DEV Community: Nam La

Migrate Droplet from DO to AWS using AWS Migration Application Service (MGN)

Nam La — Mon, 29 Dec 2025 08:51:36 +0000

I. Preparation

Before you begin, make sure you have the following information and permissions:

AWS Account: Activated and authorized to create EC2, VPC, and MGN.
DigitalOcean Account: Root access (SSH) to the Droplet to be migrated.
AWS IAM User: Create an IAM User with the AWSApplicationMigrationAgentInstallationPolicy permission to obtain the Access Key ID and Secret Access Key.

II. Steps

Step 1: Initialize the VPC

Initialize the VPC as the environment for the server to migrate to AWS.

Go to VPC → Create VPC to create a VPC with the following configuration:

Verify the VPC after initialization.

Step 2: Initialize AWS MGN

If this is your first time using MGN in this Region, you need to initialize the service:

Log in to the AWS Console.
Search for and select the AWS Application Migration Service.
Click Get started to initialize MGN:

On the Replication settings screen → Edit, configure the template for the Replication instance:

Staging area subnet: Select the subnet in the VPC that you want to use to receive temporary data.
Replication Server instance type: Select the instance type that suits your needs; it will usually have a configuration equivalent to the server on DO.
Leave the remaining items as default.

Click Save template.
Go to Launch template → Edit to configure Launch template.

Uncheck "Activate instance type right-sizing" to customize the configuration.

Select SG and instance type.

Step 3: Install the Replication Agent on the DigitalOcean Droplet

This step connects the Droplet to AWS. You need to SSH into your Droplet and change the password for the "root" account.

Note: You need to back up your server on DO before proceeding.

In the AWS MGN Console, select the Source servers menu.
Click the Add server button.
Select the operating system (Linux or Windows). For example, select Linux.
Copy the two commands provided by AWS to download and install the Agent. They will look like this:

sudo wget -O ./aws-replication-installer-init https://aws-application-migration-service-ap-southeast-1.s3.ap-southeast-1.amazonaws.com/latest/linux/aws-replication-installer-init

sudo chmod +x aws-replication-installer-init; sudo ./aws-replication-installer-init --region ap-southeast-1

After running the command, enter the Access Key ID & Secret Access Key and select the hard drive to sync to AWS. The installation process will then take approximately 5-10 minutes to complete, and the AWS Replication Agent will begin replicating data to AWS.

Step 4: Configure Launch Settings (Configure the Target Server)

After installing the Agent, the Droplet will appear in the list of Source servers on AWS MGN. At this point, AWS is starting to synchronize data (Initial Sync). While waiting, configure the target server (an EC2 will be created).

Click on the server name that appears in the list.
Select the Launch settings tab.
In the EC2 Launch Template section, click Edit.
The Launch Template window will appear; you need to edit the important parameters for the target server:
- Instance Type: Select the desired server configuration (e.g., t3.medium, c5.large,...)
- Subnet: Select the subnet where EC2 will officially run.
Save the Launch Template.

Step 5: Launch Test Instance

5.1 Launch Test Instance
This step will guide you on how to launch a test instance after the data migration process is complete.

Wait for the replication process to complete; the Migration lifecycle column will show "Ready for testing" and the Data replication status will show "Healthy".
Tick Server → Test and cutover → select Launch test instances.

Lifecycle will now switch to Test in progress.

5.2 Verify Test instance
This step will verify that the created test instance has been successfully tested.

Wait for the test instance launch process to complete; MGN will display a notification like the one shown in the image.
In EC2, you will see an EC2 instance with a hostname similar to the Source Server that has been created.
Go to MGN → Launch history to view the test instance launch log.

5.3 Launch Cutover
This step will perform a cutover to launch the official EC2 instance.

Go to MGN → select server → Test and cutover → Mark as Ready for cutover to delete the test instance.
Wait for the migration lifecycle to change to Ready for cutover → click Test and cutover → Launch cutover instances

5.4 Verify the Cutover process and check that the data has been migrated.

Upon accessing EC2, you will see that MGN has created an EC2 instance configured according to the Launch template. This EC2 instance was created from snapshots that were replicated previously.

5.5 Finalize cutover
The finalize cutover will mark the end of the migration process, and MGN will stop data from the source to AWS.

Done!

I will address the issues encountered during the migration process in a later article. Thank you for taking the time to read.

Budget Controls for AWS: Automatically Manage Your Cloud Costs

Nam La — Wed, 17 Sep 2025 10:04:34 +0000

If you are new to AWS, you may be wondering how you can learn and experiment with cloud services while keeping your spend under your control. Budget Controls for AWS is an open-source solution designed to solve this problem. This solution was designed for customers new to AWS with no prior experience. It automatically watches your spending and takes actions you define when costs reach certain thresholds.

The solution uses a custom tag named BudgetControlAction which is automatically applied to supported resources. The allowed case-sensitive values for this tag are Inform, Stop, and Terminate.

The default value is Inform. When the budget is consumed and the actions are triggered, with this value set, the account owner is simply reminded that this resource is in use, and no further action is taken.
The next allowed value is Stop. If this value is set by the account owner, when the actions are triggered, this will stop the resource. The resource will no longer generate charges, and can be restarted whenever the account owner wishes. Note, any service dependencies, such as storage attached to compute instances, will continue to generate charges.
The last allowed value is Terminate, which is destructive. When the actions are triggered, resources with this tag value will be permanently deleted. This value should be used for test or development resources that can be easily recreated later. As a reminder, this action is permanent, and not reversible.

The Budget Controls for AWS solution can be found on Github at https://github.com/awslabs/budget-controls-for-aws.

Deploying the solution

Step 1: Create Stack in CloudFormation
The file named budgetcontrol_resources.yaml is an AWS CloudFormation template that you will use to deploy the solution.
Note: The Budget Controls for AWS solution runs in a single region.

Click Next, and you will be taken to the Specify stack details page. Supply the required parameters for the stack. Pay attention to spending values and email feedback information.

Step 2: Managing the tag values
Entering a new value for the tag. I use the "Stop" value so that when the spending threshold is reached the tagged resource will stop.

Check if resource is tagged or not? Here I have tagged a running ec2 instance.

Actions taken once budget is spent

When your budget is 80% consumed, an email will be sent. No further actions will be taken.
When your budget is 90% consumed, AWS Budgets will send a message to an SNS topic, which causes the workflow to execute.
By default the workflow is triggered at 90% of the budget. You may change this default behavior to trigger at 100% by manually editing the budget in the Billing and Cost Management console, under Budgets.
After the workflow has executed, the resources can be restarted or rebuilt as desired. Unless the budget is changed to a higher amount, it will only trigger the workflow at most once each month. When the budget is reset on the first day of the next month, it will not change the state of any resources.

Note: OpenSearch clusters cannot be stopped; they can only be deleted. Therefore, "Terminate" is the only tag value that will result in a destructive action for OpenSearch clusters. Values of "Inform" and "Stop" will simply report that the resource is in use.

Thank you!

MASTERING AWS COSTS Simple, Effective Strategies

Nam La — Tue, 05 Aug 2025 07:53:27 +0000

This is my presentation at AWS Community Day Vietnam 2025

Optimize AWS Costs Effectively with Service Screener

When using Amazon Web Services (AWS) cloud services, cost control and optimization is one of the top priorities for every individual and organization. And today I will introduce a useful tool that helps us evaluate and improve the system on our AWS environment, which is Service-Screener.

Service-Screener is an open source tool from AWS that allows us to automatically scan our entire AWS environment. It will provide recommendations based on AWS best practices for Security, Reliability, Performance, and Cost Optimization.

Why use Screener?

Security: Detect potential security vulnerabilities and suboptimal configurations.
Reliability: Ensure systems are built to be stable and resilient.
Cost Optimization: Report on opportunities to reduce costs without compromising performance.
Operational Excellence: Improve operational processes and manage your AWS environment effectively.
Performance Efficiency: Ensure resources are used in the most efficient way.

Deploy screener for organization

I will leave the demo video below

Suppose there is an organization with many member companies, each company is an aws account that joins the same Organization. We will call the member accounts User Accounts and the organization's administrative account Management Account.
The steps are as follows:

I. Create IAM Role
Need to create IAM Role on User Accounts and declare External ID. Enter ID information of the administrator account (root). Finally, assign it "ReadOnlyAccess" permission and set RoleName as:"ServiceScreenerAssumeRole" or any value.

II. Create Stackset
On Management Account create Stackset in CloudFormation with External ID value & RoleName declared above.
I will leave the crossAccountRoleCF.yml file information here: "https://github.com/aws-samples/service-screener-v2/blob/main/usecases/crossAccounts/crossAccountRoleCF.yml"

III. Install Screener
Proceed to install Service-Screener on Management Account
cd /tmp python3 -m venv . source bin/activate python3 -m pip install --upgrade pip rm -rf service-screener-v2 git clone https://github.com/aws-samples/service-screener-v2.git cd service-screener-v2 pip install -r requirements.txt python3 unzip_botocore_lambda_runtime.py alias screener='python3 $(pwd)/main.py'
"https://github.com/aws-samples/service-screener-v2"

IV. Create configuration file
After completing the installation, proceed to create configuration file to select the accounts to scan.
python3 organizationAccountsInit.py

Enter the RoleName & ExternalID values as set above. In case the Role name has been set to the same value, press Enter to skip.

V. Scan
After completing the above steps, Screener will suggest a script to scan the selected accounts.

screener --region ALL --crossAccounts 1

The tool will use the crossAccounts.json file to perform AssumeRole on each member account and scan. The results will be aggregated and displayed in a single report. Download the file to see the results displayed on the .html file.

Video Demo: "https://drive.google.com/file/d/19OK4hZWZeVhVYSNN4K8_YbJ0jJ31mveO/view?usp=sharing"

Thanks for your time. I hope you enjoy it.

[AWS] Cloud Financial Management (CFM)

Nam La — Thu, 03 Jul 2025 08:47:53 +0000

Cloud financial management (CFM) is not just about controlling costs, but also about transforming existing financial processes to ensure cost transparency, better control, rational planning, and optimization in the AWS (Amazon Web Services) environment. Cloud financial management (CFM) is not just about reducing costs, but also about leveraging the agility, innovation, and scalability of AWS to maximize the value that the cloud brings to the business.

## Key Components of AWS CFM
AWS CFM is built on four key pillars: Culture Change, Platform, Visualization, and Service Optimization. Each component plays a critical role in achieving cost efficiency and financial governance in the cloud.

1. Culture Change

Implementing CFM requires a change in organizational culture to promote cost awareness and accountability:

Build CFM Strategy
Foster Cost-Aware Culture
Create Communication Channels
Ongoing Education

2. Foundations

Here are the basic technical steps to get started with cost management.

Setup Budgets: Set limits and track spending.
Setup Cost Anomaly Detection: Detect unusual costs and set alerts.
Setup Tagging Strategy: Build policies and implement resource tagging to easily allocate costs.
Use AWS Trusted Advisor: Review cost optimization recommendations and implement changes.
Enable AWS Compute Optimizer: Analyze usage patterns and optimize computing resources..

3. Visualizations

Visualization tools provide insights into cloud spending and usage:

AWS Cost Explorer: Analyze and forecast AWS costs and usage trends.
Cloud Intelligence Dashboards: Use interactive dashboards to monitor cloud resources in real time.
AWS Data Exports: Export AWS data for external analysis and reporting to support decision making.

4. Service Optimization

Optimizing specific AWS services is key to reducing costs while maintaining performance:

Rightsizing: Adjust EC2, RDS, EBS to match workload needs, eliminating inefficiencies.
Optimize Storage: Use S3 and Glacier to store and tier data, reducing storage costs.
Reserved Instances (RIs) and Savings Plans: Apply long-term pricing models for stable workloads to save significant costs.
Idle Resource Management: Monitor and turn off unused or idle resources.
Auto-Scaling: Automatically scale resources based on actual demand to optimize costs.
Best Practices: Apply cost-saving strategies such as using spot instances or optimizing data transfer costs.

5. Benefits of AWS CFM

Implementing CFM brings many practical benefits to organizations:

Reduce Total AWS Costs: Systematic optimization leads to significant cost savings.
Increase Resource Utilization: Ensure compute and storage resources are used efficiently.
Improve Cost Visibility: Tools like AWS Cost Explorer provide clear visibility into spending trends.
Proactive Cost Management: Real-time monitoring and alerts help prevent budget overruns.
Continuous Optimization Process: Establish a sustainable process to maintain long-term cost efficiency.
Increase Cost Awareness: Create a culture of financial accountability across the organization.

6. Implementing AWS CFM: A Structured Approach

To successfully implement CFM, organizations should follow a structured approach that includes three phases:

Engagement Launch:

Define cost optimization goals and plan for savings.
Establish communication with stakeholders and identify application owners responsible for managing costs.

Prepare & Test Cost Optimization Plan:

Develop a detailed plan with specific actions and timelines.
Test the feasibility and effectiveness of the plan before implementation.

Optimization Execution:

Apply optimization strategies such as resource scaling or using RIs/Savings Plans.
Monitor results and adjust as needed to achieve the desired cost reduction.

AWS Cloud Financial Management is essential for organizations looking to maximize the value of their cloud investments. It's not just technical tools, it's a combination of people, processes, and technology.

[AWS] Cost optimize when using Amazon EC2

Nam La — Tue, 29 Apr 2025 10:52:45 +0000

Hello everyone,

Amazon Elastic Compute Cloud (EC2) is a core AWS service, providing flexible and powerful computing capabilities. However, EC2 costs can escalate if not managed effectively. Based on the AWS cost analysis document from partner, here are practical methods to optimize EC2 costs while maintaining performance.

1. Remove Unused Resources

- Delete Unused Elastic IPs
Elastic IPs are static IP addresses allocated to EC2 instances. If not attached to a running instance, they still incur charges. According to the image, removing unused Elastic IPs can save significantly

Specific Actions:

Check the list of Elastic IPs in the AWS Management Console (VPC > Elastic IPs).
Identify IPs not attached to any instance or resource.
Delete unnecessary IPs after ensuring they won’t impact the system.

- Delete Unused EBS Volumes
Elastic Block Store (EBS) volumes are storage disks attached to EC2 instances. Unused volumes still incur costs.The image highlights that deleting 9 unused EBS volumes:

Specific Actions:

Use the AWS Console (EC2 > Volumes) to list volumes in the "Available" state (not attached to any instance).
Evaluate whether the volume is still needed before deleting.
Remove unused volumes to avoid unnecessary costs.

2. Optimize Savings Plans Usage

Savings Plans are an AWS pricing model that reduces costs by committing to a certain level of resource usage. However, underutilizing these commitments can lead to waste. The image that some Savings Plans have low utilization rates (as low as 13% for certain plans), resulting in inefficient spending.

Specific Actions:

Check Savings Plans utilization: Use AWS Cost Explorer to review the utilization rate of Savings Plans. Plans with utilization below 100% (e.g., 32% or 38%) indicate underused EC2 resources.
Adjust Instance Types: Switch to instance types that better match actual needs. For instance, if a Savings Plan for "r6g" instances is only 31% utilized, consider switching to "t3" or other types with lower demand.
Assess usage needs: Conduct a survey of EC2 usage purposes to ensure instance types and Savings Plans align with workload requirements.

3. Review and Optimize EC2 Resource Usage

- Reduce Data Transfer Costs
Data Transfer costs related to EC2 can spike due to data movement between Availability Zones (AZs) or through Elastic IPs/Elastic Load Balancers (ELB).

Specific Actions:

Consolidate resources to a single AZ: Move EC2 instances to the same AZ to reduce inter-AZ data transfer costs.
Use CloudFront: Integrate AWS CloudFront to cache and distribute static content, reducing direct data transfers from EC2.
Review ELB configuration: Ensure ELB only serves necessary requests to avoid excessive data transfers.

- Optimize CloudWatch for EC2
CloudWatch is used to monitor EC2, but frequent API calls like GetMetricData can inflate costs.

Specific Actions:

Reduce metric volume: Review and limit the number of metrics collected from CloudWatch to only those essential for monitoring.
Adjust collection frequency: Decrease the frequency of GetMetricData API calls, e.g., from every minute to every 5 minutes if real-time data isn’t required.
Use CloudWatch Logs Insights: Instead of continuous API calls, leverage tools like CloudWatch Logs Insights for more efficient log analysis.

4. Choose the Right Instance Type

Selecting the appropriate instance type is critical for cost optimization. The document suggests adjusting instance types to align with purchased Savings Plans, particularly when types like "t3" have lower costs than committed plans.

Specific Actions:

Use AWS Compute Optimizer to get recommendations for instance types based on workload patterns.
Switch to newer-generation instances (e.g., t3, m5) if using older types (e.g., t2, m4) for better performance at lower costs.
Consider Spot Instances for non-critical workloads, which can save up to 90% compared to On-Demand pricing.

5. Conclusion

Optimizing EC2 costs on AWS not only reduces expenses but also improves resource efficiency. Based on partner’s document, key actions include:

Deleting unused Elastic IPs and EBS volumes to save $280.86/month immediately (Excerpt from actual project document).
Optimizing Savings Plans by adjusting instance types and reviewing utilization rates.
Reducing Data Transfer and CloudWatch costs through resource reconfiguration and adjusted data collection frequencies.
Selecting instance types that align with actual needs.

Note: Before making changes, thoroughly evaluate potential impacts to ensure system operations remain unaffected. Leverage tools like AWS Cost Explorer and Compute Optimizer to support the optimization process.

Thank you very much!