MTV-2996: AWS EC2

[Jenny-Anne]

Jira: https://redhat.atlassian.net/browse/MTV-2996

Previews:

Planning guide:

Planning a migration of virtual machines from AWS EC2: https://forklift-documentation-git-fork-je-a0bdd0-yaacov-8047s-projects.vercel.app/downstream/documentation/doc-Planning_your_migration/master.html#assembly_planning-migration-aws_mtv

Migrating guide:

Migrating from AWS EC2: https://forklift-documentation-git-fork-je-a0bdd0-yaacov-8047s-projects.vercel.app/downstream/documentation/doc-Migrating_your_virtual_machines/master.html#assembly_migrating-from-aws_mtv

Summary by CodeRabbit

• Documentation
  • Added comprehensive AWS EC2 migration documentation, including planning guides, network and storage mapping procedures for both UI and CLI workflows.
  • Added AWS EC2 prerequisites and provider requirements reference.
  • Included step-by-step instructions for creating migration plans and managing migrations via the UI and command-line interface.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
forklift-documentation	Ready	Preview, Comment	May 21, 2026 2:35pm

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request adds comprehensive AWS EC2 virtual machine migration documentation to the Forklift documentation repository. It introduces prerequisites, provider setup workflows, network/storage mapping procedures, plan creation guidance, and CLI-based migration steps, organized into planning and migration guide assemblies.

Changes

AWS EC2 Migration Documentation

Layer / File(s)	Summary
Documentation attributes and shared definitions documentation/modules/common-attributes.adoc	Three AsciiDoc attribute variables (:aws:, :ec2:, :rosa:) added as global text substitution variables for consistent terminology across AWS migration documentation.
AWS EC2 prerequisites and requirements assembly integration documentation/modules/ref_aws-ec2-prerequisites.adoc, documentation/doc-Planning_your_migration/assemblies/assembly_provider-specific-requirements-for-migration.adoc	Reference module defines AWS EC2 migration prerequisites (OpenShift on ROSA/OSD, EBS CSI driver, same region/account, stopped instances, EBS-only storage, required IAM permissions) and integrates it into the provider-specific requirements assembly.
Source and destination provider procedures documentation/modules/proc_adding-source-provider.adoc	Extended to include AWS EC2 source provider workflow with Technology Preview disclaimer; destination provider section expanded to support AWS with credential/region configuration, cross-account options, and EBS CSI driver prerequisites.
Network mapping UI procedures documentation/modules/proc_creating-form-based-network-maps-ui-aws.adoc, documentation/modules/proc_creating-yaml-based-network-maps-ui-aws.adoc	Form-based and YAML-based procedures for creating ownerless network maps mapping AWS subnet IDs to OpenShift pod networks or Multus network attachment definitions.
Storage mapping UI procedures documentation/modules/proc_creating-form-based-storage-maps-ui-aws.adoc, documentation/modules/proc_creating-yaml-based-storage-maps-ui-aws.adoc	Form-based and YAML-based procedures for creating ownerless EBS storage maps mapping AWS EBS volume types to OpenShift storage classes via the EBS CSI driver.
Plan creation wizard procedure documentation/modules/proc_creating-plan-wizard-aws.adoc	Documents the MTV wizard workflow for creating AWS EC2 migration plans, covering provider/project selection, instance filtering, network/storage map configuration, optional hooks, and plan validation with Plan details tabs and supported limitations.
Planning assembly setup and master document integration documentation/doc-Planning_your_migration/assemblies/assembly_planning-migration-aws.adoc, documentation/doc-Planning_your_migration/master.adoc	Planning assembly with module metadata, Technology Preview disclaimer, context switching between source and destination providers, includes composing network/storage procedures and wizard documentation; integrated into planning master document between OVA and CNV guides.
CLI-based migration procedure and cancellation placeholder documentation/modules/proc_migrating-vms-cli-aws.adoc, documentation/modules/proc_canceling-migration-cli-entire.adoc	Step-by-step CLI workflow using oc apply manifests (credentials, Provider, NetworkMap, StorageMap, Plan, Migration), progress monitoring commands, and placeholder question about automatic resource cleanup on Migration CR deletion.
Migration assembly and master document integration documentation/doc-Migrating_your_virtual_machines/assemblies/assembly_migrating-from-aws.adoc, documentation/doc-Migrating_your_virtual_machines/master.adoc	Migration assembly composing UI and CLI migration/cancellation workflows; integrated into migration master document alongside other cloud provider migration guides.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• kubev2v/forklift-documentation#909: Edits the same proc_adding-source-provider.adoc procedure to parameterize the default project namespace as {namespace}.
• kubev2v/forklift-documentation#884: Adjusts how proc_canceling-migration-cli-entire.adoc is included/nested across "migrating-from-*" assemblies via leveloffset include wiring.

Suggested reviewers

• anarnold97
• jamsmithredhat

Poem

🐰 A rabbit hops through AWS clouds so high,
Mapping subnets to networks that fly,
With plans and providers all set in place,
VM migrations now run at a faster pace! 🚀

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'MTV-2996: AWS EC2' is extremely vague and generic. It references a Jira ticket ID but does not clearly convey what the changeset accomplishes.	Replace with a descriptive title that summarizes the main change, such as 'Add AWS EC2 migration documentation' or 'Document AWS EC2 to OpenShift migration workflows'.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@documentation/modules/common-attributes.adoc`:
- Line 20: The global attribute `:aws:` is currently defined as `:aws: AWS`
which breaks conditional gating; change the text-substitution attribute to a new
name (e.g. `:aws-name:`) and remove or leave `:aws:` undefined so
`ifdef::aws[]`/`ifndef::aws[]` conditionals work correctly—update
common-attributes.adoc to define `:aws-name: AWS` instead of `:aws:` and then
update any docs that reference the textual AWS name to use `:aws-name:` while
leaving `:aws:` reserved for conditional toggling used by
`ifdef::aws[]`/`:!aws:` blocks (also verify assembly_planning-migration-aws.adoc
and modules that rely on `ifdef::aws[]` now gate correctly).

In `@documentation/modules/proc_migrating-vms-cli-aws.adoc`:
- Line 78: Remove the unresolved SME review note and either add concrete
examples for creating network and storage maps using the oc mtv CLI or delete
the comment; specifically include representative oc mtv create-network-map and
oc mtv create-storage-map command examples (showing required flags such as
--source-network/--target-network and --source-storage/--target-storage, any
mapping file or inline mappings, and a brief expected-success output) so readers
can follow exact commands, or remove the SME marker entirely if you do not want
to include examples now.
- Around line 25-33: The example for the provider creation command currently
includes the insecure flag --provider-insecure-skip-tls by default; remove that
flag from the primary example (the `mtv create provider <provider_name> --type
ec2 --ec2-region <region> --username $EC2_KEY --password $EC2_SECRET` command)
and instead add a short separate note or alternate example showing the optional
use of --provider-insecure-skip-tls for cases where TLS validation must be
bypassed.

In `@documentation/modules/ref_aws-ec2-limitations.adoc`:
- Line 16: The doc statement "Cross-account migration is not supported"
conflicts with the provider procedure that documents a "Use cross-account
credentials" flow; decide which behavior is correct and make both modules
consistent. Either update this sentence in ref_aws-ec2-limitations.adoc to state
that cross-account migration is supported and reference the provider procedure's
"Use cross-account credentials" flow, or remove/adjust the cross-account
credentials flow in the provider procedure to match the limitation; ensure both
places use identical wording about cross-account support and, if supported, add
any prerequisites or limitations mentioned in the provider procedure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ab669ac6-aa00-443a-b8d0-c0d0c82a41ff

📥 Commits

Reviewing files that changed from the base of the PR and between bda3fde and 07c286f.

📒 Files selected for processing (12)

• documentation/doc-Migrating_your_virtual_machines/assemblies/assembly_migrating-from-aws.adoc
• documentation/doc-Migrating_your_virtual_machines/master.adoc
• documentation/doc-Planning_your_migration/assemblies/assembly_planning-migration-aws.adoc
• documentation/doc-Planning_your_migration/master.adoc
• documentation/modules/common-attributes.adoc
• documentation/modules/proc_adding-source-provider.adoc
• documentation/modules/proc_creating-form-based-network-maps-ui-aws.adoc
• documentation/modules/proc_creating-form-based-storage-maps-ui-aws.adoc
• documentation/modules/proc_creating-plan-wizard-aws.adoc
• documentation/modules/proc_migrating-vms-cli-aws.adoc
• documentation/modules/ref_aws-ec2-limitations.adoc
• documentation/modules/ref_aws-ec2-prerequisites.adoc

[coderabbitai]

Actionable comments posted: 5

♻️ Duplicate comments (1)

documentation/modules/proc_migrating-vms-cli-aws.adoc (1)

18-22: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Remove unresolved internal SME questions before publishing.

These inline authoring questions are still present in the user-facing module and should be resolved or removed before merge. See Line 18-Line 22.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@documentation/modules/proc_migrating-vms-cli-aws.adoc` around lines 18 - 22,
Remove the inline authoring questions (the four comment lines asking about
Secret/Provider, NetworkMap, StorageMap, and Plan manifests for AWS EC2) from
the module and either replace them with finalized guidance or delete them
entirely so no unresolved SME questions remain in the published content; locate
the four lines shown in the diff and update the text to a final user-facing
sentence or remove the placeholders.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@documentation/modules/proc_creating-plan-wizard-aws.adoc`:
- Around line 5-7: Remove the unresolved author-note questions "// Is
cross-account migration supported?" and "// Is this correct (EBS volumes map to
EBS-backed storage classes only)?" from the document and either resolve them
with final wording or replace them with definitive statements; update the
section that referenced cross-account migration and the EBS storage-class
mapping to state the supported behavior and mapping explicitly (e.g.,
"Cross-account migration is/ is not supported: <final behavior>" and "EBS
volumes map to <final storage-class mapping>"), and if you need copy help use
the reviewer’s offer to draft the final sentences instead of leaving inline
questions.
- Around line 22-23: The two docs conflict: the plan-wizard AWS module currently
states "Cross-account migration is not supported" while the provider docs
describe a "Use cross-account credentials" path; decide which behavior is
correct, verify actual implementation, and make the texts consistent: either
update the bullets in documentation/modules/proc_creating-plan-wizard-aws.adoc
to state that cross-account migration is supported and describe the required
cross-account credential steps (replace the line "* {project-short} supports
migration within the same {aws} account only. Cross-account migration is not
supported."), or update the provider procedure to remove or disable the "Use
cross-account credentials" path if cross-account is truly unsupported—ensure
both places reference the same verified behavior and include a short note naming
the required credentials/constraints (e.g., cross-account role, region
restriction) so readers aren’t confused.

In `@documentation/modules/proc_creating-yaml-based-network-maps-ui-aws.adoc`:
- Around line 29-56: Remove the shell/heredoc wrapper so the snippet is pure
YAML for the UI editor: delete the leading "$  cat << EOF | {oc} apply -f -"
line and the trailing "EOF" and "----" so the snippet begins with "apiVersion:
forklift.konveyor.io/v1beta1" and contains the "kind: NetworkMap" and the
spec/map/provider blocks as plain YAML acceptable to the UI (preserve the
existing "apiVersion", "kind: NetworkMap", "metadata", "spec.map" entries and
provider/source/destination fields).

In `@documentation/modules/proc_creating-yaml-based-storage-maps-ui-aws.adoc`:
- Around line 38-58: The UI YAML/JSON example currently includes a shell heredoc
wrapper ("$ cat << EOF | {oc} apply -f - ... EOF") which will break if pasted
into the editor; replace the entire heredoc block with only the raw YAML
manifest for the StorageMap (beginning with "apiVersion:
forklift.konveyor.io/v1beta1" and "kind: StorageMap") so users can paste the
manifest directly into the UI editor and edit fields like metadata.name,
metadata.namespace, spec.map, spec.provider.source.name, and
spec.provider.destination.name without shell syntax.

In `@documentation/modules/proc_migrating-vms-cli-aws.adoc`:
- Around line 35-37: The example ownerReferences block is incomplete and will
produce an invalid manifest; update the sample ownerReferences entries so they
include the required fields by either removing the ownerReferences block from
the base example or providing full placeholder values (add name: <PROVIDER_NAME>
and uid: <PROVIDER_UID> alongside the existing apiVersion and kind) for both
occurrences shown; ensure the placeholders are clearly labeled so users replace
them when copying the manifest.

---

Duplicate comments:
In `@documentation/modules/proc_migrating-vms-cli-aws.adoc`:
- Around line 18-22: Remove the inline authoring questions (the four comment
lines asking about Secret/Provider, NetworkMap, StorageMap, and Plan manifests
for AWS EC2) from the module and either replace them with finalized guidance or
delete them entirely so no unresolved SME questions remain in the published
content; locate the four lines shown in the diff and update the text to a final
user-facing sentence or remove the placeholders.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8aae723f-0bec-4411-9512-ad0c95f9ed8a

📥 Commits

Reviewing files that changed from the base of the PR and between 07c286f and f44b95c.

📒 Files selected for processing (15)

• documentation/doc-Migrating_your_virtual_machines/assemblies/assembly_migrating-from-aws.adoc
• documentation/doc-Migrating_your_virtual_machines/master.adoc
• documentation/doc-Planning_your_migration/assemblies/assembly_planning-migration-aws.adoc
• documentation/doc-Planning_your_migration/assemblies/assembly_provider-specific-requirements-for-migration.adoc
• documentation/doc-Planning_your_migration/master.adoc
• documentation/modules/common-attributes.adoc
• documentation/modules/proc_adding-source-provider.adoc
• documentation/modules/proc_canceling-migration-cli-entire.adoc
• documentation/modules/proc_creating-form-based-network-maps-ui-aws.adoc
• documentation/modules/proc_creating-form-based-storage-maps-ui-aws.adoc
• documentation/modules/proc_creating-plan-wizard-aws.adoc
• documentation/modules/proc_creating-yaml-based-network-maps-ui-aws.adoc
• documentation/modules/proc_creating-yaml-based-storage-maps-ui-aws.adoc
• documentation/modules/proc_migrating-vms-cli-aws.adoc
• documentation/modules/ref_aws-ec2-prerequisites.adoc

✅ Files skipped from review due to trivial changes (10)

• documentation/modules/proc_canceling-migration-cli-entire.adoc
• documentation/modules/common-attributes.adoc
• documentation/doc-Planning_your_migration/assemblies/assembly_provider-specific-requirements-for-migration.adoc
• documentation/doc-Planning_your_migration/master.adoc
• documentation/doc-Migrating_your_virtual_machines/master.adoc
• documentation/doc-Planning_your_migration/assemblies/assembly_planning-migration-aws.adoc
• documentation/modules/proc_creating-form-based-storage-maps-ui-aws.adoc
• documentation/doc-Migrating_your_virtual_machines/assemblies/assembly_migrating-from-aws.adoc
• documentation/modules/ref_aws-ec2-prerequisites.adoc
• documentation/modules/proc_creating-form-based-network-maps-ui-aws.adoc

[Jenny-Anne]

Please confirm:

• Is cross-account migration supported or not?
• Can EBS volumes map to EBS-backed storage classes only?

[Jenny-Anne]

^^ Does this list cover the minimum required IAM permissions?

[yaacov]

see upstream ref:
https://github.com/kubev2v/forklift/tree/main/pkg/provider/ec2#provider-resource

[yaacov]

an important limitataion missing is that we only support VMs using RHEL OSs , e.g. we don't support migration of Windows or AWS OS ( AWS OS is an OS commonly used on EC2 and it is important to note we don't support them, on any non RHEL OS at this release )

[yaacov]

when using the API directly adding an owner is not part of the regular flow, see the upstream docs:

Ref:
https://github.com/kubev2v/forklift/tree/main/pkg/provider/ec2#manual-setup-yaml

[yaacov]

you are missing the target secret fields, see ref docs:
https://github.com/kubev2v/forklift/tree/main/pkg/provider/ec2#secret-fields

[yaacov]

you are missing target az, see ref:
https://github.com/kubev2v/forklift/tree/main/pkg/provider/ec2#provider-resource

[yaacov]

that is just a regular network map, not different then any other

[yaacov]

storage class must be ec2 backed storage class pointing to the same az we point the provider az when we created the provider

[yaacov]

this is a regular plan + migration like we have for other proivders, nothing special for ec2

[yaacov]

when creating the storage map, we will map to the storage class using this csi driver