NEW - You can now accelerate your migration and modernization with AWS Transform. Read [Getting Started](https://docs.aws.amazon.com/transform/latest/userguide/getting-started.html) in the *AWS Transform User Guide*.
# EC2 launch template
AWS Application Migration Service utilizes EC2 launch templates to launch test and cutover EC2 instances for each source server.
The EC2 launch template is created automatically for each source server that is added to AWS MGN upon the installation of the AWS Replication Agent.
**Note**
AWS MGN selects defaults to provide the best performance while migrating your servers to AWS. We recommend you review the EC2 launch template to ensure the selected templates are suitable for your use case.
You cannot use the same template for multiple servers.
The Launch template can only be edited from the Amazon EC2 console.
Many EC2 launch template settings can be changed, but some may not be used by the AWS MGN launch process and some may interfere with IT. [Learn more about individual launch template settings.](detailed-considerations.md)
**Important**
You must set the EC2 launch template you want to use with AWS MGN as the **default** launch template.
The EC2 launch template does not automatically set a specific subnet. As such, EC2 attempts to launch in a subnet within the default VPC. If you have removed your default VPC, EC2 fails to launch any instance for which there is no valid subnet specified. Ensure that you specify a subnet if that is the case, or AWS MGN instance launch fails.
The AWS MGN EC2 launch template panel shows a summary of the key template values. To view all the values or to change any of them:
1. Click **Modify**.
1. When the **About modifying EC2 launch templates** dialog appears, click **Modify**.
This redirects you to **EC2 > Launch templates > Modify template** in a new tab, where you'll be able to make any necessary changes.
Learn more about EC2 launch template settings and configuration options in [this EC2 article](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html).
# Selecting the default template
AWS MGN uses the version of the Launch template that is marked as default.
In order to select the default launch template, on the **Modify template (Create new version)** page, under the **Launch template name and version description** category, open the **Source template** menu and choose the EC2 launch template you want to use as the default template from the drop-down menu.
Every time you modify the Launch template, a new version of the launch template is created. You are notified that the Launch template has been modified and that a new version (version number) has been created. Make sure to take note of the version number and the **Launch template ID** so that you could easily identify your launch template and version.
**Note**
It's good practice to delete versions of the launch template that you no longer need.
To set the new version of your launch template as the default:
1. Navigate back to the main **EC2 > Launch templates** page.
1. Choose your launch template by selecting the toggle to the left of the **Launch template ID**.
1. Open the Actions menu and choose **Set default version**.
1. Select the **Template version** from the drop-down menu and then choose **Set as default version**.
The Amazon EC2 console confirms the version change.
# Launch template cleanup and fixing
AWS Application Migration Service (AWS MGN) runs a mechanism every hour to ensure that the settings selected are correct. This mechanism can fix issues such as an incorrect instance type, but it cannot fix other settings and augmentations. Ensure that you follow the instructions in the following sections and do not change or edit any fields that should not be changed.
If you encounter any issues with the launch template, you can negate all of your changes and fix all issues rapidly by choosing the original default launch template that was first automatically created by Application Migration Service upon Agent installation.
# Launch template key considerations
There are several key considerations when configuring your EC2 launch template. Review these key considerations as well as the [full launch settings](detailed-considerations.md) before creating your launch template.
1. **Instance Type** – Ensure that you select an instance type that matches the hardware requirements of your source server. AWS Application Migration Service always utilizes the instance type that is set on the Amazon EC2 launch template unless the **Instance right-sizing** feature is activated.
**Note**
If you change your instance type and do not deactivate the instance right-sizing feature, then AWS Application Migration Service uses the instance type determined by the **Instance right-sizing** feature and not the instance type you chose in the EC2 launch template. Application Migration Service verifies the instance type once per hour, as a result, if you did not deactivate the instance right-sizing feature, the first time instance launch may still utilize the instance type you set in the EC2 launch template, but any subsequent launches use the right-sizing instance.
The available capacity for each Amazon EC2 instance type varies by Availability Zone and Region, and may be subject to your specific AWS account limits. For mission-critical workloads consider using [Reserved Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-reserved-instances.html) to guarantee capacity for specific instance types. Note that additional costs apply when reserving capacity.
1. **Subnet** – You can select an existing subnet or create a new subnet.
**Note**
Customers that do not have a default VPC must modify the EC2 launch template and explicitly define the subnet in which to launch. Failure to do so results in errors when launching test or cutover instances.
1. **Private IP** – If you use the **Copy private IP** feature, then do not add your own IP to the EC2 launch template. Private IP is not supported for IPv6.
1. **Private IP and Subnet** – Each subnet contains a CIDR block of IP ranges. If you use the **Copy private IP** feature, then ensure that this IP is included in the CIDR block range. Otherwise, instance launch fails.
1. **Private IP and ENI** – Make sure that you deactivate the **Copy private IP** feature if you wish to define an ENI to use on the EC2 launch template.
1. **Network interfaces** – The EC2 launch template only supports two network interfaces. If you require more than two network interfaces, you need to define them after the test or cutover instance has been launched. This can be done through a post launch action.
If you wish to use an Elastic IP, you must create an ENI to specify the IP and then edit the Network interfaces to use the ENI. Learn more about working with Amazon Elastic Inference in [this Developer Guide article.](https://docs.aws.amazon.com/elastic-inference/latest/developerguide/working-with-ei.html)
1. **Networking platform** – AWS Application Migration Service only supports **Virtual Private Cloud (VPC)**. EC2-Classic is **not** supported. Do **not** add any security groups under the network platform.
1. **Custom device name** – Do not alter this field. AWS Application Migration Service uses the device name as defined on the source server in order to map disks on the test or cutover instance. You can use this field to identify your disks.
1. **Disks** – You cannot add disks to the EC2 launch template. Any disks that are added that do not exist on the source machine are ignored by AWS Application Migration Service.
1. **Launch template name** – Do not alter this field. AWS Application Migration Service automatically names this field.
1. **System tag** – Do not alter this field. Application Migration Service automatically adds system tags that match the EC2 launch template to the specific source server. You can recognize which source server the launch template is matched with by the **ID** field.
1. **Automatic cleanup** – Application Migration Service deletes the EC2 launch template and launch configuration for machines that have been disconnected from AWS Application Migration Service or machines for which the cutover has been finalized 90 minutes after disconnect or cutover finalization. This aids in ensuring that your account does not surpass the AWS 5000 EC2 launch template limit.
1. **Volumes** – For each EBS volume, the service uses the user-selected values. If no matching volume exists in the launch template, the service uses the default value. If the launch template includes a volume that does not exist in the source server, the system disregards the specific volume.
If you delete the EC2 launch template, the service creates a new one with default values.
**Note**
If you wish to set a KMS key, you should do so through the [EBS Encryption ](replication-server-settings.md#ebs-encryption)section of the replication settings within the AWS Application Migration Service console.
# Full launch template setting review
This section reviews the entire EC2 launch template and identifies which fields should and should not be changed in order for the EC2 launch template to work with Application Migration Service. Editing or changing any fields that are marked as "do not edit" or "do not change" can cause AWS Application Migration Service to not function.
+ **Launch template name** – This name is automatically generated when the template is first created upon Agent installation. The name cannot be changed.
+ **Template version description** – You can give the template any description you wish.
+ **AMI** – Customers do not typically choose a specific AMI to include in the launch template. If you edit the launch template to use an existing AMI, the contents of the AMI are not used by AWS Application Migration Service. If the AMI is not configured properly (licensing, flags, and more), then this may prevent the test or cutover instance launched from booting correctly or from being properly licensed.
+ **Instance type** – You can select any instance type you want. The launch template shows the instance type suggested by AWS Application Migration Service.
+ **Key pair (login)** – **Do not** alter this field. Do not include a key pair with the launch template.
+ **Networking platform** – Be sure to select **Virtual Private Cloud (VPC)**. **EC2-Classic** is **not** supported.
+ **Security groups** – **Do not** add Security group here. This field should remain blank. You can add security groups later under **Network interface**.
+ **Storage (volumes)** – This section shows all of the disks that you chose to replicate from your source server upon AWS Replication Agent installation.
**Important**
Initial settings for EBS volumes are not derived from activity on the Source Server. Default values are chosen to give maximum performance on first launch.
Each disk is composed of the following fields:
+ **Storage type** – Shows the default volume type (EBS). This cannot be changed.
+ **Device name** – **Do not** change or edit this field. The device name shown here corresponds to the disk name on the source server. This field allows you to identify which disk is which.
+ **Snapshot** – **Do not** change or edit this field. Snapshots should not be included in the launch template.
+ **Size** – **Do not** change or edit this field.
+ **Volume type** – You can select any volume type you want to use. AWS Application Migration Service automatically sets **General Purpose SSD (gp3)** as the default. You may want to change the volume type in order to reduce costs. Ensure that you read the caveats in the [EBS documentation](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSPerformance.html#initialize).
+ **IOPS** – Set the number of I/O operations per second that the volume can support. You can select any number as long as it matches the [EBS guidelines](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html).
+ Provisioned IOPS SSD (io1) : 50 IOPS per GiB of storage
+ Provisioned IOPS SSD (io2) : 500 IOPS per GiB of storage
+ General Purpose SSD (gp3) : 500 IOPS per GiB of storage
AWS Application Migration Service automatically provisions the maximum IOPS possible for the volume, based on the above ratio. This is to minimize the impact of the [performance penalty](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSPerformance.html#initialize) when working with EBS volumes created from snapshots.
+ **Delete on termination** – Do **not** change or edit this field. This should not be included in the launch template.
+ **Encrypted** – **Do not** change or edit this field. This should not be included in the launch template.
+ **Key** – **Do not** change or edit this field. This should not be included in the launch template.
+ **Add volume** – **Do not** use this functionality. You cannot add volumes to the source server through the launch template.
+ **Remove (volume)** – **Do not** use this functionality. You cannot remove volumes from the source server through the launch template. If you do, AWS MGN automatically creates a volume using the default volume settings.
+ **Resource tags** – You can add up to 50 tags. These are transferred to your test and cutover instances. Note that these tags may interfere with other tags that have already been added to the source server. Launch template tags always take precedence over tags set in the AWS MGN console or tags manually assigned to the server.
+ **Network interfaces** – The network interface is created by default based on your replication template. The network interface section is composed of the following fields:
+ **Device index** – **Do not** change or edit this field. The value should always be "**0**".
+ **Network interface** – Use this option only if you want use a pre-existing ENI (Elastic Network Interface). The Launch Template overwrites certain ENI settings. Use this if you want to add an Elastic IP. You have to attach the Elastic IP to the ENI.
**Note**
When selecting an pre-existing ENI, you must change the **Auto-assign public IP** value to **Don't include in launch template** for a successful target launch.
+ **Description** – Add an optional description for the network interface (if chosen).
+ **Subnet** – Choose the subnet. This is the subnet within which the network interface is located and the test or cutover instance is launched. AWS Application Migration Service selects the default VPC subnet by default (if one exists).
+ **Auto-assign public IP** - Choose whether you want the public IP to be auto-assigned.
+ **Primary IP** – Use this field if you wish to utilize a private IP. The private IP you set in the **Copy private IP** field in the AWS MGN launch settings is copied to this field.
+ **Secondary IP** - Define a secondary IP, if needed.
+ **IPv6 IPs** – Define IPv6 IPs if needed.
+ **Security groups** – Choose a security group. If no security group is chosen, then the default VPC security group is used by default.
+ **Delete on termination** – We suggest choosing "**Yes**". Choosing "**No**" makes this network interface a permanent ENI.
+ **Elastic Fabric Adapter** – **Do not** change or edit this field.
+ **Network card index** – **Do not** change or edit this field.
+ **Add network interface** – Note that the EC2 launch template only supports two network interfaces. If you require more than two network interfaces, you need to define them after the test or cutover instance has been launched. This can be done through a post-launch action.
+ **Advanced details** – In this section, we focus on the fields you should **not** change or edit in order to allow AWS Application Migration Service to function properly. **Do not** change or edit any of the following fields:
+ RAM disk ID
+ Kernel
+ Nitro Enclave
+ Metadata accessible
# Saving your EC2 launch template
Once you have finished editing your template, save it by choosing **Create template version** at the bottom of the template.