA) file that you downloaded in your VMware environment.

Agentless Collector virtual machine specifications

The following procedure steps you through deploying the Agentless Collector OVA file in your VMware environment.

To deploy Agentless Collector

Sign in to vCenter as a VMware administrator.
Use one of the following ways to install the OVA file:
- Use the UI: Choose File, choose Deploy OVF Template, select the collector OVA file you downloaded in the previous section, and then complete the wizard.
- Use the command line: To install the collector OVA file from the command line, download and use the VMware Open Virtualization Format Tool (ovftool). To download ovftool, select a release from the OVF Tool Documentation page.
  
  The following is an example of using the ovftool command line tool to install the collector OVA file.
```
ovftool --acceptAllEulas --name=AgentlessCollector --datastore=datastore1 -dm=thin ApplicationDiscoveryServiceAgentlessCollector.ova 'vi://username:password@vcenterurl/Datacenter/host/esxi/'
```
  The following describe the replaceable values in the example
  - The name is the name that you want to use for your Agentless Collector VM.
  - The datastore is the name of the datastore in your vCenter.
  - The OVA file name is the name of the downloaded collector OVA file.
  - The username/password are your vCenter credentials.
  - The vcenterurl is the URL of your vCenter.
  - The vi path is the path to your VMware ESXi host.
Locate the deployed Agentless Collector in your vCenter. Right-click the VM, and then choose Power, Power On.
After a few minutes, the IP address of the collector displays in vCenter. You use this IP address to connect to the collector.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Prerequisites

Accessing the collector console