Migrating your web-app from on-premises data centers to the cloud allows you to scale it on-demand to handle high traffic loads. AWS provides an affordable, public cloud platform that offers comprehensive migration solutions for faster time to business results. The platform is built with automation and data-driven decision-making, which makes migration fast and simple. AWS also comes with a broad set of features that make it perfect for deployment, Continuous Integration, and Continuous Delivery.

While the process of migrating your app and data to the AWS cloud is relatively simple, it takes various phases to justify cloud adoption. The first phase involves evaluating whether the app can be migrated to the cloud. Once you decide that an app should move to the cloud, you will need to choose between several migration options provided by AWS. These include: AWS CloudEndure, AWS Direct Connect, AWS Snowmobile, and AWS Snowball among others.  You will also need to know the resources you’ll need to keep your app running.

The third step involves Proof of Concept (PoC), where you test your workload against the AWS storage service. This phase gives you an idea of the security controls, and whether migrating to the AWS cloud will minimize expenses. Once you have all the prerequisites, created a backup, and synchronized with on-premises repositories, you can now migrate the application to the cloud. 

For this exercise, we shall be using Amazon’s CloudEndure to migrate our web app to the AWS cloud platform. 

Migrating your Web App to AWS Cloud: A Step-by-Step Guide

Step 1: Creating Access Policies for Your Project

  1. Using your AWS Account, sign in to the Amazon Web Services Console
    Web-App to AWS Cloud: Step 1: Creating Access Policies for Your Project
  2. Once you’re on the AWS Console, click on Services. On the pop-up, scroll to  Security, Identity and Management, then click IAM.
    Web-App to AWS Cloud - Security, Identity and Management - IAM.
    Web-App to AWS Cloud -Security, Identity and Management - IAM.
  3. You’ll be redirected to the Identity and Access Management page. From the left-side navigation pane select Policies.
    Identity and Access Management Dashboard
  4. Click on Create Policy on the Policies  page.
    Policies - Create Policy
  5. Once on the Create Policy page, open the tab named JSON.
    Create Policy - JSON image17

  6. On a separate tab, go to the CloudEndure IAM Policy, and copy this code. Paste this code over any text that exists in the text field of the JSON editor.
    Create Policy - JSON Editor
    Quick Tip: If you are trying to launch a target machine with specific identity management roles, you should add the iam:PassRole permission manually since CloudEndure does not have this permission.
  7. Click on Review Policy to proceed.
    JSON - Review Policy
  8. You’ll be redirected to the Review Policy page, where you will give your policy a Name and Description (optional).
    Review Policy Page
  9. At the bottom right of the Review Policy page, click on Create Policy.
    Review Policy - Create PolicyYou will get a notification letting you know that your policy has been created.
    Create Policy Notification

Step 2: Creating an IAM user and generating credentials

To use the new policy you just made, you will need to create a new IAM user and provide them with Programmatic access. After completing this step, you’ll be provided with a Security Access Key and Access Key ID that are required to run CloudEndure.

  1. On the navigation menu to the left of IAM, find Users.
    IAM User Credentials
  2. Next, click on Add User.
    Add User
  3. On the next page, fill out an appropriate User Name, and select Programmatic for the Access Type option. When you’re done, select Next Permissions.
    Next Permissions
  4. You’ll be redirected to the Set Permissions page, with three options. For this task, we’ll select Attach Existing Policies Directly.
    Set Permissions
    Locate the policy created in the previous step (Creating Policies for Your Project). Select the checkbox next to it and click Next: Tags at the bottom of the page. 
  5. Since tags aren’t necessary, we’ll skip and press Next: Review.
    Next Review
  6. Review your options and press Create User at the bottom of the page when you are done.
    Create User
  7. The Next page acknowledges the creation of a new user. On this page, you can also view and download your User Security Credentials.
    Quick Tip: Your credentials are only available for a one-time download. Save this .csv file as you’ll need these credentials to log in to the CloudEndure console.

    Once you have saved your access keys, press Close to finish.
    You’ll be redirected to the Users page, where you’ll access the details of your newly created user.

Step 3: Define your Application’s Replication Settings in the CloudEndure Staging Area

After getting login credentials, you’ll need to set up the replication process. 

  1. Sign in to the CloudEndure Console.
    Sign in to the CloudEndure Console
  2. Enter the user credentials you generated on AWS, click Save. Once you are logged in, move to the REPLICATION SETTINGS tab.

    From the Migration/Disaster Recovery Resource drop-down list under Disaster Recovery Source, select your application’s source environment. Our sample application is located on vCenter, the appliance that holds VMware’s virtual environment platform.

    On the Migration/Disaster Recovery Resource drop-down list under Disaster Recovery Target, select the AWS region onto which you’ll want to replicate your data.

  3. Once you’ve selected your application’s source and target, you should define the application’s Replication Servers. The default settings will do.
  4. For this project, we’ll also select the Default instance type. This is the t3. Instance, one that will incur the least costs.
  5. For our Instance Converter Type, we’ll select the default type. For our availability zone, this is m5.large.
  6. For the Data Disks, choose the low cost, standard disks option. 
  7. For the Replication Server Subnet option, we’ll pick the default subnet allocated by AWS.
  8. We’ll also use the Default CloudEndure security group for this project.

    We’ll skip defining the VPN Usage, Volume Encryption, Staging Area Tags, and Software Download.

  9. At the bottom of the Replication Settings page, click SAVE REPLICATION SETTINGS. CloudEndure issues you with tokens you will use to install an agent on the source server. The agent will create a connection between the replication server in AWS and the CloudEndure User Console.

Step 4: Configuring the Blueprint for Your Target Machine

  1. From the right-hand top navigation panel, select the BLUEPRINT tab. Use the default settings provided by CloudEndure for this project. 
  2. Use the default settings for Best-match target machine launch, Copy Source, Copy Instance, Private IP, and Existing Instance ID categories.
  3. Once you are done, click SAVE BLUEPRINT to make these changes valid.

Step 5: Testing the Migration Solution

In Test Mode, you can launch and run your target machine on the target infrastructure you set for the source. This way, you can check to see whether the migration is effective.

  1. Open the machines page. Navigate to User Console>Machines.
          Ensure that the source machine you want to test is set to the following statuses.
          DATA REPLICATION PROGRESS- Continuous Data Replication
          STATUS- Target Machine Can Be Launched
          MIGRATION LIFECYCLE- Ready for Testing/Recently Tested /Cutover
  2. Select the checkbox to the left of the Source Machine hosting our app.
  3. Click the LAUNCH X TARGET MACHINES and click on the Test Mode button.
  4. To start the test, click Continue.

A message appears at the top right corner of the user console, showing you the status of the test, and that a target machine is being launched. Your selected source machine will have a green edge showing it’s active. If you click on the source machine, you’ll be redirected to the Machine Dashboard, showing additional information on the test and machine. Here, you can also reset the machine’s Blueprint.

Step 6: Migration

Performing Cutover Mode action tells CloudEndure to delete the previous machine and create an updated new machine. 

  1. Open the Machines page, and verify that the machine hosting our app is set to the following configurations.
          ETA/LAG- none | n/a
    DATA REPLICATION PROGRESS- Continuous Data Replication
    STATUS- Target Machine Can Be Launched
    MIGRATION LIFECYCLE- Ready for Testing/Recently Tested /Cutover
  2. Check the box on the left of the Source Machine that hosts our app to activate it.
  3. Click LAUNCH X TARGET MACHINE then select Cutover Mode.
  4. Click Continue on the confirmation message that pops up.

    A Message appears at the top right of the User Console, indicating that a target machine is being launched for your source machine. After the cutover is complete,  several indications appear on the Machines page, showing the status of your chosen machine.

  5. Once you are sure the replication is complete, you can remove the source machines from the User Console. Click on the checkbox to the left of the machine name, open the MACHINE ACTIONS menu, and select Remove X Machines from this Console from the drop-down menu.


CloudEndure provides a quick and easy way to migrate your on-premises applications and resources to AWS cloud. In this article, we’ve created a CloudEndure project to replicate an on-premises web application. With CloudEndure and AWS Identity and Access Management (IAM), you can host a large number of machines on AWS without having to redo the architecture. Since CloudEndure replicates source machines continuously in an AWS staging area, migration will not cause any downtime or reduced performance of your web application.