diff --git a/.claude-plugin/marketplace.json b/.claude-plugin/marketplace.json index 20f1983a..e5b440a9 100644 --- a/.claude-plugin/marketplace.json +++ b/.claude-plugin/marketplace.json @@ -121,25 +121,6 @@ "source": "./plugins/deploy-on-aws", "tags": ["aws", "deploy", "infrastructure", "cdk"], "version": "1.1.0" - }, - { - "category": "migration", - "description": "This no-cost tool assesses your current cloud provider's usage, geography, and billing data to estimate and compare AWS services and pricing, and recommends migration or continued use of your current provider. AWS pricing is based on current published pricing and may vary over time. The tool may generate a .migration folder containing comparison and migration execution data, which you may delete upon completion or use to migrate to AWS.", - "keywords": [ - "aws", - "gcp", - "google-cloud", - "migration", - "cloud-migration", - "terraform", - "fargate", - "rds", - "eks" - ], - "name": "migration-to-aws", - "source": "./plugins/migration-to-aws", - "tags": ["aws", "gcp", "migration", "infrastructure"], - "version": "1.0.0" } ] } diff --git a/AGENTS.md b/AGENTS.md index 0e596132..8fcfc522 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -4,7 +4,7 @@ ## TL;DR Pitch -This repository supports **plugins** - bundles of skills, MCP servers, and agent configurations that extend capabilities. The `awslabs/agent-plugins` marketplace includes plugins like `deploy-on-aws` (architecture recommendations, cost estimates, and working IaC), `amazon-location-service` (maps, geocoding, routing, and geospatial features), `databases-on-aws` (database guidance for the AWS portfolio, starting with Aurora DSQL), and `migration-to-aws` (GCP-to-AWS migration with resource discovery, architecture mapping, and cost analysis). +This repository supports **plugins** - bundles of skills, MCP servers, and agent configurations that extend capabilities. The `awslabs/agent-plugins` marketplace includes plugins like `deploy-on-aws` (architecture recommendations, cost estimates, and working IaC), `amazon-location-service` (maps, geocoding, routing, and geospatial features), and `databases-on-aws` (database guidance for the AWS portfolio, starting with Aurora DSQL). ## Core Concepts @@ -68,14 +68,6 @@ agent-plugins/ │ │ ├── SKILL.md │ │ ├── mcp/ │ │ └── references/ -│ └── migration-to-aws/ -│ ├── .claude-plugin/ -│ │ └── plugin.json -│ ├── .mcp.json -│ └── skills/ -│ └── gcp-to-aws/ -│ ├── SKILL.md -│ └── references/ ├── schemas/ # JSON schemas for manifests │ ├── marketplace.schema.json │ ├── plugin.schema.json @@ -121,13 +113,6 @@ agent-plugins/ | `awsknowledge` | HTTP | AWS documentation, architecture guidance, and best practices | | `aurora-dsql` | stdio | Direct database operations — queries, schema, transactions (disabled by default) | -### migration-to-aws - -| Server | Type | Purpose | -| -------------- | ----- | ----------------------------------------------- | -| `awsknowledge` | HTTP | AWS documentation and architecture guidance | -| `awspricing` | stdio | Real-time AWS service pricing for cost analysis | - ## Workflow: Deploy Skill 1. **Analyze** - Scan codebase for framework, database, dependencies diff --git a/README.jp.md b/README.jp.md index 5c9c36ff..8fe95289 100644 --- a/README.jp.md +++ b/README.jp.md @@ -43,7 +43,6 @@ AI コーディングエージェントはソフトウェア開発において | **aws-serverless** | Lambda、API Gateway、EventBridge、Step Functions、Durable Functions を使用したサーバーレスアプリケーションを構築 | 利用可能 | | **databases-on-aws** | AWS データベースポートフォリオのガイダンス — スキーマ設計、クエリ、マイグレーション、マルチテナントパターン | 一部利用可能(Aurora DSQL) | | **deploy-on-aws** | アーキテクチャ推奨、コスト見積もり、IaC デプロイにより AWS へのアプリケーションデプロイを支援 | 利用可能 | -| **migration-to-aws** | リソース検出、アーキテクチャマッピング、コスト分析、実行計画により GCP インフラを AWS に移行 | 利用可能 | ## インストール @@ -89,12 +88,6 @@ Deploy on AWS /plugin install deploy-on-aws@agent-plugins-for-aws ``` -Migration to AWS - -```bash -/plugin install migration-to-aws@agent-plugins-for-aws -``` - ### Cursor **deploy-on-aws** プラグインは [Cursor Marketplace](https://cursor.com/marketplace/aws) からインストールできます。詳細については、[Cursor プラグインドキュメント](https://cursor.com/docs/plugins)を参照してください。Cursor アプリケーション内からもインストール可能です。 @@ -218,31 +211,6 @@ AWS デプロイを加速するスキルをエージェントに提供します | **awspricing** | コスト見積もり用のリアルタイム AWS サービス料金 | | **aws-iac-mcp** | CDK/CloudFormation の IaC ベストプラクティス | -## migration-to-aws - -Terraform リソースの検出、アーキテクチャマッピング、コスト見積もり、実行計画を通じて、GCP インフラから AWS への体系的な移行を支援します。 - -### ワークフロー - -1. **検出** - Terraform ファイルをスキャンして GCP リソースを検出し、インフラストラクチャを抽出 -2. **確認** - コンピューティングワークロードとアーキテクチャパターンを理解 -3. **設計** - GCP サービスを AWS の同等サービスにマッピングし、根拠を提示 -4. **見積もり** - 月間 AWS コストを算出し、GCP と比較 -5. **実行** - 移行タイムラインを策定し、デプロイリスクを特定 - -### エージェントスキルのトリガー - -| エージェントスキル | トリガー | -| ------------------ | ----------------------------------------------------------------------------------------------------------------------- | -| **gcp-to-aws** | 「GCP から AWS に移行して」「GCP から移行して」「GCP 移行計画」「AWS コストを見積もって」「GCP インフラのアセスメント」 | - -### MCP サーバー - -| サーバー | 用途 | -| ---------------- | ----------------------------------------------- | -| **awsknowledge** | AWS ドキュメント、アーキテクチャガイダンス | -| **awspricing** | コスト見積もり用のリアルタイム AWS サービス料金 | - ## 要件 - Claude Code >=2.1.29 または [Cursor >= 2.5](https://cursor.com/changelog/2-5) diff --git a/README.md b/README.md index 411528e0..b1a02315 100644 --- a/README.md +++ b/README.md @@ -28,14 +28,13 @@ To maximize the benefits of plugin-assisted development while maintaining securi ## Plugins -| Plugin | Description | Status | -| --------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | -| **amazon-location-service** | Add maps, geocoding, routing, places search, and geospatial features to applications with Amazon Location Service | Available | -| **aws-amplify** | Build full-stack apps with AWS Amplify Gen 2 using guided workflows for auth, data, storage, and functions | Available | -| **aws-serverless** | Build serverless applications with Lambda, API Gateway, EventBridge, Step Functions, and durable functions | Available | -| **databases-on-aws** | Database guidance for the AWS database portfolio — schema design, queries, migrations, and multi-tenant patterns | Some Services Available (Aurora DSQL) | -| **deploy-on-aws** | Deploy applications to AWS with architecture recommendations, cost estimates, and IaC deployment | Available | -| **migration-to-aws** | Migrate GCP infrastructure to AWS with resource discovery, architecture mapping, cost analysis, and execution planning | Available | +| Plugin | Description | Status | +| --------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------------------------------- | +| **amazon-location-service** | Add maps, geocoding, routing, places search, and geospatial features to applications with Amazon Location Service | Available | +| **aws-amplify** | Build full-stack apps with AWS Amplify Gen 2 using guided workflows for auth, data, storage, and functions | Available | +| **aws-serverless** | Build serverless applications with Lambda, API Gateway, EventBridge, Step Functions, and durable functions | Available | +| **databases-on-aws** | Database guidance for the AWS database portfolio — schema design, queries, migrations, and multi-tenant patterns | Some Services Available (Aurora DSQL) | +| **deploy-on-aws** | Deploy applications to AWS with architecture recommendations, cost estimates, and IaC deployment | Available | ## Installation @@ -77,12 +76,6 @@ or /plugin install deploy-on-aws@agent-plugins-for-aws ``` -or - -```bash -/plugin install migration-to-aws@agent-plugins-for-aws -``` - ### Cursor You can install the **deploy-on-aws** plugin from the [Cursor Marketplace](https://cursor.com/marketplace/aws). For additional information, please refer to the [Cursor plugin documentation](https://cursor.com/docs/plugins). You can also install within the Cursor application: @@ -206,31 +199,6 @@ Equips agents with the skills to accelerate AWS deployment - recommending AWS ar | **awspricing** | Real-time AWS service pricing for cost estimates | | **aws-iac-mcp** | IaC best practices for CDK/CloudFormation | -## migration-to-aws - -Helps you systematically migrate GCP infrastructure to AWS through Terraform resource discovery, architecture mapping, cost estimation, and execution planning. - -### Workflow - -1. **Discover** - Scan Terraform files for GCP resources and extract infrastructure -2. **Clarify** - Understand compute workloads and architecture patterns -3. **Design** - Map GCP services to AWS equivalents with rationale -4. **Estimate** - Calculate monthly AWS costs and compare to GCP -5. **Execute** - Plan migration timeline and identify deployment risks - -### Agent Skill Triggers - -| Agent Skill | Triggers | -| -------------- | ------------------------------------------------------------------------------------------------------------------ | -| **gcp-to-aws** | "migrate GCP to AWS", "move from GCP", "GCP migration plan", "estimate AWS costs", "GCP infrastructure assessment" | - -### MCP Servers - -| Server | Purpose | -| ---------------- | ------------------------------------------------ | -| **awsknowledge** | AWS documentation, architecture guidance | -| **awspricing** | Real-time AWS service pricing for cost estimates | - ## Requirements - Claude Code >=2.1.29 or [Cursor >= 2.5](https://cursor.com/changelog/2-5) diff --git a/plugins/migration-to-aws/.claude-plugin/plugin.json b/plugins/migration-to-aws/.claude-plugin/plugin.json deleted file mode 100644 index abfcffad..00000000 --- a/plugins/migration-to-aws/.claude-plugin/plugin.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "author": { - "name": "Amazon Web Services" - }, - "description": "This no-cost tool assesses your current cloud provider's usage, geography, and billing data to estimate and compare AWS services and pricing, and recommends migration or continued use of your current provider. AWS pricing is based on current published pricing and may vary over time. The tool may generate a .migration folder containing comparison and migration execution data, which you may delete upon completion or use to migrate to AWS.", - "homepage": "https://github.com/awslabs/agent-plugins", - "keywords": [ - "aws", - "gcp", - "google-cloud", - "migration", - "cloud-migration", - "terraform", - "fargate" - ], - "license": "Apache-2.0", - "name": "migration-to-aws", - "repository": "https://github.com/awslabs/agent-plugins", - "version": "1.0.0" -} diff --git a/plugins/migration-to-aws/.mcp.json b/plugins/migration-to-aws/.mcp.json deleted file mode 100644 index b7d617b1..00000000 --- a/plugins/migration-to-aws/.mcp.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "mcpServers": { - "awsknowledge": { - "type": "http", - "url": "https://knowledge-mcp.global.api.aws" - }, - "awspricing": { - "args": [ - "awslabs.aws-pricing-mcp-server@latest" - ], - "command": "uvx", - "env": { - "FASTMCP_LOG_LEVEL": "ERROR" - }, - "timeout": 120000, - "type": "stdio" - } - } -} diff --git a/plugins/migration-to-aws/README.md b/plugins/migration-to-aws/README.md deleted file mode 100644 index d802289f..00000000 --- a/plugins/migration-to-aws/README.md +++ /dev/null @@ -1,72 +0,0 @@ -# GCP-to-AWS Migration Plugin - -Migrate workloads from Google Cloud Platform to AWS with a 5-phase guided process. - -## Overview - -This plugin guides you through migrating GCP infrastructure to AWS by: - -1. **Discover** - Scan Terraform files for GCP resources -2. **Clarify** - Answer 8 questions about your migration requirements -3. **Design** - Map GCP services to equivalent AWS services -4. **Estimate** - Calculate monthly costs and ROI -5. **Execute** - Plan your migration timeline and rollback procedures - -## Usage - -Invoke the skill with migration-related phrases: - -- "Migrate my GCP infrastructure to AWS" -- "Move off Google Cloud" -- "Migrate Cloud SQL to RDS" -- "GCP to AWS migration plan" - -## Scope (v1.0) - -- **Supports**: Terraform-based GCP infrastructure -- **Generates**: AWS architecture design, cost estimates, execution timeline -- **Does not include** (v1.1+): App code scanning, billing data import, CDK code generation - -## MCP Servers - -The plugin integrates with: - -- **awspricing** - Real-time AWS pricing (with fallback to cached data) -- **awsknowledge** - AWS service guidance and best practices - -## Files - -- `SKILL.md` - Main skill orchestrator -- `references/phases/` - Workflow phase implementations -- `references/design-refs/` - AWS service mapping rubrics -- `references/shared/` - Shared utilities and pricing data - -## Architecture - -The plugin uses state files (`.migration/[MMDD-HHMM]/`) to track migration progress across invocations: - -- `.phase-status.json` - Current phase and status -- `gcp-resource-inventory.json` - Discovered GCP resources -- `clarified.json` - User requirements -- `aws-design.json` - Mapped AWS services -- `estimation.json` - Cost analysis -- `execution.json` - Timeline and risks - -## Installation - -```bash -/plugin marketplace add awslabs/agent-plugins -/plugin install migration-to-aws@agent-plugins-for-aws -``` - -## Development - -To test locally: - -```bash -claude --plugin-dir ./plugins/migration-to-aws -``` - -## License - -Apache-2.0 diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/SKILL.md b/plugins/migration-to-aws/skills/gcp-to-aws/SKILL.md deleted file mode 100644 index bd0f2de5..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/SKILL.md +++ /dev/null @@ -1,175 +0,0 @@ ---- -name: gcp-to-aws -description: "Migrate workloads from Google Cloud Platform to AWS. Triggers on: migrate from GCP, GCP to AWS, move off Google Cloud, migrate Terraform to AWS, migrate Cloud SQL to RDS, migrate GKE to EKS, migrate Cloud Run to Fargate, Google Cloud migration. Runs a 5-phase process: discover GCP resources from Terraform files, clarify migration requirements, design AWS architecture, estimate costs, and plan execution." ---- - -# GCP-to-AWS Migration Skill - -## Philosophy - -- **Re-platform by default**: Select AWS services that match GCP workload types (e.g., Cloud Run → Fargate, Cloud SQL → RDS). -- **Dev sizing unless specified**: Default to development-tier capacity (e.g., db.t4g.micro, single AZ). Upgrade only on user direction. -- **Infrastructure-first approach**: v1.0 migrates Terraform-defined infrastructure only. App code scanning and billing import are v1.1+. - -## Prerequisites - -User must provide GCP infrastructure-as-code: - -- One or more `.tf` files (Terraform) -- Optional: `.tfvars` or `.tfstate` files - -If no Terraform files are found, stop immediately and ask user to provide them. - -## State Management - -Migration state lives in `.migration/[MMDD-HHMM]/` directory (created by Phase 1, persists across invocations): - -``` -.migration/ -├── .gitignore # Auto-created to protect state files from git -└── 0226-1430/ # MMDD-HHMM timestamp - ├── .phase-status.json # Current phase tracking - ├── gcp-resource-inventory.json # All GCP resources found - ├── gcp-resource-clusters.json # Clustered resources by affinity - ├── clarified.json # User answers (Phase 2 output) - ├── aws-design.json # AWS services mapping (Phase 3 output) - ├── estimation.json # Cost breakdown (Phase 4 output) - └── execution.json # Timeline + risks (Phase 5 output) -``` - -**Note:** The `.migration/` directory is automatically protected by a `.gitignore` file created in Phase 1. Migration state files will not be accidentally committed to version control. - -**.phase-status.json schema:** - -```json -{ - "phase": "discover|clarify|design|estimate|execute", - "status": "in-progress|completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - -If `.phase-status.json` exists: - -- If `status` is `completed`: advance to next phase (discover→clarify, clarify→design, etc.) -- If `status` is `in-progress`: resume from that phase - -## Phase Routing - -1. **On skill invocation**: Check for `.migration/*/` directory - - If none exist: Initialize Phase 1 (Discover), set status to `in-progress` - - If multiple exist: **STOP**. Output: "Multiple migration sessions detected in `.migration/`:" then for each directory, display its name and the contents of its `.phase-status.json` (phase + status). Output: "Pick one to continue: [list with phase info]" - - If exists: Load `.phase-status.json` and validate: - - **If empty file (0 bytes)**: STOP. Output: "State file is empty. Delete `.migration/[MMDD-HHMM]/.phase-status.json` and restart." - - **If invalid JSON**: STOP. Output: "State file corrupted (invalid JSON). Delete `.migration/[MMDD-HHMM]/.phase-status.json` and restart Phase [X]." - - **If missing required fields** (`phase`, `status`, `timestamp`, `version`): STOP. Output: "State file incomplete (missing [field]). Delete and restart." - - **If version != "1.0.0"**: STOP. Output: "Incompatible state file version: [version]. This skill requires version 1.0.0." - - **If unrecognized phase value**: STOP. Output: "Unrecognized phase: [value]. Valid values: discover, clarify, design, estimate, execute." - - **If status not in {in-progress, completed}**: STOP. Output: "Unrecognized status: [value]. Valid values: in-progress, completed." - - **If valid**: Determine next action: - - If phase status is `in-progress`: Resume that phase - - If phase status is `completed`: Advance to next phase - -2. **Phase transition mapping** (when phase is `completed`): - - discover (completed) → Route to clarify - - clarify (completed) → Route to design - - design (completed) → Route to estimate - - estimate (completed) → Route to execute - - execute (completed) → Migration complete; offer summary and cleanup options - -3. **Phase gate checks**: If prior phase incomplete, do not advance (e.g., cannot enter estimate without completed design) - -## Phase Summary Table - -| Phase | Inputs | Outputs | Reference | -| ------------ | ----------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------- | ---------------------------------------- | -| **Discover** | `.tf` files | `gcp-resource-inventory.json`, `gcp-resource-clusters.json`, `.phase-status.json` updated | `references/phases/discover/discover.md` | -| **Clarify** | `gcp-resource-inventory.json`, `gcp-resource-clusters.json` | `clarified.json`, `.phase-status.json` updated | `references/phases/clarify.md` | -| **Design** | `gcp-resource-inventory.json`, `gcp-resource-clusters.json`, `clarified.json` | `aws-design.json`, `aws-design-report.md`, `.phase-status.json` updated | `references/phases/design.md` | -| **Estimate** | `aws-design.json`, `clarified.json` | `estimation.json`, `estimation-report.md`, `.phase-status.json` updated | `references/phases/estimate.md` | -| **Execute** | `aws-design.json`, `estimation.json` | `execution.json`, `execution-timeline.md`, `.phase-status.json` updated | `references/phases/execute.md` | - -## MCP Servers - -**awspricing** (for cost estimation): - -1. Call `get_pricing_service_codes()` to detect availability -2. If success: use live AWS pricing -3. If timeout/error: fall back to `references/shared/pricing-fallback.json` (includes 2026 on-demand rates for major services) - -**awsknowledge** (for design validation): - -1. Use for regional availability checks (e.g., service available in target region?) -2. Use for feature parity checks (e.g., do required features exist in AWS service?) -3. Use for service constraints and best practices -4. Fallback: if unavailable, set `validation_status: "skipped"` in aws-design.json with note in design report -5. **Important**: Validation is informational; design proceeds either way (not blocking) - -## Error Handling - -| Condition | Action | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | -| No `.tf` files found | Stop. Output: "No Terraform files detected. Please provide `.tf` files with your GCP resources and try again." | -| `.phase-status.json` missing phase gate | Stop. Output: "Cannot enter Phase X: Phase Y-1 not completed. Start from Phase Y or resume Phase Y-1." | -| awspricing unavailable after 3 attempts | Display user warning about ±15-25% accuracy. Use `pricing-fallback.json`. Add `pricing_source: fallback` to estimation.json. | -| User does not answer all Q1-8 | Offer Mode C (defaults) or Mode D (free text). Phase 2 completes either way. | -| `aws-design.json` missing required clusters | Stop Phase 4. Output: "Re-run Phase 3 to generate missing cluster designs." | - -## Defaults - -- **IaC output**: None (v1.0 produces design, cost estimates, and execution plans — no IaC code generation) -- **Region**: `us-east-1` (unless user specifies, or GCP region → AWS region mapping suggests otherwise) -- **Sizing**: Development tier (e.g., Aurora Serverless v2 0.5 ACU for databases, 0.5 CPU for Fargate) -- **Migration mode**: Full infrastructure path (no AI-only subset path in v1.0) -- **Cost currency**: USD -- **Timeline assumption**: 8-12 weeks total - -## Workflow Execution - -When invoked, the agent **MUST follow this exact sequence**: - -1. **Load phase status**: Read `.phase-status.json` from `.migration/*/`. - - If missing: Initialize for Phase 1 (Discover) - - If exists: Determine current phase based on phase field and status value - -2. **Determine phase to execute**: - - If status is `in-progress`: Resume that phase (read corresponding reference file) - - If status is `completed`: Advance to next phase (read next reference file) - - Phase mapping for advancement: - - discover (completed) → Execute clarify (read `references/phases/clarify.md`) - - clarify (completed) → Execute design (read `references/phases/design.md`) - - design (completed) → Execute estimate (read `references/phases/estimate.md`) - - estimate (completed) → Execute execute (read `references/phases/execute.md`) - - execute (completed) → Migration complete - -3. **Read phase reference**: Load the full reference file for the target phase. - -4. **Execute ALL steps in order**: Follow every numbered step in the reference file. **Do not skip, optimize, or deviate.** - -5. **Validate outputs**: Confirm all required output files exist with correct schema before proceeding. - -6. **Update phase status**: Each phase reference file specifies the final `.phase-status.json` update (records the phase that just completed). - -7. **Display summary**: Show user what was accomplished, highlight next phase, or confirm migration completion. - -**Critical constraint**: Agent must strictly adhere to the reference file's workflow. If unable to complete a step, stop and report the exact step that failed. - -User can invoke the skill again to resume from last completed phase. - -## Scope Notes - -**v1.0 includes:** - -- Terraform infrastructure discovery (no app code scanning) -- User requirement clarification (8 structured questions) -- Structured Design (cluster-based mapping from Terraform) -- AWS cost estimation (from pricing API or fallback) -- Execution timeline and risk assessment - -**Deferred to v1.1+:** - -- App code scanning (runtime detection of compute workload types) -- AI-only fast-track path in Clarify/Design -- Billing data import from GCP -- Flat Design path (for non-Terraform codebases) diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/classification-rules.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/classification-rules.md deleted file mode 100644 index 73be5605..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/classification-rules.md +++ /dev/null @@ -1,100 +0,0 @@ -# Terraform Clustering: Classification Rules - -Hardcoded lists for classifying GCP resources as PRIMARY or SECONDARY. - -## Priority 1: PRIMARY Resources (Workload-Bearing) - -These resource types are always PRIMARY: - -- `google_cloud_run_service` — Serverless container workload -- `google_container_cluster` — Kubernetes cluster -- `google_compute_instance` — Virtual machine -- `google_cloudfunctions_function` — Serverless function -- `google_sql_database_instance` — Relational database -- `google_firestore_database` — Document database (Firestore instance) -- `google_firestore_document` — Document database (Firestore document resource) -- `google_bigquery_dataset` — Data warehouse -- `google_storage_bucket` — Object storage -- `google_redis_instance` — In-memory cache -- `google_pubsub_topic` — Message queue -- `google_compute_network` — Virtual network (VPC). Anchors the networking cluster (see clustering-algorithm.md Rule 1) -- `google_dns_managed_zone` — DNS zone -- `google_app_engine_application` — App Engine application -- `google_cloud_tasks_queue` — Task queue -- `google_compute_forwarding_rule` — Load balancer forwarding rule -- `module.*` — Terraform module (treated as primary container) - -**Action**: Mark as `PRIMARY`, classification done. No secondary_role. - -## Priority 2: SECONDARY Resources by Role - -Match resource type against secondary classification table. Each match assigns a `secondary_role`: - -### Identity (`identity`) - -- `google_service_account` — Workload identity - -### Access Control (`access_control`) - -- `google_*_iam_member` — IAM binding (all variants) -- `google_*_iam_policy` — IAM policy (all variants) - -### Network Path (`network_path`) - -- `google_vpc_access_connector` — VPC connector for serverless -- `google_compute_subnetwork` — Subnet -- `google_compute_firewall` — Firewall rule -- `google_compute_router` — Cloud router -- `google_compute_router_nat` — NAT rule -- `google_service_networking_connection` — VPC peering - -### Configuration (`configuration`) - -- `google_sql_database` — SQL schema -- `google_sql_user` — SQL user -- `google_secret_manager_secret` — Secret vault -- `google_dns_record_set` — DNS record -- `google_monitoring_alert_policy` — Alert rule (skipped in design; no AWS equivalent) - -### Encryption (`encryption`) - -- `google_kms_crypto_key` — KMS encryption key -- `google_kms_key_ring` — KMS key ring - -### Orchestration (`orchestration`) - -- `null_resource` — Terraform orchestration marker -- `time_sleep` — Orchestration delay -- `google_project_service` — API service enablement (prerequisite, not a deployable unit) - -**Action**: Mark as `SECONDARY` with assigned role. - -## Priority 3: LLM Inference Fallback - -If resource type not in Priority 1 or 2, apply heuristic patterns: - -- Name contains `scheduler`, `task`, `job` → `SECONDARY` / `orchestration` -- Name contains `log`, `metric`, `alert`, `trace` → `SECONDARY` / `configuration` -- Type contains `policy` or `binding` → `SECONDARY` / `access_control` -- Type contains `network` or `subnet` → `SECONDARY` / `network_path` - -**Default**: If all heuristics fail: `SECONDARY` / `configuration` with confidence 0.5 - -**Downstream flagging for low-confidence classifications**: Any resource classified with confidence ≤ 0.5 (including the default fallback) MUST be: - -1. Flagged in `gcp-resource-inventory.json` with `"confidence": 0.5` on the resource entry -2. Added to a `low_confidence_resources[]` warning array in inventory metadata -3. Reported to the user during Phase 1 completion: "⚠️ N resources were classified with low confidence and may need manual review: [list of addresses]" -4. Passed through to Phase 3 (Design) where they appear in `warnings[]` as: "Low-confidence classification for [address] (classified as [role]). Verify AWS mapping is correct." - -## Serves[] Population - -For SECONDARY resources, populate `serves[]` array (list of PRIMARY resources it supports): - -1. Extract all outgoing references from this SECONDARY's config -2. Include direct references: `field = resource_type.name.id` patterns -3. Include transitive chains: if referenced resource is also SECONDARY, trace to PRIMARY - -**Example**: `google_compute_firewall` → references `google_compute_network` (PRIMARY, network cluster anchor). The firewall is a `network_path` SECONDARY that serves the network cluster. Its `serves[]` includes the PRIMARY `google_compute_network.vpc`. - -**Serves array**: Points to the PRIMARY resources this SECONDARY supports. For `network_path` secondaries, this is the `google_compute_network` PRIMARY that anchors the network cluster (see clustering-algorithm.md Rule 1). diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/clustering-algorithm.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/clustering-algorithm.md deleted file mode 100644 index 3baeae2b..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/clustering-algorithm.md +++ /dev/null @@ -1,160 +0,0 @@ -# Terraform Clustering: Deterministic Algorithm - -Groups resources into named clusters using priority-ordered rules. - -## Input - -All resources with fields: - -- `address`, `type`, `classification` (PRIMARY/SECONDARY) -- `secondary_role` (if SECONDARY) -- `typed_edges[]`, `depth`, `serves[]` - -## Algorithm: Apply Rules in Priority Order - -### Rule 1: Networking Cluster - -**IF** `google_compute_network` resource exists: - -- Group: `google_compute_network` + ALL network_path secondaries (subnetworks, firewalls, routers) -- Cluster ID: `network_vpc_{gcp_region}_{sequence}` (e.g., `network_vpc_us-central1_001`) -- **Reasoning**: Network is shared infrastructure; groups all config together - -**Output**: 1 cluster (or 0 if no networks found) - -**Mark these resources as clustered; remove from unassigned pool.** - -### Rule 2: Same-Type Grouping (GROUP ALL INTO ONE CLUSTER PER TYPE) - -**CRITICAL: Create ONE cluster per resource type, NOT one cluster per resource.** - -**Process:** - -1. **Identify all resource types with 2+ PRIMARY resources** - - Example: 4× `google_pubsub_topic`, 3× `google_storage_bucket`, 2× `google_sql_database_instance` - -2. **For EACH resource type with 2+ primaries: Create ONE cluster containing ALL of them** - - Do NOT create separate clusters for each resource - - Create ONE cluster with ALL matching resources - -3. **Cluster ID format**: `{service_category}_{service_type}_{gcp_region}_{sequence:001}` - - `messaging_pubsubtopic_us-central1_001` (contains ALL 4 pubsub topics) - - `storage_bucket_us-central1_001` (contains ALL 3 storage buckets) - - `database_sql_us-central1_001` (contains ALL 2 SQL instances) - -4. **Primary resources in cluster**: List ALL matching resources - - Example cluster `messaging_pubsubtopic_us-central1_001`: - - primary_resources: - - `google_pubsub_topic.order_events` - - `google_pubsub_topic.inventory_events` - - `google_pubsub_topic.user_events` - - `google_pubsub_topic.dead_letter` - -5. **Secondary resources**: Collect ALL secondaries that `serve` ANY of the grouped primaries - - All subscriptions for all grouped topics - - All IAM bindings for all grouped resources - - All supporting resources - -**Correct Examples (ONE cluster per type):** - -- 4× `google_pubsub_topic` → 1 cluster: `messaging_pubsubtopic_us-central1_001` -- 3× `google_storage_bucket` → 1 cluster: `storage_bucket_us-central1_001` -- 2× `google_sql_database_instance` → 1 cluster: `database_sql_us-central1_001` -- 3× `google_container_cluster` → 1 cluster: `compute_gke_us-central1_001` (NOT `k8s_001`, `k8s_002`, `k8s_003`) - -**INCORRECT Examples (DO NOT DO THIS):** - -- ❌ 4× `google_pubsub_topic` → 4 clusters (`compute_pubsubtopic_001`, `compute_pubsubtopic_002`, etc.) -- ❌ 3× `google_storage_bucket` → 3 clusters (`compute_storagebucket_001`, `compute_storagebucket_002`, etc.) -- ❌ 3× `google_container_cluster` → 3 clusters (`k8s_001`, `k8s_002`, `k8s_003`) - -**Output**: ONE cluster per resource type (not per resource) - -**Reasoning**: Identical workloads of the same GCP service type migrate together, share operational characteristics, and should be managed as a unit. - -**Mark all resources of this type as clustered; remove from unassigned pool.** - -### Rule 3: Seed Clusters - -**FOR EACH** remaining PRIMARY resource (unassigned): - -- Create cluster seeded by this PRIMARY -- Add all SECONDARY resources in its `serves[]` array -- Cluster ID: `{service_type}_{gcp_region}_{sequence}` (e.g., `cloudrun_us-central1_001`) -- **Reasoning**: Primary + its supports = deployment unit - -**Output**: N clusters (one per remaining PRIMARY) - -**Mark all included resources as clustered.** - -### Rule 4: Merge on Dependencies - -**IF** two clusters have bidirectional or data_dependency edges between their PRIMARY resources: - -- **AND** they form a single logical deployment unit (determined by: shared infrastructure, sequential deploy, business logic) -- **THEN** merge clusters - -**Action**: Combine into one cluster; update ID to reflect both (e.g., `web-api_us-central1_001`) - -**Reasoning**: Some workloads must deploy together (e.g., two Cloud Runs sharing database) - -**Heuristic**: Merge if one PRIMARY depends on another's output (e.g., Function → Database). Do NOT merge independent workloads. - -### Rule 5: Skip API Services - -**IF** resource is `google_project_service`: - -- Classify as orchestration secondary -- Do NOT create its own cluster -- Attach to cluster of service it enables (e.g., `google_project_service.cloud_run` attaches to Cloud Run cluster) - -**Reasoning**: API enablement is prerequisite, not a deployable unit. - -### Rule 6: Deterministic Naming - -Apply consistent cluster naming: - -- **Format**: `{service_category}_{service_type}_{gcp_region}_{sequence}` -- **service_category**: One of: `compute`, `database`, `storage`, `network`, `messaging`, `analytics`, `security` -- **service_type**: GCP service shortname (e.g., `cloudrun`, `sql`, `bucket`, `vpc`) -- **gcp_region**: Source region (e.g., `us-central1`) -- **sequence**: Zero-padded counter (e.g., `001`, `002`) - -**Examples**: - -- `compute_cloudrun_us-central1_001` -- `database_sql_us-west1_001` -- `storage_bucket_multi-region_001` -- `network_vpc_us-central1_001` (rule 1 network cluster) - -**Reasoning**: Names reflect deployment intent; deterministic for reproducibility. - -## Output Cluster Schema - -Each cluster includes: - -```json -{ - "cluster_id": "compute_cloudrun_us-central1_001", - "name": "Cloud Run Application", - "type": "compute", - "description": "Primary: cloud_run_service.app, Secondary: service_account, iam_policy", - "gcp_region": "us-central1", - "primary_resources": ["google_cloud_run_service.app"], - "secondary_resources": ["google_service_account.app_runner"], - "network": "network_vpc_us-central1_001", - "creation_order_depth": 2, - "must_migrate_together": true, - "dependencies": [], - "edges": [{ "from": "...", "to": "...", "relationship_type": "..." }] -} -``` - -## Determinism Guarantee - -Given same Terraform input, algorithm produces same cluster structure every run: - -1. Rules applied in fixed order -2. Sequence counters increment deterministically -3. Naming reflects source state, not random IDs -4. Deterministic for Priority 1 and Priority 2 resources. Priority 3 (LLM inference fallback in classification-rules.md and typed-edges-strategy.md) may produce non-deterministic results for unknown resource types diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/depth-calculation.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/depth-calculation.md deleted file mode 100644 index a9d764ce..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/depth-calculation.md +++ /dev/null @@ -1,147 +0,0 @@ -# Terraform Clustering: Depth Calculation - -Assigns topological depth to every resource via Kahn's algorithm (longest path variant). - -## Depth Semantics - -- **Depth 0**: Resources with no incoming dependencies (can start immediately) -- **Depth N**: Resources where all dependencies are at depth ≤ N-1, and at least one is at depth N-1 - -Higher depth = later in deployment sequence. - -## Algorithm: Kahn's Algorithm (Longest Path Variant) - -### Input - -All resources with: - -- `address`, `type` -- `dependencies[]` array (addresses of resources this one depends on) - -### Step 1: Build Dependency Graph - -For each resource: - -- Outgoing edges: follow its `dependencies[]` array -- Incoming edges: count how many resources depend on this one -- Store: `in_degree[resource] = count_of_incoming_edges` - -### Step 2: Initialize Queue - -Create queue of all resources with `in_degree = 0`. - -These are depth 0 (no dependencies). - -Assign: `depth[resource] = 0` for all queued resources. - -### Step 3: Process Queue (Longest Path) - -While queue not empty: - -1. **Dequeue** resource R -2. **For each** resource D that depends on R (traverse reverse edges): - - Update: `depth[D] = max(depth[D], depth[R] + 1)` - - Decrement: `in_degree[D] -= 1` - - **If** `in_degree[D]` becomes 0: **Enqueue** D - -**Note:** "Resources that depend on R" means all resources X where X's `dependencies[]` contains R. This correctly assigns higher depths to dependent resources (which must deploy later). - -### Step 4: Cycle Detection - -If queue empties but unassigned resources remain: - -- **Cycle detected**: Some resources have circular dependencies -- **Bounded retry** (max 3 attempts total): - 1. Identify the cycle (trace unassigned resources' dependencies) - 2. Find lowest-confidence edge in cycle (prefer `unknown_dependency` or LLM-inferred edges over deterministic edges) - 3. **Only break inferred edges** (confidence < 1.0). If all edges in the cycle are deterministic (hardcoded classification), do NOT break — proceed to STOP. - 4. Remove the selected edge and restart the algorithm - 5. Log warning: "Circular dependency detected and broken (attempt N/3): {resources and edges removed}" -- **If cycle persists after 3 attempts**: **STOP**. Output: "Unresolvable circular dependency between: [resource addresses]. All edges are deterministic. Manual review required — restructure Terraform dependencies or add `depends_on` overrides." - -### Step 5: Assign Final Depths - -All resources have assigned `depth` field. - -Verify: Every resource has `depth ∈ [0, max_depth]`. - -## Pseudocode - -``` -function calculateDepth(resources) { - // Build graph - in_degree = {} - depends_on = {} - dependents_of = {} // Reverse adjacency: resource → resources that depend on it - for each resource R: - in_degree[R] = count incoming edges - depends_on[R] = R.dependencies[] - dependents_of[R] = [] - - // Populate dependents_of (reverse edges) - for each resource R: - for each D in R.dependencies[]: - dependents_of[D].append(R) - - // Initialize depth 0 - depth = {} - queue = [R for R in resources if in_degree[R] == 0] - for each R in queue: - depth[R] = 0 - - // Process queue (longest path variant) - while queue not empty: - R = queue.dequeue() - for each D in dependents_of[R]: // Iterate resources that depend on R - depth[D] = max(depth[D], depth[R] + 1) - in_degree[D] -= 1 - if in_degree[D] == 0: - queue.enqueue(D) - - // Cycle check (bounded: max 3 attempts) - if any resource not assigned depth: - if attempt >= 3: - STOP("Unresolvable circular dependency. Manual review required.") - edge = find_lowest_confidence_edge_in_cycle() - if edge.confidence == 1.0: - STOP("Cycle contains only deterministic edges. Manual review required.") - remove(edge) - return calculateDepth(resources, attempt + 1) // Retry - - return depth -} -``` - -## Example - -**Resources and dependencies:** - -``` -A: depends on [] → depth 0 -B: depends on [A] → depth 1 -C: depends on [A] → depth 1 -D: depends on [B, C] → depth 2 -``` - -**Queue trace:** - -1. Initial queue: [A] (in_degree 0) -2. Dequeue A, depth[A]=0; enqueue B, C (both now in_degree 0) -3. Dequeue B, depth[B]=1; update depth[D]=max(0,1+1)=2; in_degree[D]=1 -4. Dequeue C, depth[C]=1; update depth[D]=max(2,1+1)=2; enqueue D (in_degree 0) -5. Dequeue D, depth[D]=2 -6. Queue empty; all depths assigned - -**Final**: A:0, B:1, C:1, D:2 ✓ - -## Deployment Order Guarantee - -Resources sorted by ascending depth can deploy in order: - -``` -Deploy depth 0: A -Deploy depth 1: B, C (parallel OK) -Deploy depth 2: D -``` - -No dependency violations; parallelism at same depth. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/typed-edges-strategy.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/typed-edges-strategy.md deleted file mode 100644 index a35a4bc4..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/clustering/terraform/typed-edges-strategy.md +++ /dev/null @@ -1,105 +0,0 @@ -# Terraform Clustering: Typed Edge Strategy - -Infers edge types from HCL context to classify relationships between resources. - -## Pass 1: Extract References from HCL - -Parse HCL configuration text for all `resource_type.name.attribute` patterns: - -- Regex: `(google_\w+)\.(\w+)\.(\w+)` or `google_\w+\.[\w\.]+` -- Capture fully qualified references: `google_sql_database_instance.prod.id` -- Include references in: attribute values, `depends_on` arrays, variable interpolations - -Store each reference with: - -- `reference`: target resource address -- `field_path`: HCL attribute path where reference appears -- `raw_context`: surrounding HCL text (10 lines for LLM context) - -## Pass 2: Classify Edge Type by Field Context - -For each reference, determine edge type: - -### Data Dependencies - -Field name matches: `DATABASE*`, `DB_*`, `SQL*`, `CONNECTION_*` - -Environment variable name matches: `DATABASE*`, `DB_HOST`, `SQL_*` - -- **Type**: `data_dependency` -- **Example**: `google_cloud_run_service.app.env.DATABASE_URL` → `google_sql_database_instance.prod.id` - -### Cache Dependencies - -Field name matches: `REDIS*`, `CACHE*`, `MEMCACHE*` - -- **Type**: `cache_dependency` -- **Example**: `google_cloudfunctions_function.worker.env.REDIS_HOST` → `google_redis_instance.cache.host` - -### Publish Dependencies - -Field name matches: `PUBSUB*`, `TOPIC*`, `QUEUE*`, `STREAM*` - -- **Type**: `publishes_to` -- **Example**: `google_cloud_run_service.publisher.env.PUBSUB_TOPIC` → `google_pubsub_topic.events.id` - -### Storage Dependencies - -Field name matches: `BUCKET*`, `STORAGE*`, `S3*` - -Direction determined by context: - -- Write context (upload, save, persist) → `writes_to` -- Read context (download, fetch, load) → `reads_from` -- Bidirectional → Both edge types - -- **Example**: `google_cloud_run_service.worker.env.STORAGE_BUCKET` → `google_storage_bucket.data.name` - -### Network Path - -Field name: `vpc_connector` - -- **Type**: `network_path` -- **Example**: `google_cloudfunctions_function.app.vpc_connector` → `google_vpc_access_connector.main.id` - -### Encryption - -Field name: `kms_key_name`, `encryption_key`, `key_ring` - -- **Type**: `encryption` -- **Example**: `google_sql_database_instance.db.backup_encryption_key_name` → `google_kms_crypto_key.sql.id` - -### Orchestration - -Explicit `depends_on` array - -- **Type**: `orchestration` -- **Example**: `depends_on = [google_project_service.run]` - -## Default Fallback - -If no patterns match, use LLM to infer edge type from: - -- Resource types (compute → storage likely data_dependency) -- Field names and values -- Raw HCL context - -If LLM uncertain: `unknown_dependency` with confidence field. - -## Evidence Structure - -Store edge evidence: - -```json -{ - "target": "google_sql_database_instance.prod", - "relationship_type": "data_dependency", - "evidence": { - "field_path": "env.DATABASE_URL", - "env_var_name": "DATABASE_URL", - "reference": "google_sql_database_instance.prod.connection_name" - } -} -``` - -All edges stored in resource's `typed_edges[]` array. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/ai.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/ai.md deleted file mode 100644 index 2bf16599..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/ai.md +++ /dev/null @@ -1,92 +0,0 @@ -# AI/ML Services Design Rubric - -**Applies to:** Vertex AI, Cloud Vision API, Cloud ML Engine - -**Note:** v1.0 focuses on infrastructure migration. AI model serving/retraining is deferred to v1.1+. - -## Signals (Decision Criteria) - -### Vertex AI (Endpoints / Models) - -- **Custom model inference** → SageMaker Endpoints -- **Pre-built model APIs** → AWS APIs (Rekognition, Textract, Translate, etc.) -- **Batch prediction** → SageMaker Batch Transform - -### Cloud Vision API - -- **Image classification, OCR** → AWS Rekognition (images) or Textract (OCR) -- **Document understanding** → AWS Textract (more powerful for docs) - -### Cloud ML Engine - -- **Model training** → SageMaker (managed training jobs) -- **AutoML** → SageMaker Autopilot - -## 6-Criteria Rubric - -Apply in order: - -1. **Eliminators**: Does GCP config require AWS-unsupported features? If yes: use alternative -2. **Operational Model**: Managed (SageMaker) vs Custom (EC2 + training)? - - Prefer managed -3. **User Preference**: From `clarified.json`, q2 (primary concern)? - - If `"cost"` → check SageMaker Spot + Autopilot -4. **Feature Parity**: Does GCP config need model type unavailable in AWS? - - Example: TensorFlow 2.x → SageMaker (supported) -5. **Cluster Context**: Are other compute resources running ML? Prefer SageMaker affinity -6. **Simplicity**: SageMaker endpoints (managed) > custom EC2 instances - -## Examples - -### Example 1: Vertex AI Endpoint (PyTorch model) - -- GCP: `google_ai_platform_model` (model_name="image-classifier", framework=PYTORCH) -- Signals: Custom model inference, PyTorch -- Criterion 1 (Eliminators): PASS (PyTorch supported) -- Criterion 2 (Operational Model): SageMaker Endpoint (managed) -- → **AWS: SageMaker Endpoint (PyTorch container)** -- Confidence: `inferred` - -### Example 2: Cloud Vision API - -- GCP: `google_vision_api_call` (feature=TEXT_DETECTION, image_source=GCS) -- Signals: Pre-built API -- → **AWS: Textract (if document OCR) or Rekognition (if image classification)** -- Confidence: `inferred` - -### Example 3: AutoML (image classification) - -- GCP: `google_automl_image_classification_dataset` -- Signals: Training pipeline, classification -- Criterion 1 (Eliminators): PASS -- Criterion 2 (Operational Model): SageMaker Autopilot (managed) -- → **AWS: SageMaker Autopilot + Canvas (for low-code)** -- Confidence: `inferred` - -## Output Schema - -```json -{ - "gcp_type": "google_ai_platform_model", - "gcp_address": "image-classifier-v2", - "gcp_config": { - "framework": "PYTORCH", - "version": "1.9" - }, - "aws_service": "SageMaker", - "aws_config": { - "endpoint_name": "image-classifier-v2", - "instance_type": "ml.m5.large", - "container_image": "pytorch:1.9" - }, - "confidence": "inferred", - "rationale": "Vertex AI custom model → SageMaker Endpoint (PyTorch supported)" -} -``` - -## Deferred to v1.1+ - -- Model retraining pipeline setup (training job automation) -- Hyperparameter tuning (SageMaker Hyperparameter Tuning Job) -- Multi-instance distributed training -- Model registry and versioning (SageMaker Model Registry) diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/compute.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/compute.md deleted file mode 100644 index 731cba1d..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/compute.md +++ /dev/null @@ -1,123 +0,0 @@ -# Compute Services Design Rubric - -**Applies to:** Cloud Run, Cloud Functions, Compute Engine, GKE, App Engine - -**Quick lookup (no rubric):** Check `fast-path.md` first (Cloud Run → Fargate, Cloud Functions → Lambda, etc.) - -## Eliminators (Hard Blockers) - -| GCP Service | AWS | Blocker | -| --------------- | ------- | ------------------------------------------------------------------------------------ | -| Cloud Run | Lambda | Execution time >15 min → use Fargate | -| Cloud Run | Fargate | GPU workload or >16 vCPU or >120 GB memory → use EC2 | -| Cloud Functions | Lambda | Python version not supported (e.g., Python 2.7) → consider custom runtime on Fargate | -| GKE | EKS | Custom CRI incompatible → manual workaround or ECS | - -## Signals (Decision Criteria) - -### Cloud Run / App Engine - -- **Always-on** or **cold-start sensitive** → Fargate (not Lambda) -- **Stateless microservice** + **<15 min execution** → Lambda -- **HTTP-only** + **container-native** → Fargate preferred (better dev/prod parity) - -### Cloud Functions - -- **Event-driven** + **<15 min** + **Python/Node/Go** → Lambda -- **Always-on or long** → run as Container on Fargate or ECS - -### Compute Engine (VMs) - -- **Always-on workload** → EC2 (reserved or on-demand based on cost sensitivity) -- **Batch/periodic jobs** → EC2 with Auto Scaling (scale to 0 in dev) -- **Windows-only workload** → EC2 (Lambda/Fargate support limited) - -### GKE - -- **Kubernetes orchestration** required → EKS -- **No K8s requirement** + **microservices** → Fargate (simpler, no cluster overhead) - -## 6-Criteria Rubric - -Apply in order; first match wins: - -1. **Eliminators**: Does GCP config violate AWS constraints? If yes: switch to alternative -2. **Operational Model**: Managed (Lambda, Fargate) vs Self-Hosted (EC2, EKS)? - - Prefer managed unless: Always-on + high baseline cost → EC2 -3. **User Preference**: From `clarified.json`, q3 (team experience) or q2 (primary concern)? - - If `team_experience = "expert"` + `primary_concern = "control"` → EC2 - - If `team_experience = "novice"` + `primary_concern = "cost"` → Fargate -4. **Feature Parity**: Does GCP config require AWS-unsupported features? - - Example: GCP auto-scaling to zero + cold-start-sensitive → Fargate (not Lambda) -5. **Cluster Context**: Are other resources in this cluster using EKS/EC2/Fargate? - - Prefer same platform (affinity) -6. **Simplicity**: Fewer resources = higher score - - Fargate (1 service) > EC2 (N services for ASG + monitoring) - -## Examples - -### Example 1: Cloud Run (stateless API) - -- GCP: `google_cloud_run_service` (memory=512MB, timeout=60s, min_instances=1) -- Signals: HTTP, stateless, always-on -- Criterion 1 (Eliminators): PASS (60s < 15min doesn't apply; stateless OK) -- Criterion 2 (Operational Model): FARGATE preferred -- → **AWS: Fargate (0.5 CPU, 1 GB memory)** -- Confidence: `deterministic` (or `inferred` if variant from fast-path) - -### Example 2a: Cloud Functions (event processor, short-running) - -- GCP: `google_cloudfunctions_function` (runtime=python39, timeout=540s) -- Signals: Event-driven, 540s = 9 minutes (< 15min limit) -- Criterion 1 (Eliminators): PASS on timeout (540s < 900s) -- Criterion 2 (Operational Model): Lambda preferred for event-driven + short-running -- → **AWS: Lambda with EventBridge trigger** -- Confidence: `inferred` - -### Example 2b: Cloud Functions (long-running batch processor) - -- GCP: `google_cloudfunctions_function` (runtime=python39, timeout=1200s) -- Signals: Event-driven but 1200s = 20 minutes (> 15min limit) -- Criterion 1 (Eliminators): FAIL on timeout (1200s > 900s) → **cannot use Lambda** -- Criterion 2 (Operational Model): Fargate (managed + can handle longer execution) -- → **AWS: Fargate (0.5 CPU, 1 GB memory) with EventBridge trigger** -- Confidence: `inferred` - -### Example 3: Compute Engine (background job) - -- GCP: `google_compute_instance` (machine_type=e2-medium, region=us-central1, startup_script=...) -- Signals: Periodic batch job (inferred from startup script), always-on -- Criterion 1 (Eliminators): PASS -- Criterion 2 (Operational Model): EC2 (explicit compute control) -- Criterion 3 (User Preference): If q2=`cost`, prefer auto-scaling → EC2 + ASG (scale to 0) -- → **AWS: EC2 t3.medium + Auto Scaling Group (min=0 in dev)** -- Confidence: `inferred` - -## Output Schema - -```json -{ - "gcp_type": "google_cloud_run_service", - "gcp_address": "example-service", - "gcp_config": { - "memory_mb": 512, - "timeout_seconds": 60 - }, - "aws_service": "Fargate", - "aws_config": { - "cpu": "0.5", - "memory_mb": 1024, - "region": "us-east-1" - }, - "confidence": "deterministic", - "rationale": "1:1 mapping; Cloud Run (stateless, <15min) → Fargate (always-on)", - "rubric_applied": [ - "Eliminators: PASS", - "Operational Model: Managed preferred", - "User Preference: N/A", - "Feature Parity: Full", - "Cluster Context: Fargate affinity", - "Simplicity: Fargate (1 service)" - ] -} -``` diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/database.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/database.md deleted file mode 100644 index 4da24aec..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/database.md +++ /dev/null @@ -1,120 +0,0 @@ -# Database Services Design Rubric - -**Applies to:** Cloud SQL, Firestore, BigQuery, Memorystore (Redis) - -**Quick lookup (no rubric):** Check `fast-path.md` first (Cloud SQL PostgreSQL → RDS Aurora, Cloud SQL MySQL → RDS Aurora, etc.) - -## Eliminators (Hard Blockers) - -| GCP Service | AWS | Blocker | -| ---------------------- | ---------- | ---------------------------------------------------------------------------------------------------------- | -| Firestore | DynamoDB | ACID transactions spanning >100 items required → use RDS (DynamoDB limit: 100 items/transaction) | -| BigQuery | Redshift | OLTP-level latency (<100ms) required → use DynamoDB (point lookups) or Aurora (SQL OLTP); Redshift is OLAP | -| Cloud SQL (PostgreSQL) | RDS Aurora | PostGIS extension → supported (Aurora supports PostGIS) | - -## Signals (Decision Criteria) - -### Cloud SQL - -- **PostgreSQL, MySQL, SQL Server** → Direct RDS mapping (fast-path) -- **High availability required** → RDS Multi-AZ or Aurora (preferred) -- **Dev/test sizing** → RDS Aurora Serverless v2 (scales to 0) -- **Production, always-on** → RDS Aurora Provisioned (or Serverless v2 if fluctuating) - -### Firestore - -- **Flexible schema** + **NoSQL** → DynamoDB -- **Strong consistency required** → DynamoDB supports strongly consistent reads via `ConsistentRead` parameter -- **Real-time sync** + **offline support** → DynamoDB Streams + Amplify (app-level) - -### BigQuery - -- **Data warehouse / OLAP analytics** → Redshift -- **Ad-hoc SQL queries** → Athena (serverless SQL; cheaper for infrequent queries) -- **ML models in warehouse** → Redshift ML (or SageMaker) vs BigQuery ML - -### Memorystore (Redis) - -- **In-memory cache** → ElastiCache Redis (fast-path, 1:1 mapping) -- **Cluster mode enabled** → ElastiCache Redis with cluster mode -- **High availability required** → ElastiCache Redis Multi-AZ with auto-failover - -## 6-Criteria Rubric - -Apply in order: - -1. **Eliminators**: Does GCP config require AWS-unsupported features? If yes: switch -2. **Operational Model**: Managed (Aurora, DynamoDB) vs Provisioned (EC2-based RDS)? - - Prefer managed unless: Production + cost-optimized + predictable load → Provisioned RDS -3. **User Preference**: From `clarified.json`, q5 (database requirements)? - - `"structured"` → RDS (relational) - - `"document"` → DynamoDB (NoSQL) - - `"analytics"` → Redshift or Athena -4. **Feature Parity**: Does GCP config need features unavailable in AWS? - - Example: Cloud SQL with binary log replication → Aurora (full support) - - Example: Firestore with offline-first SDK → DynamoDB (plus app-level sync) -5. **Cluster Context**: Are other resources in cluster using RDS? Prefer same family -6. **Simplicity**: Fewer moving parts = higher score - - Serverless > Provisioned > Self-Managed - -## Examples - -### Example 1: Cloud SQL PostgreSQL (dev environment) - -- GCP: `google_sql_database_instance` (database_version=POSTGRES_13, region=us-central1) -- Signals: PostgreSQL, dev tier (implied from sizing) -- Criterion 1 (Eliminators): PASS -- Criterion 2 (Operational Model): Aurora Serverless v2 (dev best practice) -- → **AWS: RDS Aurora PostgreSQL Serverless v2 (0.5-1 ACU, dev tier)** -- Confidence: `deterministic` - -### Example 2: Firestore (mobile app) - -- GCP: `google_firestore_document` (root_path=users, auto_id=true) -- Signals: NoSQL, real-time, offline-first (inferred from Firestore choice) -- Criterion 1 (Eliminators): PASS (DynamoDB supports eventual consistency) -- Criterion 2 (Operational Model): DynamoDB (managed NoSQL) -- Criterion 3 (User Preference): If q5=`"document"` → DynamoDB confirmed -- → **AWS: DynamoDB (on-demand billing for dev)** -- Confidence: `inferred` - -### Example 3: BigQuery (analytics) - -- GCP: `google_bigquery_dataset` (location=us, schema=[large table]) -- Signals: Analytics warehouse, large queries -- Criterion 1 (Eliminators): PASS -- Criterion 2 (Operational Model): Redshift (managed data warehouse) or Athena (serverless SQL) -- Criterion 3 (User Preference): If q6=`cost_sensitive` → Athena (pay per query, no idle cost) -- → **AWS: Athena (Glue catalog, parquet format in S3)** -- Confidence: `inferred` - -## Output Schema - -```json -{ - "gcp_type": "google_sql_database_instance", - "gcp_address": "prod-postgres-db", - "gcp_config": { - "database_version": "POSTGRES_13", - "region": "us-central1", - "tier": "db-custom-2-7680" - }, - "aws_service": "RDS Aurora PostgreSQL", - "aws_config": { - "engine_version": "14.7", - "instance_class": "db.r6g.xlarge", - "multi_az": true, - "region": "us-east-1" - }, - "confidence": "deterministic", - "rationale": "1:1 mapping; Cloud SQL PostgreSQL → RDS Aurora PostgreSQL", - "rubric_applied": [ - "Eliminators: PASS", - "Operational Model: Managed RDS Aurora", - "User Preference: Structured (q5)", - "Feature Parity: Full (binary logs, replication)", - "Cluster Context: Consistent with app tier", - "Simplicity: RDS Aurora (managed, multi-AZ)" - ] -} -``` diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/fast-path.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/fast-path.md deleted file mode 100644 index a3f4957e..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/fast-path.md +++ /dev/null @@ -1,46 +0,0 @@ -# Fast-Path: Direct GCP→AWS Mappings - -**Confidence: `deterministic`** (1:1 mapping, no rubric evaluation needed) - -## Direct Mappings Table - -| GCP Service | AWS Service | Conditions | Notes | -| ------------------------------------------- | --------------------- | ---------- | ---------------------------------------------------- | -| `google_storage_bucket` | S3 | Always | 1:1 mapping; preserve ACL/versioning/lifecycle rules | -| `google_sql_database_instance` (PostgreSQL) | RDS Aurora PostgreSQL | Always | Serverless v2 for dev; Provisioned for prod | -| `google_sql_database_instance` (MySQL) | RDS Aurora MySQL | Always | Serverless v2 for dev; Provisioned for prod | -| `google_sql_database_instance` (SQL Server) | RDS SQL Server | Always | Always provisioned (no serverless) | -| `google_compute_network` | VPC | Always | 1:1; preserve CIDR ranges | -| `google_compute_firewall` | Security Group | Always | 1:1 rule mapping; adjust CIDR if needed | -| `google_dns_managed_zone` | Route 53 Hosted Zone | Always | Preserve zone name and records | -| `google_service_account` | IAM Role | Always | Map permissions directly; adjust service principals | -| `google_redis_instance` | ElastiCache Redis | Always | 1:1 mapping; preserve cluster mode and node type | - -## Skip Mappings Table - -These GCP resources do **not** require AWS equivalents in v1.0: - -| GCP Service | Reason | -| ------------------------ | ----------------------------------------------- | -| `google_project` | AWS account structure (manual, not IaC) | -| `google_monitoring_*` | Fallback to CloudWatch (managed) | -| `google_logging_*` | Fallback to CloudWatch Logs (managed) | -| `google_compute_address` | Elastic IPs managed by ALB/NAT (not standalone) | - -## Secondary Behavior Lookups - -For resources in the Skip Mappings table but present in inventory: - -1. Log as "secondary resource, no AWS equivalent needed" -2. Do not include in aws-design.json -3. Note in aws-design-report.md warnings section - ---- - -**Workflow:** - -1. Extract GCP resource type -2. Look up in Direct Mappings table -3. If found and condition met: assign AWS service (confidence = deterministic) -4. If found in Skip Mappings: skip it (confidence = n/a) -5. If not found: use `design-refs/index.md` to determine category → apply rubric in that category's file diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/index.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/index.md deleted file mode 100644 index a66fac99..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/index.md +++ /dev/null @@ -1,71 +0,0 @@ -# GCP Service → Design Reference Mapping - -## Compute Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| ------------------- | -------------------------------- | -------------- | ------------------ | -| Cloud Run | `google_cloud_run_service` | `compute.md` | Fargate | -| Cloud Functions | `google_cloudfunctions_function` | `compute.md` | Lambda | -| Compute Engine (VM) | `google_compute_instance` | `compute.md` | EC2 or Fargate | -| GKE | `google_container_cluster` | `compute.md` | EKS | -| App Engine | `google_app_engine_application` | `compute.md` | Fargate or Amplify | - -## Database Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| ---------------------- | ------------------------------ | -------------- | --------------------- | -| Cloud SQL (PostgreSQL) | `google_sql_database_instance` | `database.md` | RDS Aurora PostgreSQL | -| Cloud SQL (MySQL) | `google_sql_database_instance` | `database.md` | RDS Aurora MySQL | -| Cloud SQL (SQL Server) | `google_sql_database_instance` | `database.md` | RDS SQL Server | -| Firestore (instance) | `google_firestore_database` | `database.md` | DynamoDB | -| Firestore (document) | `google_firestore_document` | `database.md` | DynamoDB | -| BigQuery | `google_bigquery_dataset` | `database.md` | Redshift or Athena | -| Memorystore (Redis) | `google_redis_instance` | `database.md` | ElastiCache Redis | - -## Storage Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| ------------------- | ----------------------- | -------------- | --------- | -| Cloud Storage (GCS) | `google_storage_bucket` | `storage.md` | S3 | - -## Networking Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| -------------------- | --------------------------------- | --------------- | ------------------ | -| VPC Network | `google_compute_network` | `networking.md` | VPC | -| Firewall Rules | `google_compute_firewall` | `networking.md` | Security Groups | -| Cloud Load Balancing | `google_compute_forwarding_rule` | `networking.md` | ALB/NLB | -| Cloud CDN | (part of compute_backend_service) | `networking.md` | CloudFront | -| Cloud DNS | `google_dns_managed_zone` | `networking.md` | Route 53 | -| Cloud Interconnect | (custom config) | `networking.md` | AWS Direct Connect | - -## Messaging Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| ----------- | -------------------------- | -------------- | ------------------ | -| Pub/Sub | `google_pubsub_topic` | `messaging.md` | SNS or SQS | -| Cloud Tasks | `google_cloud_tasks_queue` | `messaging.md` | SQS or EventBridge | - -## AI/ML Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| --------------------- | ------------------ | -------------- | ----------------------- | -| Vertex AI (models) | (custom endpoints) | `ai.md` | SageMaker | -| Vertex AI (pipelines) | (custom config) | `ai.md` | SageMaker Pipelines | -| Cloud Vision API | (managed API) | `ai.md` | Textract or Rekognition | - -## Secondary/Infrastructure Services - -| GCP Service | Resource Type | Reference File | Fast-Path | -| ---------------- | ------------------------ | ----------------- | ---------- | -| Service Accounts | `google_service_account` | `networking.md` | IAM Roles | -| Cloud Monitoring | (managed) | Not in v1.0 scope | CloudWatch | - ---- - -**Usage:** - -1. Extract GCP resource type from Terraform -2. Find in table above -3. If resource found in `fast-path.md` Direct Mappings table: use that mapping (confidence = deterministic) -4. Otherwise: load Reference File listed above and apply 6-criteria rubric (confidence = inferred) diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/messaging.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/messaging.md deleted file mode 100644 index 1b8161cb..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/messaging.md +++ /dev/null @@ -1,89 +0,0 @@ -# Messaging Services Design Rubric - -**Applies to:** Pub/Sub, Cloud Tasks - -**Quick lookup (no rubric):** Check `fast-path.md` first (Pub/Sub → SNS/SQS, etc.) - -## Eliminators (Hard Blockers) - -| GCP Service | AWS | Blocker | -| ----------- | --- | ------------------------------------------------------------------------------------------------------- | -| Pub/Sub | SNS | Exactly-once delivery required → SNS FIFO + SQS FIFO (SNS FIFO supports exactly-once via deduplication) | -| Pub/Sub | SQS | Multiple subscribers per topic → SNS (not SQS) | -| Cloud Tasks | SQS | Scheduled/delayed task execution → EventBridge + SNS/SQS | - -## Signals (Decision Criteria) - -### Pub/Sub - -- **Multiple subscribers, broadcast** → SNS (pub/sub pattern) -- **Single consumer, durability** → SQS (queue pattern) -- **Exactly-once delivery** → SNS FIFO + SQS FIFO (deduplication enabled) -- **Real-time, low latency** → SNS (vs SQS polling delay) - -### Cloud Tasks - -- **HTTP callback execution** → EventBridge + SNS/SQS (route to Lambda/Fargate) -- **Delayed/scheduled queue** → SQS + Lambda (ScheduledEvents) - -## 6-Criteria Rubric - -Apply in order: - -1. **Eliminators**: Does GCP config require AWS-unsupported features? If yes: switch -2. **Operational Model**: Managed (SNS, SQS, EventBridge) vs Custom queue? - - Prefer managed -3. **User Preference**: From `clarified.json`, q2 (primary concern)? - - If `"reliability"` → SQS (FIFO for exactly-once); else SNS -4. **Feature Parity**: Does GCP config need features unavailable in AWS? - - Example: Pub/Sub ordering guarantee → SQS FIFO (has ordering) -5. **Cluster Context**: Are other resources using SNS/SQS? Match if possible -6. **Simplicity**: SNS + SQS (coupled) vs separate services - -## Examples - -### Example 1: Pub/Sub Topic (broadcast) - -- GCP: `google_pubsub_topic` (name="user-events", message_retention_duration="7d") -- Signals: Broadcast events, multiple subscribers likely -- Criterion 1 (Eliminators): PASS (retention not critical for broadcast) -- Criterion 2 (Operational Model): SNS (pub/sub) -- → **AWS: SNS Topic (Standard)** -- Note: SNS does not support message retention like GCP Pub/Sub. If retention is critical, consider SQS instead. -- Confidence: `inferred` - -### Example 2: Pub/Sub Topic (exactly-once) - -- GCP: `google_pubsub_topic` + `google_pubsub_subscription` (exactly_once_delivery=true) -- Signals: Exactly-once delivery required -- Criterion 1 (Eliminators): Exactly-once required → **use SNS FIFO + SQS FIFO** -- → **AWS: SNS FIFO Topic + SQS FIFO Queue (deduplication enabled)** -- Confidence: `inferred` - -### Example 3: Cloud Tasks Queue (scheduled) - -- GCP: `google_cloud_tasks_queue` (rate_limits=1000 msg/sec, retry_config=[max_retries=5]) -- Signals: Task scheduling, retry configuration -- Criterion 1 (Eliminators): PASS -- → **AWS: SQS (standard) + Lambda ScheduledEvents (for scheduling)** -- Confidence: `inferred` - -## Output Schema - -```json -{ - "gcp_type": "google_pubsub_topic", - "gcp_address": "user-events", - "gcp_config": { - "message_retention_duration": "604800s", - "subscribers": 3 - }, - "aws_service": "SNS", - "aws_config": { - "topic_name": "user-events", - "display_name": "User Events" - }, - "confidence": "inferred", - "rationale": "Pub/Sub with multiple subscribers → SNS (broadcast pattern)" -} -``` diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/networking.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/networking.md deleted file mode 100644 index bc756c47..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/networking.md +++ /dev/null @@ -1,113 +0,0 @@ -# Networking Services Design Rubric - -**Applies to:** VPC, Firewall, Load Balancing, DNS, Cloud Interconnect - -**Quick lookup (no rubric):** Check `fast-path.md` first (VPC → VPC, Firewall → Security Groups, etc.) - -## Eliminators (Hard Blockers) - -| GCP Service | AWS | Blocker | -| -------------------- | -------------- | -------------------------------------------------------- | -| Cloud Interconnect | Direct Connect | Dedicated connection (6+ months setup) → use VPN as temp | -| Cloud Load Balancing | ALB | SSL certificate passthrough → NLB (L4, pass-through) | -| Cloud Load Balancing | NLB | IP-based routing → ALB (L7, hostname-based) | - -## Signals (Decision Criteria) - -### VPC Network - -- Always → AWS VPC (1:1 deterministic) -- Preserve CIDR blocks, subnets, routing tables - -### Firewall Rules - -- Always → AWS Security Groups (1:1 deterministic) -- Convert direction (ingress/egress) and IP ranges - -### Cloud Load Balancing - -- **HTTP/HTTPS + hostname/path routing** → ALB (Layer 7) -- **TCP/UDP + high throughput** → NLB (Layer 4) -- **TLS passthrough** → NLB (Layer 4, no termination) - -### Cloud DNS - -- Always → Route 53 (1:1 deterministic) -- Preserve zone name, record types, TTLs - -### Cloud Interconnect - -- **Dedicated connection** → AWS Direct Connect -- **Temporary/dev connectivity** → AWS Site-to-Site VPN (quicker, lower cost) - -## 6-Criteria Rubric - -Apply in order: - -1. **Eliminators**: Does GCP config require AWS-unsupported features? If yes: switch -2. **Operational Model**: Managed (ALB, Route 53) vs Custom (VPN, custom routing)? - - Prefer managed -3. **User Preference**: From `clarified.json`, q2 (primary concern)? - - If `"compliance"` → use Direct Connect (explicit data path); else VPN fine -4. **Feature Parity**: Does GCP config require AWS-unsupported features? - - Example: GCP policy-based routing → Custom route table rules (AWS does this) -5. **Cluster Context**: Are other resources in cluster using specific load balancers? Match -6. **Simplicity**: Fewer resources = higher score - -## Examples - -### Example 1: VPC Network - -- GCP: `google_compute_network` (auto_create_subnetworks=false, routing_mode=REGIONAL) -- Signals: Explicit subnets, regional routing -- Criterion 1 (Eliminators): PASS -- → **AWS: VPC (us-east-1 region)** -- Confidence: `deterministic` - -### Example 2: Firewall Rules - -- GCP: `google_compute_firewall` (allow=[tcp:443], source_ranges=[0.0.0.0/0]) -- Signals: HTTPS ingress, public -- → **AWS: Security Group (ingress rule: 443/tcp from 0.0.0.0/0)** -- Confidence: `deterministic` - -### Example 3: Cloud Load Balancing (HTTP + path-based) - -- GCP: `google_compute_forwarding_rule` + `google_compute_backend_service` (path_matcher=["/api/*" → api-backend]) -- Signals: Path-based routing, HTTP/HTTPS -- Criterion 1 (Eliminators): PASS -- Criterion 2 (Operational Model): ALB (managed, L7) -- → **AWS: ALB with target groups + listener rules (path-based)** -- Confidence: `inferred` - -### Example 4: Cloud DNS Zone - -- GCP: `google_dns_managed_zone` (dns_name="example.com.") -- Signals: Public DNS zone -- → **AWS: Route 53 Hosted Zone (example.com)** -- Confidence: `deterministic` - -## Output Schema - -```json -{ - "gcp_type": "google_compute_forwarding_rule", - "gcp_address": "global-https-lb", - "gcp_config": { - "load_balancing_scheme": "EXTERNAL", - "protocol": "HTTPS" - }, - "aws_service": "Application Load Balancer", - "aws_config": { - "load_balancer_type": "application", - "scheme": "internet-facing", - "listener": { - "protocol": "HTTPS", - "port": 443 - }, - "region": "us-east-1" - }, - "confidence": "deterministic", - "rationale": "GCP global HTTPS LB → AWS ALB (L7, host/path routing)" -} -``` diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/storage.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/storage.md deleted file mode 100644 index 6bd08c97..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/design-refs/storage.md +++ /dev/null @@ -1,71 +0,0 @@ -# Storage Services Design Rubric - -**Applies to:** Cloud Storage (GCS) - -**Quick lookup (no rubric):** Check `fast-path.md` first (Cloud Storage → S3, deterministic) - -## Deterministic Mapping - -**Cloud Storage (`google_storage_bucket`) → S3 (`aws_s3_bucket`)** - -Confidence: `deterministic` (always 1:1, no decision tree) - -**Behavior preservation:** - -- Bucket versioning → S3 versioning -- Lifecycle rules → S3 Lifecycle policies -- Access control (UNIFORM vs FINE-GRAINED) → S3 ACLs + Bucket Policies -- Regional location → S3 region selection -- Encryption (default or CSEK) → S3 encryption (default AES-256 or KMS) - -## GCS → S3 Attribute Mapping - -| GCS Attribute | S3 Equivalent | Notes | -| ----------------------------- | ------------------------------------------- | -------------------------------------------- | -| `location` (region) | `region` | Direct mapping; respect user's region choice | -| `versioning_enabled` | `versioning_enabled` | 1:1 copy | -| `lifecycle_rules` | `lifecycle_rule` | Adapt rule conditions | -| `uniform_bucket_level_access` | `block_public_acl` + policies | Convert UNIFORM to S3 ACL block | -| `encryption` (CSEK) | `sse_algorithm = "aws:kms"` | Use AWS KMS (customer-managed key) | -| `cors` | `cors_rule` | 1:1 copy | -| `retention_policy` | `object_lock_configuration` (if applicable) | Object Lock stricter than GCS retention | - -## Output Schema - -```json -{ - "gcp_type": "google_storage_bucket", - "gcp_address": "my-app-assets", - "gcp_config": { - "location": "us-central1", - "versioning_enabled": true, - "lifecycle_rule": [ - { - "action": "Delete", - "condition": { "age_days": 90 } - } - ] - }, - "aws_service": "S3", - "aws_config": { - "bucket": "my-app-assets-us-east-1", - "versioning_enabled": true, - "lifecycle_rule": [ - { - "id": "delete-old-versions", - "status": "Enabled", - "noncurrent_version_expiration": { "days": 90 } - } - ], - "region": "us-east-1" - }, - "confidence": "deterministic", - "rationale": "GCS → S3 is 1:1 deterministic; preserve versioning, lifecycle, encryption" -} -``` - -## No Decision Required - -Cloud Storage has no AWS equivalent variations. All mappings are direct. - -For non-storage use cases (static site hosting, data lakes, etc.), the hosting compute service (Fargate, Amplify) determines architecture, not the bucket itself. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/clarify.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/clarify.md deleted file mode 100644 index 03164981..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/clarify.md +++ /dev/null @@ -1,91 +0,0 @@ -# Phase 2: Clarify Requirements - -## Step 0: Validate Inputs - -1. Read `gcp-resource-inventory.json` from `$MIGRATION_DIR`. If missing: **STOP**. Output: "Missing gcp-resource-inventory.json. Complete Phase 1 (Discover) first." -2. If invalid JSON: **STOP**. Output: "gcp-resource-inventory.json is corrupted (invalid JSON). Re-run Phase 1." -3. If `resources` array is empty: **STOP**. Output: "gcp-resource-inventory.json contains no resources. Re-run Phase 1 with valid Terraform files." -4. Read `gcp-resource-clusters.json` from `$MIGRATION_DIR`. If missing: **STOP**. Output: "Missing gcp-resource-clusters.json. Complete Phase 1 (Discover) first." -5. If invalid JSON: **STOP**. Output: "gcp-resource-clusters.json is corrupted (invalid JSON). Re-run Phase 1." -6. If `clusters` array is empty: **STOP**. Output: "gcp-resource-clusters.json contains no clusters. Re-run Phase 1 with valid Terraform files." - -## Step 1: Load Inventory - -Read `gcp-resource-inventory.json` and `gcp-resource-clusters.json` from `$MIGRATION_DIR` (already validated in Step 0). - -## Step 2: Select Answering Mode - -Present 4 modes to user: - -| Mode | Style | When to use | -| ----- | ----------- | -------------------------------------------- | -| **A** | All at once | "I'll answer all 8 questions together" | -| **B** | One-by-one | "Ask me each question separately" | -| **C** | Defaults | "Use default answers (no questions)" | -| **D** | Free text | "I'll describe requirements in my own words" | - -If user selects **Mode C** or **Mode D**: use default answers from `shared/clarify-questions.md` and continue to Step 3. - -If user selects **Mode A** or **Mode B**: Present all 8 questions (from `shared/clarify-questions.md`), collect answers, continue to Step 3. - -**Fallback handling:** If user selects Mode A or B but then declines to answer questions or provides incomplete answers, offer Mode C (use defaults) or Mode D (free-text description) as alternatives. Phase 2 completes using whichever mode provides answers. - -## Step 3: Normalize Answers - -For Modes A/B (Q1-Q8 answered): - -- Validate each answer is within the option set -- If user gives free-form answer, map to closest option -- Store normalized answers - -For Mode C: - -- Use all defaults from `shared/clarify-questions.md` - -For Mode D (free-text): - -1. Parse user text to extract answers for Q1-Q8 - - Look for keywords matching question option descriptions - - For each question, mark as "extracted" if found or "default" if not - -2. **Confirmation step**: Present to user: - - ``` - Based on your requirements, I extracted: - - Q1 (Timeline): [extracted value] - - Q2 (Primary concern): [extracted value] - - Q3 (Team experience): [default value] ← using default - - ... - - Accept these, or re-run with Mode A/B to override? - ``` - -3. If user accepts: store answers with source tracking (extracted vs default) -4. If user declines: fall back to Mode A or B - -## Step 4: Write Clarified Output - -Write `clarified.json` to `.migration/[MMDD-HHMM]/` directory. - -**Schema:** See `references/shared/output-schema.md` → `clarified.json (Phase 2 output)` section for complete schema and field documentation. - -**Key fields:** - -- `mode`: "A", "B", "C", or "D" (answering mode selected in Step 2) -- `answers`: Object with keys q1_timeline through q8_compliance -- `timestamp`: ISO 8601 timestamp - -## Step 5: Update Phase Status - -Update `.phase-status.json`: - -```json -{ - "phase": "clarify", - "status": "completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - -Output to user: "Clarification complete. Proceeding to Phase 3: Design AWS Architecture." diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/design.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/design.md deleted file mode 100644 index ab651227..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/design.md +++ /dev/null @@ -1,184 +0,0 @@ -# Phase 3: Design AWS Architecture - -## Step 0: Validate Inputs - -1. Read `clarified.json` from `$MIGRATION_DIR`. If missing: **STOP**. Output: "Phase 2 (Clarify) not completed. Run Phase 2 first." - - If invalid JSON: **STOP**. Output: "clarified.json is corrupted (invalid JSON). Re-run Phase 2." -2. Read `gcp-resource-clusters.json` from `$MIGRATION_DIR`. If missing: **STOP**. Output: "Missing gcp-resource-clusters.json. Re-run Phase 1." - - If invalid JSON: **STOP**. Output: "gcp-resource-clusters.json is corrupted (invalid JSON). Re-run Phase 1." - - If `clusters` array is empty: **STOP**. Output: "No clusters found. Re-run Phase 1." -3. Read `gcp-resource-inventory.json` from `$MIGRATION_DIR`. If missing: **STOP**. Output: "Missing gcp-resource-inventory.json. Re-run Phase 1." - - If invalid JSON: **STOP**. Output: "gcp-resource-inventory.json is corrupted (invalid JSON). Re-run Phase 1." - - If `resources` array is empty: **STOP**. Output: "No resources found. Re-run Phase 1." - - This file provides per-resource `config` (machine_type, database_version, etc.) needed by design rubric eliminators and feature parity checks. - -## Step 1: Order Clusters - -Sort clusters by `creation_order_depth` (lowest first, representing foundational infrastructure). - -## Step 2: Two-Pass Mapping per Cluster - -For each cluster: - -### Pass 1: Fast-Path Lookup - -For each PRIMARY resource in the cluster: - -1. Extract GCP type (e.g., `google_sql_database_instance`) -2. Look up in `design-refs/fast-path.md` → Direct Mappings table -3. If found (deterministic 1:1 match): assign AWS service with confidence = `deterministic` -4. If not found: proceed to Pass 2 - -### Pass 2: Rubric-Based Selection - -For resources not covered by fast-path: - -1. Determine service category (via `design-refs/index.md`): - - `google_compute_instance` → compute - - `google_cloudfunctions_function` → compute - - `google_sql_database_instance` → database - - `google_storage_bucket` → storage - - `google_compute_network` → networking - - etc. - - **Catch-all for unknown types**: If resource type not found in `index.md`: - - Check resource name pattern (e.g., "scheduler" → orchestration, "log" → monitoring, "metric" → monitoring) - - If pattern match: use that category - - If no pattern match: Add to `warnings[]` with message: "Unknown GCP resource type: [type]. Not in fast-path.md or index.md. Skipped — file an issue to add support." Continue with remaining resources. - -2. Load rubric from corresponding `design-refs/*.md` file (e.g., `compute.md`, `database.md`) - -3. Evaluate 6 criteria (1-sentence each): - - **Eliminators**: Feature incompatibility (hard blocker) - - **Operational Model**: Managed vs self-hosted fit - - **User Preference**: From `clarified.json` answers - - **Feature Parity**: GCP feature → AWS feature availability - - **Cluster Context**: Affinity with other resources in this cluster - - **Simplicity**: Prefer fewer resources / less config - -4. Select best-fit AWS service. Confidence = `inferred` - -## Step 3: Handle Secondary Resources - -For each SECONDARY resource: - -1. Use `design-refs/index.md` for category -2. Apply fast-path (most secondaries have deterministic mappings) -3. If rubric needed: apply same 6-criteria approach - -## Step 3.5: Validate AWS Architecture (using awsknowledge) - -**Validation checks** (if awsknowledge available): - -For each mapped AWS service, verify: - -1. **Regional Availability**: Is the service available in the target region (e.g., `us-east-1`)? - - Use awsknowledge to check regional support - - If unavailable: add warning, suggest fallback region - -2. **Feature Parity**: Do required features exist in AWS service? - - Match GCP features from `clarified.json` answers - - Check AWS feature availability via awsknowledge - - If feature missing: add warning, suggest alternative service - -3. **Service Compatibility**: Are there known issues or constraints? - - Check best practices and gotchas via awsknowledge - - Add to warnings if applicable - -**If awsknowledge unavailable:** - -- Set `validation_status: "skipped"` in output -- **Display prominent warning to user**: "⚠️ WARNING: Architecture validation skipped (awsknowledge MCP unavailable). Regional availability, feature parity, and service constraints were NOT verified. Manually verify before proceeding." -- Add same warning to `aws-design-report.md` header -- Continue with design (validation is informational, not blocking) - -**If validation succeeds:** - -- Set `validation_status: "completed"` in output -- List validated services in report - -## Step 4: Write Design Output - -**File 1: `aws-design.json`** - -```json -{ - "validation_status": { - "status": "completed|skipped", - "message": "All services validated|Validation unavailable (awsknowledge MCP unreachable)" - }, - "clusters": [ - { - "cluster_id": "compute_instance_us-central1_001", - "gcp_region": "us-central1", - "aws_region": "us-east-1", - "resources": [ - { - "gcp_address": "google_compute_instance.web", - "gcp_type": "google_compute_instance", - "gcp_config": { - "machine_type": "n2-standard-2", - "zone": "us-central1-a", - "boot_disk_size_gb": 100 - }, - "aws_service": "Fargate", - "aws_config": { - "cpu": "0.5", - "memory": "1024", - "region": "us-east-1" - }, - "confidence": "inferred", - "rationale": "Compute mapping; always-on; Fargate for simplicity", - "rubric_applied": [ - "Eliminators: PASS", - "Operational Model: Managed Fargate", - "User Preference: Speed (q2)", - "Feature Parity: Full (always-on compute)", - "Cluster Context: Standalone compute tier", - "Simplicity: Fargate (managed, no EC2)" - ] - } - ] - } - ], - "warnings": [ - "service X not fully supported in us-east-1; fallback to us-west-2" - ], - "timestamp": "2026-02-26T14:30:00Z" -} -``` - -**File 2: `aws-design-report.md`** - -``` -# AWS Architecture Design Report - -## Overview -Mapped X GCP resources to Y AWS services across Z clusters. - -## Cluster: compute_instance_us-central1_001 -### Compute -- google_compute_instance.web → Fargate (0.5 CPU, 1 GB memory) - Confidence: deterministic - Rationale: Direct compute mapping, Cold Start not applicable (always-on) - -[repeat per resource] - -## Warnings -- Service X: falling back to region Y due to regional unavailability -``` - -## Step 5: Update Phase Status - -Update `.phase-status.json`: - -```json -{ - "phase": "design", - "status": "completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - -Output to user: "AWS Architecture designed. Proceeding to Phase 4: Estimate Costs." diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-app-code.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-app-code.md deleted file mode 100644 index 2353a327..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-app-code.md +++ /dev/null @@ -1,36 +0,0 @@ -# Discover Phase: App Code Discovery (v1.1+) - -**Status**: Not yet implemented (v1.1 feature). - -## Overview - -This discoverer will scan application code for `google.cloud.*` imports and detect compute workload types, AI services, and data dependencies. - -## Expected Behavior (v1.1+) - -- Scan Python, Node.js, Go codebases for `google.cloud.*` imports -- Detect compute workload types (batch, streaming, async jobs) -- Identify AI/ML workload characteristics -- Output: `app_code_resources.json` with detected services and confidence - -## Expected Output Schema (v1.1+) - -```json -{ - "app_code_resources": [ - { - "service": "Cloud Run", - "detected_imports": ["google.cloud.storage", "google.cloud.firestore"], - "workload_type": "web", - "evidence": "code analysis", - "confidence": 0.92 - } - ] -} -``` - -## Integration with Unify Phase - -**Note**: `unify-resources.md` does not exist yet — it is a planned v1.1+ file that will check for `app_code_resources.json` and merge service evidence into the final inventory produced by `discover-iac.md`. - -**Current Action**: Skip in v1.0. `discover.md` will not call this discoverer until v1.1+ when both this file and `unify-resources.md` are implemented. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-billing.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-billing.md deleted file mode 100644 index 35ba0464..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-billing.md +++ /dev/null @@ -1,34 +0,0 @@ -# Discover Phase: Billing Discovery (v1.2+) - -**Status**: Not yet implemented (v1.2 feature). - -## Overview - -This discoverer will import GCP billing data from CSV/JSON exports to identify active services and cost signals. - -## Expected Behavior (v1.2+) - -- Read GCP billing CSV or JSON export files -- Extract service SKUs, monthly cost, consumption patterns -- Output: `billing_resources.json` with flat list of detected services - -## Expected Output Schema (v1.2+) - -```json -{ - "billing_resources": [ - { - "service": "Cloud Run", - "monthly_cost_usd": 150.50, - "evidence": "billing export analysis", - "confidence": 0.95 - } - ] -} -``` - -## Integration with Unify Phase - -**Note**: `unify-resources.md` does not exist yet — it is a planned v1.1+ file that will check for `billing_resources.json` and merge service evidence into the final inventory produced by `discover-iac.md`. - -**Current Action**: Skip in v1.0. `discover.md` will not call this discoverer until v1.2+ when both this file and `unify-resources.md` are implemented. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-iac.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-iac.md deleted file mode 100644 index 2a48f541..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover-iac.md +++ /dev/null @@ -1,113 +0,0 @@ -# Discover Phase: IaC (Terraform) Discovery - -Extracts and clusters GCP resources from Terraform files. Produces final inventory and clusters JSON files. -**Execute ALL steps in order. Do not skip or optimize.** - -## Step 1: Parse Terraform Files - -1. Read all `.tf`, `.tfvars`, and `.tfstate` files in working directory (recursively) -2. Extract all resources matching `google_*` pattern (e.g., `google_compute_instance`, `google_sql_database_instance`) -3. For each resource, capture exactly: - - `address` (e.g., `google_compute_instance.web`) - - `type` (e.g., `google_compute_instance`) - - `config` (object with key attributes: `machine_type`, `name`, `region`, etc.) - - `raw_hcl` (raw HCL text for this resource, needed for Step 3) - - `depends_on` (array of addresses this resource depends on) -4. Report total resources found to user (e.g., "Parsed 50 GCP resources from Terraform") - -## Step 2: Classify Resources (PRIMARY vs SECONDARY) - -1. Read `references/clustering/terraform/classification-rules.md` completely -2. For EACH resource from Step 1, apply classification rules in priority order: - - **Priority 1**: Check if in PRIMARY list → mark `classification: "PRIMARY"`, continue - - **Priority 2**: Check if type matches SECONDARY patterns → mark `classification: "SECONDARY"` with `secondary_role` (one of: `identity`, `access_control`, `network_path`, `configuration`, `encryption`, `orchestration`) - - **Priority 3**: Apply LLM inference heuristics → mark as SECONDARY with `secondary_role` and confidence field - - **Default**: Mark as `SECONDARY` with `secondary_role: "configuration"` and `confidence: 0.5` -3. Confirm ALL resources have `classification` and (if SECONDARY) `secondary_role` fields -4. Report counts (e.g., "Classified: 12 PRIMARY, 38 SECONDARY") - -## Step 3: Build Dependency Edges and Populate Serves - -1. Read `references/clustering/terraform/typed-edges-strategy.md` completely -2. For EACH resource from Step 1, extract references from `raw_hcl`: - - Extract all `google_\w+\.[\w\.]+` patterns (or the capturing form `(google_\w+)\.(\w+)\.(\w+)` — see typed-edges-strategy.md) - - Classify edge type by field name/value context (see typed-edges-strategy.md) - - Store as `{from, to, relationship_type, evidence}` in `typed_edges[]` array -3. For SECONDARY resources, populate `serves[]` array: - - Trace outgoing references to PRIMARY resources - - Trace incoming `depends_on` references from PRIMARY resources - - Include transitive chains (e.g., IAM → SA → Cloud Run) -4. Report dependency summary (e.g., "Found 45 typed edges, 38 secondaries populated serves arrays") - -## Step 4: Calculate Topological Depth - -1. Read `references/clustering/terraform/depth-calculation.md` completely -2. Use Kahn's algorithm (or equivalent topological sort) to assign `depth` field: - - Depth 0: resources with no incoming dependencies - - Depth N: resources where at least one dependency is depth N-1 -3. **Detect cycles**: If any resource cannot be assigned depth, flag error: "Circular dependency detected between: [resources]. Breaking lowest-confidence edge." -4. Confirm ALL resources have `depth` field (integer ≥ 0) -5. Report depth summary (e.g., "Depth 0: 8 resources, Depth 1: 15 resources, ..., Max depth: 3") - -## Step 5: Apply Clustering Algorithm - -1. Read `references/clustering/terraform/clustering-algorithm.md` completely -2. Apply Rules 1-6 in exact priority order: - - **Rule 1: Networking Cluster** — `google_compute_network` + all `network_path` secondaries → 1 cluster - - **Rule 2: Same-Type Grouping** — ALL primaries of identical type → 1 cluster (not one per resource) - - **Rule 3: Seed Clusters** — Each remaining PRIMARY gets cluster + its `serves[]` secondaries - - **Rule 4: Merge on Dependencies** — Merge only if single deployment unit (rare) - - **Rule 5: Skip API Services** — `google_project_service` never gets own cluster; attach to service it enables - - **Rule 6: Deterministic Naming** — `{service_category}_{service_type}_{gcp_region}_{sequence}` (e.g., `compute_cloudrun_us-central1_001`, `database_sql_us-central1_001`) -3. Assign `cluster_id` to EVERY resource (must match one of generated clusters) -4. Confirm ALL resources have `cluster_id` field -5. Report clustering results (e.g., "Generated 6 clusters from 50 resources") - -## Step 6: Write Final Output Files - -**This step is MANDATORY. Write both files with exact schemas.** - -### 6a: Write gcp-resource-inventory.json - -1. Create file: `.migration/[MMDD-HHMM]/gcp-resource-inventory.json` -2. Write with exact schema per `references/shared/output-schema.md` → `gcp-resource-inventory.json (Phase 1 output)` section - -**CRITICAL field names (use EXACTLY these):** - -- `address` (resource Terraform address) -- `type` (resource Terraform type) -- `classification` (PRIMARY or SECONDARY) -- `secondary_role` (for secondaries only; one of: identity, access_control, network_path, configuration, encryption, orchestration) -- `cluster_id` (assigned cluster) -- `config` (resource configuration object: machine_type, database_version, region, etc.) -- `dependencies` (list of Terraform addresses this resource depends on) -- `depth` (topological depth, integer ≥ 0) -- `serves` (for secondaries only; list of resources this secondary supports) - -### 6b: Write gcp-resource-clusters.json - -1. Create file: `.migration/[MMDD-HHMM]/gcp-resource-clusters.json` -2. Write with exact schema per `references/shared/output-schema.md` → `gcp-resource-clusters.json (Phase 1 output)` section - -**CRITICAL field names (use EXACTLY these):** - -- `cluster_id` (matches resources' cluster_id) -- `name` (human-readable cluster name) -- `type` (cluster category: compute, database, network, storage, etc.) -- `description` (brief description of cluster contents) -- `primary_resources` (array of addresses) -- `secondary_resources` (array of addresses) -- `creation_order_depth` (matches resource depths) -- `gcp_region` (GCP region for this cluster) -- `network` (cluster_id of the network cluster this cluster belongs to, or null) -- `must_migrate_together` (boolean: true if resources must move together) -- `dependencies` (array of cluster_ids this cluster depends on) -- `edges` (array of {from, to, relationship_type}) - -### 6c: Validate Both Files Exist - -1. Confirm `.migration/[MMDD-HHMM]/gcp-resource-inventory.json` exists and is valid JSON -2. Confirm `.migration/[MMDD-HHMM]/gcp-resource-clusters.json` exists and is valid JSON -3. Verify all resource addresses in inventory appear in exactly one cluster -4. Verify all cluster IDs match resource cluster_id assignments -5. Report to user: "✅ Wrote gcp-resource-inventory.json (X resources) and gcp-resource-clusters.json (Y clusters)" diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover.md deleted file mode 100644 index 09a9b1c4..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/discover/discover.md +++ /dev/null @@ -1,109 +0,0 @@ -# Phase 1: Discover GCP Resources - -Lightweight orchestrator that detects available source types and delegates to domain-specific discoverers. -**Execute ALL steps in order. Do not skip or deviate.** - -## Step 0: Initialize Migration State - -1. Create `.migration/[MMDD-HHMM]/` directory (e.g., `.migration/0226-1430/`) using current timestamp (MMDD = month/day, HHMM = hour/minute) -2. Create `.migration/.gitignore` file (if not already present) with exact content: - - ``` - # Auto-generated migration state (temporary, should not be committed) - * - !.gitignore - ``` - - This prevents accidental commits of migration artifacts. - -3. Write `.phase-status.json` with exact schema: - - ```json - { - "phase": "discover", - "status": "in-progress", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" - } - ``` - -4. Confirm both `.migration/.gitignore` and `.phase-status.json` exist before proceeding to Step 1. - -## Step 1: Scan for Available Source Types - -1. Recursively scan working directory for source files: - - **Terraform**: `.tf`, `.tfvars`, `.tfstate` files (primary v1.0) - - **Billing** (v1.2+): GCP billing CSV/JSON exports (skip if not available) - - **App code** (v1.1+): Python/Node/Go with `google.cloud.*` imports (skip if not available) -2. **IF zero sources found**: STOP and output: "No GCP sources detected (no `.tf` files, billing exports, or app code). Provide at least one source type and try again." -3. Report detected sources to user (e.g., "Found Terraform files in: [list]") - -## Step 2: Invoke Terraform Discoverer (v1.0 — REQUIRED) - -**This step is MANDATORY for v1.0. Produces final outputs directly.** - -1. **IF Terraform files found** (from Step 1): - - Read `references/phases/discover/discover-iac.md` completely - - Follow ALL steps in discover-iac.md exactly as written - - **WAIT for completion**: Confirm BOTH output files exist in `.migration/[MMDD-HHMM]/`: - - `gcp-resource-inventory.json` (REQUIRED) - - `gcp-resource-clusters.json` (REQUIRED) - - **Validate schemas**: Confirm files contain all required fields - - Proceed to Step 3 -2. **IF Terraform files NOT found**: - - **STOP.** Output: "No Terraform files found. v1.0 requires Terraform-defined infrastructure for discovery. Provide `.tf` files and try again." - - Note: App code and billing discovery are planned for v1.1/v1.2 but do not yet produce the `gcp-resource-inventory.json` and `gcp-resource-clusters.json` files that downstream phases require. - -## Step 3: Update Phase Status - -1. Update `.phase-status.json` with exact schema: - - ```json - { - "phase": "discover", - "status": "completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" - } - ``` - -2. Output to user: "✅ Discover phase complete. Discovered X total resources across Y clusters. Proceeding to Phase 2: Clarify." - -## Output Files ONLY - -**Discover phase produces EXACTLY 2 files in `.migration/[MMDD-HHMM]/`:** - -1. `gcp-resource-inventory.json` (REQUIRED) -2. `gcp-resource-clusters.json` (REQUIRED) - -**No other files should be created:** - -- ❌ README.md -- ❌ discovery-summary.md -- ❌ EXECUTION_REPORT.txt -- ❌ discovery-log.md -- ❌ Any documentation or report files - -All user communication via output messages only. - -## Error Handling - -- **Missing `.migration` directory**: Create it (Step 0) -- **Missing `.migration/.gitignore`**: Create it automatically (Step 0) — prevents accidental commits -- **No Terraform files found**: STOP with error message (Step 1). Terraform is required for v1.0. -- **discover-iac.md fails**: STOP and report exact failure point -- **discover-iac.md completes but output files missing**: STOP with error listing missing files -- **Output file validation fails**: STOP and report schema errors -- **Extra files created (README, reports, etc.)**: Failure. Discover must produce ONLY the two JSON files. - -## Future Versions (v1.1+, v1.2+) - -**v1.1 (App Code Discovery):** - -- Implement `discover-app-code.md` to scan Python/Node/Go imports -- Merge strategy with Terraform results: TBD - -**v1.2 (Billing Discovery):** - -- Implement `discover-billing.md` to parse GCP billing exports -- Merge strategy with other sources: TBD diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/estimate.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/estimate.md deleted file mode 100644 index 39b9e1ac..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/estimate.md +++ /dev/null @@ -1,229 +0,0 @@ -# Phase 4: Estimate AWS Costs - -## Step 0: Validate Design Output - -Before pricing queries, validate inputs: - -**0a. Validate `aws-design.json`:** - -1. **File exists**: If missing, **STOP**. Output: "Phase 3 (Design) not completed. Run Phase 3 first." -2. **Valid JSON**: If parse fails, **STOP**. Output: "Design file corrupted (invalid JSON). Re-run Phase 3." -3. **Required fields**: - - `clusters` array is not empty: If empty, **STOP**. Output: "No clusters in design. Re-run Phase 3." - - Each cluster has `resources` array: If missing, **STOP**. Output: "Cluster [id] missing resources. Re-run Phase 3." - - Each resource has `aws_service` field: If missing, **STOP**. Output: "Resource [address] missing aws_service. Re-run Phase 3." - - Each resource has `aws_config` field: If missing, **STOP**. Output: "Resource [address] missing aws_config. Re-run Phase 3." - -**0b. Validate `clarified.json`:** - -1. **File exists**: If missing, **STOP**. Output: "Phase 2 (Clarify) not completed. Run Phase 2 first." -2. **Valid JSON**: If parse fails, **STOP**. Output: "Clarified file corrupted (invalid JSON). Re-run Phase 2." - -If all validations pass, proceed to Step 1. - -## Step 1: Check Pricing Availability - -Call MCP `awspricing` with `get_pricing_service_codes()`: - -### Retry Logic - -Attempt to reach awspricing with **up to 2 retries** (3 total attempts): - -1. **Attempt 1**: Call `get_pricing_service_codes()` -2. **If timeout/error**: Wait 1 second, retry (Attempt 2) -3. **If still fails**: Wait 2 seconds, retry (Attempt 3) -4. **If all 3 attempts fail**: Proceed to fallback - -### Success Path - -- **If any attempt succeeds**: Use live AWS pricing for all estimates -- **Pricing source**: Mark as `live` in estimation.json - -### Fallback Path - -- **If all 3 attempts fail**: - 1. Load `shared/pricing-fallback.json` - 2. **Check staleness**: - - Read `metadata.last_updated` (e.g., "2026-02-24") - - Calculate days since update: `today - last_updated` - - If > 60 days: Add to estimation report: "⚠️ Cached pricing data is >60 days old; accuracy may be significantly degraded" - - If 30-60 days: Add to estimation report: "⚠️ Cached pricing data is 30-60 days old; accuracy may be reduced" - - If ≤ 30 days: Add to estimation report: "Note: Using cached rates (±15-25% accuracy)" - 3. Log warning: "AWS pricing API unavailable; using cached rates from [last_updated]" - 4. **Display to user**: Add visible warning to estimation report with staleness notice - 5. **Pricing source**: Mark as `fallback` in estimation.json with note - 6. Proceed to Step 2 - -## Step 2: Extract Services from Design - -Read `aws-design.json`. Build list of unique AWS services mapped: - -- Fargate -- RDS (Aurora Serverless v2) -- S3 -- ALB -- Lambda -- ECS -- VPC / NAT Gateway -- etc. - -## Step 3: Query Pricing - -For each service: - -1. Determine usage scenario from `aws-design.json` config (e.g., Fargate: 0.5 CPU, 1 GB memory, assumed 24/7) -2. Query pricing and track source: - - **If live API available**: Call awspricing with appropriate filters - - Region: extracted from design (default `us-east-1`) - - Service attributes: CPU, memory, storage, etc. - - Mark: `pricing_source: "live"` - - **If using fallback**: Look up in `shared/pricing-fallback.json` - - Check if service exists in fallback data: - - **If found**: Use cached price, mark: `pricing_source: "fallback"` - - **If NOT found**: - 1. Add to `services_with_missing_fallback[]` in estimation.json - 2. Use conservative estimate (e.g., AWS average tier pricing or ask user) - 3. Mark: `pricing_source: "estimated"` - 4. Add warning: "Service [X] not in cached fallback data; cost estimated conservatively" -3. Calculate monthly cost per service - -Handle 3 cost tiers (to show optimization range): - -- **Premium**: Latest generation, highest availability (e.g., db.r6g, Fargate Spot disabled) -- **Balanced**: Standard generation, typical setup (e.g., db.t4g, Fargate on-demand) -- **Optimized**: Cost-minimized (e.g., db.t4g with reserved, Fargate Spot 70%) - -## Step 4: Calculate Summary - -**Monthly operational cost:** - -``` -Sum of all service monthly costs (Balanced tier) -``` - -**One-time migration cost:** - -``` -Development hours: X hours × $150/hour (assume 10-15 weeks) -Data transfer: Y GB × $0.02/GB (egress from GCP) -``` - -**ROI (vs GCP):** - -Monthly GCP cost determination (in priority order): - -1. **From inventory**: If `gcp-resource-inventory.json` contains pricing data, sum all service costs -2. **From clarified.json**: If user provided "current GCP monthly spend" in Phase 2 answers, use that value -3. **From user prompt**: If neither available, ask user: "What is your current monthly GCP spend? (This is used for ROI; provide best estimate)" -4. **Cannot calculate**: If user cannot provide, set `roi.status: "cannot_calculate"` and `roi.message: "GCP monthly cost unavailable. Provide your current GCP spend to calculate ROI."` Skip payback and savings calculations. - -Then calculate: - -``` -Monthly GCP cost: (from above) -AWS monthly cost: (from Step 3) -Monthly savings: GCP - AWS -Payback period: One-time cost / Monthly savings (in months) -5-year savings: (Monthly savings × 60) - One-time cost -``` - -Add to assumptions: "GCP monthly cost: [SOURCE - actual, user estimate, or default]" - -## Step 5: Write Estimation Output - -Write `estimation.json` (schema must match `references/shared/output-schema.md`): - -```json -{ - "pricing_source": { - "status": "live|fallback", - "message": "Using live AWS pricing API|Using cached rates from [date] (±15-25% accuracy)", - "fallback_staleness": { - "last_updated": "2026-02-24", - "days_old": 3, - "is_stale": false, - "staleness_warning": null - }, - "services_by_source": { - "live": ["Fargate", "RDS Aurora", "S3", "ALB"], - "fallback": [], - "estimated": [] - }, - "services_with_missing_fallback": [] - }, - "monthly_costs": { - "premium": { "total": 5000, "breakdown": {"Fargate": 1200, "RDS": 2500, ...} }, - "balanced": { "total": 3500, "breakdown": {"Fargate": 800, "RDS": 1800, ...} }, - "optimized": { "total": 2200, "breakdown": {"Fargate": 400, "RDS": 1200, ...} } - }, - "one_time_costs": { - "dev_hours": "150 hours @ $150/hr = $22,500", - "data_transfer": "500 GB @ $0.02/GB = $10", - "training": "Team AWS training = $5,000", - "total": 27510 - }, - "roi": { - "assumed_gcp_monthly": 4500, - "aws_monthly_balanced": 3500, - "monthly_savings": 1000, - "payback_months": 27.51, - "five_year_savings": 32490 - }, - "assumptions": [ - "24/7 workload usage", - "No Reserved Instances", - "No Spot instances (Balanced tier)", - "Region: us-east-1", - "GCP monthly cost: user estimate" - ], - "timestamp": "2026-02-26T14:30:00Z" -} -``` - -Write `estimation-report.md`: - -``` -# AWS Cost Estimation - -## Monthly Operating Costs - -### Balanced Tier (Recommended) -- Fargate: $800 -- RDS Aurora: $1,800 -- S3: $500 -- ALB: $200 -- NAT Gateway: $200 -- **Total: $3,500/month** - -### Comparison Tiers -- Premium: $5,000/month -- Optimized: $2,200/month - -## One-Time Migration Costs -- Dev: 150 hours @ $150/hr = $22,500 -- Data transfer: 500 GB @ $0.02/GB = $10 -- Training: $5,000 -- **Total: $27,510** - -## ROI Analysis -- Assumed GCP cost: $4,500/month -- AWS Balanced: $3,500/month -- **Savings: $1,000/month** -- **Payback: 27.5 months** -- **5-year savings: $32,490** -``` - -## Step 6: Update Phase Status - -Update `.phase-status.json`: - -```json -{ - "phase": "estimate", - "status": "completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - -Output to user: "Cost estimation complete. Balanced tier: $X/month, Payback: X months. Proceeding to Phase 5: Execution Plan." diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/execute.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/execute.md deleted file mode 100644 index cce2ef08..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/phases/execute.md +++ /dev/null @@ -1,211 +0,0 @@ -# Phase 5: Execution Plan - -## Step 1: Validate Design and Estimation - -Validate both input files before proceeding: - -**1a. Validate `aws-design.json`:** - -1. If file missing: **STOP**. Output: "Missing aws-design.json. Complete Phase 3 (Design) first." -2. If invalid JSON: **STOP**. Output: "aws-design.json is corrupted (invalid JSON). Re-run Phase 3." -3. If `clusters` array is missing or empty: **STOP**. Output: "aws-design.json contains no clusters. Re-run Phase 3." -4. Each cluster must have a non-empty `resources` array: If any cluster has no resources, **STOP**. Output: "Cluster [id] has no resources. Re-run Phase 3." -5. Each resource must have `aws_service` and `aws_config` fields: If missing, **STOP**. Output: "Resource [address] missing required fields. Re-run Phase 3." - -**1b. Validate `estimation.json`:** - -1. If file missing: **STOP**. Output: "Missing estimation.json. Complete Phase 4 (Estimate) first." -2. If invalid JSON: **STOP**. Output: "estimation.json is corrupted (invalid JSON). Re-run Phase 4." -3. If `monthly_costs` is missing: **STOP**. Output: "estimation.json missing monthly_costs. Re-run Phase 4." -4. If `monthly_costs.balanced.total` is 0 or missing: **STOP**. Output: "estimation.json has zero or missing balanced cost total. Re-run Phase 4." -5. If `one_time_costs` is missing: **STOP**. Output: "estimation.json missing one_time_costs. Re-run Phase 4." - -If all validations pass, proceed to Step 2. - -## Step 2: Build Execution Timeline - -Create 8-12 week timeline with critical path based on cluster dependencies and data transfer complexity. - -### Week 1-2: Planning & Setup - -- Finalize AWS account structure -- Set up network (VPC, subnets, routing) -- Provision core IAM roles -- Validate connectivity (GCP to AWS for data migration) - -### Week 3-5: Proof of Concept - -- Deploy smallest cluster to AWS -- Test application performance -- Validate data pipeline (GCP → AWS) -- Measure baseline latency - -### Week 6-8: Full Infrastructure - -- Deploy remaining clusters -- Set up cross-cluster networking -- Implement monitoring and logging -- Establish backup/restore procedures - -### Week 9-10: Data Migration - -- Migrate primary data (databases, storage) -- Validate data integrity -- Establish replication / dual-write for production cutover - -### Week 11: Cutover - -- Test failover procedures -- DNS switch (GCP → AWS) -- Monitor for 24-48 hours -- Rollback procedures on standby - -### Week 12: Cleanup - -- Decommission GCP resources -- Archive GCP data -- Final cost reconciliation - -## Step 3: Risk Assessment - -**Critical risks:** - -- **Data loss during migration**: Mitigation: dual-write for 2 weeks before cutover; full backup before migration -- **Performance regression**: Mitigation: PoC testing in Week 3-5; load testing in Week 6 -- **Team capacity**: Mitigation: assume 2 FTE engineers dedicated for 12 weeks; external support if needed -- **Rollback complexity**: Mitigation: practice rollback procedures in Week 9; maintain read-only GCP copy for 2 weeks post-cutover - -## Step 4: Rollback Procedures - -**Trigger conditions for rollback:** - -- Data integrity issues detected during validation -- Performance regression >20% vs GCP baseline -- Cost overruns >50% vs estimation -- Critical unforeseen AWS service limitations - -**Rollback steps (reversible up to DNS cutover):** - -1. Pause dual-write replication -2. Reverse DNS records (AWS → GCP) -3. Shut down AWS workloads (keep for 1 week as standby) -4. Resume GCP read traffic -5. Monitor for 24 hours - -Post-DNS, rollback is manual: requires restore from backup (2-4 hour RTO). - -## Step 5: GCP Teardown Checklist - -Only after 2 weeks stable AWS operation: - -- [ ] Archive all GCP data to Cloud Storage (long-term retention) -- [ ] Delete GCP compute instances, databases, storage buckets -- [ ] Delete GCP VPC and networking -- [ ] Disable GCP billing -- [ ] Archive project for audit trail - -## Step 6: Write Execution Output - -Write `execution.json`: - -```json -{ - "timeline_weeks": 12, - "critical_path": [ - "VPC setup (Week 1)", - "PoC deployment (Week 3-5)", - "Data migration (Week 9-10)", - "DNS cutover (Week 11)" - ], - "risks": [ - { - "category": "data_loss", - "probability": "low", - "impact": "critical", - "mitigation": "dual-write + backup" - }, - { - "category": "performance_regression", - "probability": "medium", - "impact": "high", - "mitigation": "PoC testing (Week 3-5); load testing (Week 6)" - } - ], - "rollback_window": "Reversible until DNS cutover (Week 11)", - "gcp_teardown_week": 14, - "timestamp": "2026-02-26T14:30:00Z" -} -``` - -Write `execution-timeline.md`: - -``` -# GCP→AWS Migration Timeline - -## Week 1-2: Planning & Setup -- [ ] AWS account setup -- [ ] VPC / Subnets / Routing -- [ ] IAM roles & policies -- [ ] GCP→AWS connectivity test - -## Week 3-5: Proof of Concept -- [ ] Deploy pilot cluster -- [ ] Latency & performance baseline -- [ ] Data pipeline validation -- [ ] Sign-off on architecture - -## Week 6-8: Full Infrastructure -- [ ] Deploy all clusters -- [ ] Cross-cluster networking -- [ ] Monitoring / logging setup -- [ ] Backup procedures - -## Week 9-10: Data Migration -- [ ] Primary data migration -- [ ] Data integrity validation -- [ ] Establish dual-write - -## Week 11: Cutover -- [ ] Failover test -- [ ] DNS switch -- [ ] 24-48hr monitoring - -## Week 12: Cleanup -- [ ] Cost reconciliation -- [ ] Final validation - -## Week 14: GCP Teardown -- [ ] Archive data -- [ ] Delete resources -- [ ] Close project -``` - -## Step 7: Update Phase Status - -Update `.phase-status.json`: - -```json -{ - "phase": "execute", - "status": "completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - -Output to user: - -"✓ Migration plan complete. Summary: - -- Timeline: 12 weeks -- AWS monthly cost: $[balanced total from estimation.json] (Balanced) -- Payback period: [payback_months from estimation.json] months -- Rollback window: Through DNS cutover - -Files saved: - -- aws-design.json -- estimation.json -- execution.json - -Use this plan to guide your migration. All phases of the GCP-to-AWS migration analysis are complete." diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/clarify-questions.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/clarify-questions.md deleted file mode 100644 index 92153ac2..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/clarify-questions.md +++ /dev/null @@ -1,136 +0,0 @@ -# Clarification Questions (Q1-Q8) & Defaults - -## Q1: Migration Timeline - -**Question:** How quickly do you need to complete the migration? - -**Options:** - -- A. Immediate (0-3 months) -- B. Near-term (3-6 months) -- C. Flexible (6-12 months) -- D. No timeline pressure - -**Default (Mode C):** C (6-12 months) - ---- - -## Q2: Primary Concern - -**Question:** What is your top priority for this migration? - -**Options:** - -- A. Cost reduction -- B. Technical capability / compliance -- C. Speed to execution -- D. Team familiarity / maintainability - -**Default (Mode C):** A (Cost reduction) - ---- - -## Q3: Team Experience - -**Question:** What is your team's experience level with AWS? - -**Options:** - -- A. Expert (deployed 5+ production AWS services) -- B. Moderate (deployed 1-2 AWS services) -- C. Novice (AWS new to team) -- D. Mixed (varies by role) - -**Default (Mode C):** C (Novice; assume managed services preferred) - ---- - -## Q4: Traffic Profile - -**Question:** What is your typical traffic pattern? - -**Options:** - -- A. Highly variable (10x-100x spikes) -- B. Predictable (±20% variation) -- C. Mostly steady (±5% variation) -- D. Unknown / hard to predict - -**Default (Mode C):** B (Predictable; assume on-demand sizing) - ---- - -## Q5: Database Requirements - -**Question:** What type of database access pattern do you need? - -**Options:** - -- A. Structured (relational, ACID, SQL) -- B. Document-oriented (NoSQL, flexible schema) -- C. Analytics (data warehouse, OLAP) -- D. Mix of above - -**Default (Mode C):** A (Structured; RDS Aurora default) - ---- - -## Q6: Cost Sensitivity - -**Question:** How cost-sensitive is your migration budget? - -**Options:** - -- A. Very sensitive (minimize at all costs) -- B. Moderate (balance cost + performance) -- C. Cost not primary (prioritize capability) -- D. Depends on service - -**Default (Mode C):** B (Moderate; Balanced tier default) - ---- - -## Q7: Multi-Cloud Strategy - -**Question:** Do you plan to keep workloads running on GCP? - -**Options:** - -- A. No (full exit from GCP) -- B. Yes (multi-cloud for redundancy) -- C. Maybe (undecided) -- D. Yes (strategic GCP usage remains) - -**Default (Mode C):** A (Full exit; assume full migration) - ---- - -## Q8: Compliance / Regulatory - -**Question:** Do you have specific compliance or regulatory requirements? - -**Options:** - -- A. None -- B. Standard (HIPAA, PCI-DSS, SOC2) -- C. Strict (FedRAMP, GxP, GDPR) -- D. Varies by service - -**Default (Mode C):** A (None) - ---- - -## Mode Summary - -| Mode | Interaction | Defaults Used? | -| ----- | -------------------------------------- | -------------------------------------------------------- | -| **A** | User answers all 8 questions at once | No; use user answers | -| **B** | Agent asks each question separately | No; use user answers | -| **C** | No questions; use defaults immediately | Yes; Mode C defaults above | -| **D** | User provides free-form requirements | Partial; extract Q1-8 from text, fill gaps with defaults | - ---- - -## Output: clarified.json - -See `references/shared/output-schema.md` for the `clarified.json` schema. diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/output-schema.md b/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/output-schema.md deleted file mode 100644 index 42a8eb2a..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/output-schema.md +++ /dev/null @@ -1,397 +0,0 @@ -# Output Schema Reference - -Complete JSON schemas for all phase outputs and state files. - -**Convention**: Values shown as `X|Y` in examples indicate allowed alternatives — use exactly one value per field, not the literal pipe character. These pipe-separated values are documentation shorthand only and must NOT appear in actual output JSON. Always select one concrete value. - -## .phase-status.json - -Current phase tracking and status. - -```json -{ - "phase": "discover|clarify|design|estimate|execute", - "status": "in-progress|completed", - "timestamp": "2026-02-26T14:30:00Z", - "version": "1.0.0" -} -``` - ---- - -## gcp-resource-inventory.json (Phase 1 output) - -All discovered GCP resources with full configuration and dependencies. - -```json -{ - "timestamp": "2026-02-26T14:30:00Z", - "metadata": { - "total_resources": 50, - "primary_resources": 12, - "secondary_resources": 38, - "total_clusters": 6, - "terraform_available": true - }, - "resources": [ - { - "address": "google_sql_database_instance.prod_postgres", - "type": "google_sql_database_instance", - "classification": "PRIMARY", - "secondary_role": null, - "cluster_id": "database_sql_us-central1_001", - "config": { - "database_version": "POSTGRES_13", - "region": "us-central1", - "tier": "db-custom-2-7680" - }, - "dependencies": [], - "depth": 0, - "serves": [] - }, - { - "address": "google_compute_instance.web", - "type": "google_compute_instance", - "classification": "PRIMARY", - "secondary_role": null, - "cluster_id": "compute_instance_us-central1_001", - "config": { - "machine_type": "e2-medium", - "zone": "us-central1-a", - "image": "debian-11" - }, - "dependencies": ["google_compute_network.vpc"], - "depth": 1, - "serves": [] - }, - { - "address": "google_compute_network.vpc", - "type": "google_compute_network", - "classification": "PRIMARY", - "secondary_role": null, - "cluster_id": "network_vpc_us-central1_001", - "config": { - "auto_create_subnetworks": false - }, - "dependencies": [], - "depth": 0, - "serves": [] - } - ] -} -``` - -**Schema fields:** - -- `metadata`: Summary statistics (total_resources, primary/secondary counts, cluster count, terraform_available) -- `resources`: Array of all discovered resources with fields: - - `address`: Terraform resource address - - `type`: Terraform resource type - - `classification`: PRIMARY or SECONDARY - - `secondary_role`: Role if SECONDARY (identity, access_control, network_path, configuration, encryption, orchestration); null for PRIMARY - - `cluster_id`: Assigned cluster identifier - - `config`: Resource configuration (varies by type) - - `dependencies`: List of Terraform addresses this resource depends on - - `depth`: Topological depth (0 = no dependencies, N = depends on depth N-1) - - `serves`: List of resources this secondary supports (for SECONDARY only) - ---- - -## gcp-resource-clusters.json (Phase 1 output) - -Clustered resources by affinity and deployment order. - -```json -{ - "clusters": [ - { - "cluster_id": "network_vpc_us-central1_001", - "name": "VPC Network", - "type": "network", - "description": "Primary: compute_network.vpc, Secondary: firewall.web-allow-http", - "gcp_region": "us-central1", - "creation_order_depth": 0, - "primary_resources": [ - "google_compute_network.vpc" - ], - "secondary_resources": [ - "google_compute_firewall.web-allow-http" - ], - "network": null, - "must_migrate_together": true, - "dependencies": [], - "edges": [] - }, - { - "cluster_id": "compute_instance_us-central1_001", - "name": "Compute Instance", - "type": "compute", - "description": "Primary: compute_instance.web", - "gcp_region": "us-central1", - "creation_order_depth": 1, - "primary_resources": [ - "google_compute_instance.web" - ], - "secondary_resources": [], - "network": "network_vpc_us-central1_001", - "must_migrate_together": true, - "dependencies": ["network_vpc_us-central1_001"], - "edges": [ - { - "from": "google_compute_instance.web", - "to": "google_compute_network.vpc", - "relationship_type": "network_path" - } - ] - }, - { - "cluster_id": "database_sql_us-central1_001", - "name": "Cloud SQL PostgreSQL", - "type": "database", - "description": "Primary: sql_database_instance.prod_postgres", - "gcp_region": "us-central1", - "creation_order_depth": 0, - "primary_resources": [ - "google_sql_database_instance.prod_postgres" - ], - "secondary_resources": [], - "network": null, - "must_migrate_together": true, - "dependencies": [], - "edges": [] - } - ] -} -``` - ---- - -## clarified.json (Phase 2 output) - -User answers to clarification questions. - -```json -{ - "mode": "A", - "answers": { - "q1_timeline": "6-12 months", - "q2_primary_concern": "cost", - "q3_team_experience": "novice", - "q4_traffic_profile": "predictable", - "q5_database_requirements": "structured", - "q6_cost_sensitivity": "moderate", - "q7_multi_cloud": "no", - "q8_compliance": "none" - }, - "timestamp": "2026-02-26T14:30:00Z" -} -``` - ---- - -## aws-design.json (Phase 3 output) - -AWS services mapped from GCP resources, clustered by affinity. - -```json -{ - "validation_status": { - "status": "completed|skipped", - "message": "All services validated for regional availability and feature parity|Validation unavailable (awsknowledge MCP unreachable)" - }, - "clusters": [ - { - "cluster_id": "compute_instance_us-central1_001", - "gcp_region": "us-central1", - "aws_region": "us-east-1", - "resources": [ - { - "gcp_address": "google_compute_instance.web", - "gcp_type": "google_compute_instance", - "gcp_config": { - "machine_type": "n2-standard-2", - "zone": "us-central1-a", - "boot_disk_size_gb": 100 - }, - "aws_service": "Fargate", - "aws_config": { - "cpu": "0.5", - "memory": "1024", - "region": "us-east-1" - }, - "confidence": "inferred", - "rationale": "Compute mapping; always-on; Fargate for simplicity", - "rubric_applied": [ - "Eliminators: PASS", - "Operational Model: Managed Fargate", - "User Preference: Cost (q2)", - "Feature Parity: Full (always-on compute)", - "Cluster Context: Standalone compute tier", - "Simplicity: Fargate (managed, no EC2)" - ] - } - ] - } - ], - "warnings": [ - "Service X not available in us-east-1; feature parity check deferred to us-west-2" - ], - "timestamp": "2026-02-26T14:30:00Z" -} -``` - ---- - -## estimation.json (Phase 4 output) - -Monthly operating costs, one-time migration costs, and ROI analysis. - -```json -{ - "pricing_source": { - "status": "live|fallback", - "message": "Using live AWS pricing API|Using cached rates from 2026-02-24 (±15-25% accuracy due to API unavailability)", - "fallback_staleness": { - "last_updated": "2026-02-24", - "days_old": 3, - "is_stale": false, - "staleness_warning": "null|⚠️ Cached pricing data is >60 days old; accuracy may be significantly degraded" - }, - "services_by_source": { - "live": ["Fargate", "RDS Aurora", "S3", "ALB"], - "fallback": ["NAT Gateway"], - "estimated": [] - }, - "services_with_missing_fallback": [] - }, - "monthly_costs": { - "premium": { - "total": 5000, - "breakdown": { - "Fargate": 1200, - "RDS Aurora": 2500, - "S3": 500, - "ALB": 200, - "NAT Gateway": 300, - "Data Transfer": 300 - } - }, - "balanced": { - "total": 3500, - "breakdown": { - "Fargate": 800, - "RDS Aurora Serverless": 1800, - "S3": 500, - "ALB": 200, - "NAT Gateway": 200 - } - }, - "optimized": { - "total": 2200, - "breakdown": { - "Fargate Spot": 300, - "RDS Aurora Serverless": 1200, - "S3": 500, - "NAT Gateway": 200 - } - } - }, - "one_time_costs": { - "dev_hours": "150 hours @ $150/hr = $22,500", - "data_transfer": "500 GB @ $0.02/GB = $10", - "training": "Team AWS training = $5,000", - "total": 27510 - }, - "roi": { - "assumed_gcp_monthly": 4500, - "aws_monthly_balanced": 3500, - "monthly_savings": 1000, - "payback_months": 27.51, - "five_year_savings": 32490 - }, - "assumptions": [ - "24/7 workload operation", - "us-east-1 region selection", - "No Reserved Instances purchased", - "No Spot instances in Balanced tier", - "GCP monthly cost: user estimate" - ], - "timestamp": "2026-02-26T14:30:00Z" -} -``` - ---- - -## execution.json (Phase 5 output) - -Timeline, risk assessment, and rollback procedures. - -```json -{ - "timeline_weeks": 12, - "critical_path": [ - "VPC setup (Week 1)", - "PoC deployment (Week 3-5)", - "Data migration (Week 9-10)", - "DNS cutover (Week 11)" - ], - "risks": [ - { - "category": "data_loss", - "probability": "low", - "impact": "critical", - "mitigation": "Dual-write replication for 2 weeks; full backup before cutover" - }, - { - "category": "performance_regression", - "probability": "medium", - "impact": "high", - "mitigation": "PoC testing (Week 3-5); load testing (Week 6)" - }, - { - "category": "team_capacity", - "probability": "medium", - "impact": "medium", - "mitigation": "Allocate 2 FTE engineers; external support if needed" - } - ], - "rollback_window": "Reversible until DNS cutover (Week 11); manual after", - "gcp_teardown_week": 14, - "timestamp": "2026-02-26T14:30:00Z" -} -``` - ---- - -## Design Resource Schema (aws-design.json resource object) - -Template for individual resource mappings in aws-design.json. - -```json -{ - "gcp_address": "google_sql_database_instance.prod_postgres", - "gcp_type": "google_sql_database_instance", - "gcp_config": { - "database_version": "POSTGRES_13", - "region": "us-central1", - "tier": "db-custom-2-7680" - }, - "aws_service": "RDS Aurora PostgreSQL", - "aws_config": { - "engine_version": "14.7", - "instance_class": "db.r6g.xlarge", - "multi_az": true, - "region": "us-east-1" - }, - "confidence": "deterministic|inferred", - "rationale": "1:1 Cloud SQL → RDS Aurora; Multi-AZ for production HA", - "rubric_applied": [ - "Eliminators: PASS", - "Operational Model: Managed RDS Aurora", - "User Preference: Structured (q5)", - "Feature Parity: Full (binary logs, replication)", - "Cluster Context: Consistent with app tier", - "Simplicity: RDS Aurora (managed)" - ] -} -``` diff --git a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/pricing-fallback.json b/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/pricing-fallback.json deleted file mode 100644 index 92a87682..00000000 --- a/plugins/migration-to-aws/skills/gcp-to-aws/references/shared/pricing-fallback.json +++ /dev/null @@ -1,635 +0,0 @@ -{ - "metadata": { - "last_updated": "2026-02-24", - "source": "AWS Public Pricing + Industry Standards", - "accuracy": "±15-25%", - "note": "Cached pricing for immediate analysis. For ±5-10% accuracy, enable AWS Pricing MCP with real-time API.", - "currency": "USD", - "region": "us-east-1", - "disclaimer": "Prices may vary by region and time. Use for estimation only. Verify with AWS before committing.", - "verified_services": [ - "Lambda (all tiers)", - "Fargate (all sizes)", - "EKS (cluster fee + worker examples)", - "ECS (orchestration-only, no compute fee)", - "EC2 (t3, m5, c5 families)", - "RDS MySQL (t3, t4g, m5 families)", - "RDS PostgreSQL (t3, t4g, m5 families)", - "Aurora MySQL (on-demand)", - "Aurora PostgreSQL (on-demand)", - "DynamoDB (on-demand)", - "S3 Standard", - "S3 Intelligent-Tiering", - "ElastiCache Redis (t3, r6g families)", - "SQS (Standard and FIFO)", - "SNS (Standard and FIFO)", - "EventBridge", - "VPC (free + VPN/endpoint add-ons)", - "Route 53 (hosted zones + queries)", - "CloudFront (transfer + requests)", - "Redshift Serverless (RPU-hour)", - "Athena (per-TB scanned)", - "SageMaker (training + inference instances)", - "Bedrock Claude (Sonnet 4, Haiku 3.5, Opus 4)", - "Bedrock Llama (4 Maverick, 4 Scout)", - "Bedrock Mistral (Large)", - "Bedrock Nova (Pro, Lite, Micro)" - ] - }, - "compute": { - "lambda": { - "description": "AWS Lambda - Serverless compute", - "pricing_model": "pay-per-invocation + compute time", - "price_per_request": 0.0000002, - "price_per_gb_second": 0.0000166667, - "free_tier": { - "requests_per_month": 1000000, - "compute_gb_seconds_per_month": 400000 - }, - "example_cost_512mb_1sec_1m_requests": { - "request_cost": 0.20, - "compute_cost": 8.33, - "total_monthly": 8.53, - "note": "1M requests × $0.0000002 = $0.20; 1M × 0.5 GB × 1s = 500K GB-sec × $0.0000166667 = $8.33" - } - }, - "fargate": { - "description": "AWS Fargate - Containerized compute (serverless)", - "pricing_model": "pay-per-vCPU-hour + memory-hour", - "vcpu_price_per_hour": 0.04048, - "memory_gb_price_per_hour": 0.004445, - "common_sizes": { - "0.25vcpu_512mb": { - "hourly_cost": 0.0123, - "monthly_cost": 8.98, - "note": "0.25 × $0.04048 + 0.5 × $0.004445 = $0.01234/hr" - }, - "0.5vcpu_1gb": { - "hourly_cost": 0.0247, - "monthly_cost": 18.03, - "note": "0.5 × $0.04048 + 1 × $0.004445 = $0.02469/hr" - }, - "1vcpu_2gb": { - "hourly_cost": 0.0494, - "monthly_cost": 36.06, - "note": "1 × $0.04048 + 2 × $0.004445 = $0.04937/hr" - }, - "2vcpu_4gb": { - "hourly_cost": 0.0987, - "monthly_cost": 72.05, - "note": "2 × $0.04048 + 4 × $0.004445 = $0.09874/hr" - }, - "4vcpu_8gb": { - "hourly_cost": 0.1975, - "monthly_cost": 144.18, - "note": "4 × $0.04048 + 8 × $0.004445 = $0.19748/hr" - } - } - }, - "eks": { - "description": "Amazon EKS - Managed Kubernetes", - "pricing_model": "cluster fee + worker node compute", - "cluster_fee_per_hour": 0.10, - "cluster_fee_monthly": 73.00, - "note": "Cluster management fee only. Worker nodes billed separately as EC2 or Fargate. us-east-1 pricing.", - "example_cluster_3_m5_large": { - "cluster_fee": 73.00, - "worker_nodes_3x_m5_large": 210.24, - "total_monthly": 283.24, - "note": "$73 cluster + 3 × m5.large ($70.08/mo each) = $283.24" - } - }, - "ecs": { - "description": "Amazon ECS - Container orchestration", - "pricing_model": "No additional charge for ECS; pay for EC2 or Fargate resources", - "ecs_service_fee": 0, - "note": "ECS itself is free. Compute costs are EC2 instance or Fargate pricing. Use Fargate or EC2 sections for actual costs." - }, - "ec2": { - "description": "AWS EC2 - Virtual machines", - "pricing_model": "pay-per-hour (on-demand)", - "note": "Prices for Linux, on-demand, us-east-1", - "common_instances": { - "t3.micro": { - "hourly_price": 0.0104, - "monthly_price": 7.58 - }, - "t3.small": { - "hourly_price": 0.0208, - "monthly_price": 15.17 - }, - "t3.medium": { - "hourly_price": 0.0416, - "monthly_price": 30.34 - }, - "t3.large": { - "hourly_price": 0.0832, - "monthly_price": 60.68 - }, - "m5.large": { - "hourly_price": 0.096, - "monthly_price": 70.08 - }, - "m5.xlarge": { - "hourly_price": 0.192, - "monthly_price": 140.16 - }, - "c5.large": { - "hourly_price": 0.085, - "monthly_price": 62.05 - }, - "c5.xlarge": { - "hourly_price": 0.17, - "monthly_price": 124.1 - } - } - } - }, - "database": { - "rds_mysql": { - "description": "AWS RDS for MySQL", - "pricing_model": "pay-per-hour + storage", - "note": "Single-AZ pricing (on-demand, us-east-1). For Multi-AZ, approximately double these rates.", - "instance_types": { - "db.t3.small": { - "hourly_price": 0.017, - "monthly_price": 12.41 - }, - "db.t3.medium": { - "hourly_price": 0.034, - "monthly_price": 24.81 - }, - "db.t3.large": { - "hourly_price": 0.068, - "monthly_price": 49.63 - }, - "db.m5.large": { - "hourly_price": 0.251, - "monthly_price": 183.23 - } - }, - "storage_price_per_gb_month": 0.23, - "backup_storage_price_per_gb_month": 0.023, - "t4g_instance_types": { - "db.t4g.micro": { - "hourly_price": 0.016, - "monthly_price": 11.68 - }, - "db.t4g.small": { - "hourly_price": 0.032, - "monthly_price": 23.36 - }, - "db.t4g.medium": { - "hourly_price": 0.065, - "monthly_price": 47.45 - } - } - }, - "rds_postgres": { - "description": "AWS RDS for PostgreSQL", - "pricing_model": "pay-per-hour + storage", - "note": "Single-AZ pricing (on-demand, us-east-1). For Multi-AZ, approximately double these rates.", - "instance_types": { - "db.t3.small": { - "hourly_price": 0.017, - "monthly_price": 12.41 - }, - "db.t3.medium": { - "hourly_price": 0.034, - "monthly_price": 24.81 - }, - "db.t3.large": { - "hourly_price": 0.068, - "monthly_price": 49.63 - }, - "db.m5.large": { - "hourly_price": 0.251, - "monthly_price": 183.23 - } - }, - "storage_price_per_gb_month": 0.23, - "backup_storage_price_per_gb_month": 0.023, - "t4g_instance_types": { - "db.t4g.micro": { - "hourly_price": 0.016, - "monthly_price": 11.68 - }, - "db.t4g.small": { - "hourly_price": 0.032, - "monthly_price": 23.36 - }, - "db.t4g.medium": { - "hourly_price": 0.065, - "monthly_price": 47.45 - } - } - }, - "aurora_mysql": { - "description": "AWS Aurora MySQL (serverless, high scale)", - "pricing_model": "pay-per-vCPU-hour + storage", - "note": "On-demand pricing, Multi-AZ by default", - "vcpu_price_per_hour": 0.177, - "storage_price_per_gb_month": 0.1, - "io_price_per_million_requests": 0.2, - "example_2vcpu_100gb": { - "compute_monthly": 258.24, - "storage_monthly": 10, - "io_monthly": 5, - "total_monthly": 273.24 - } - }, - "aurora_postgres": { - "description": "AWS Aurora PostgreSQL (serverless, high scale)", - "pricing_model": "pay-per-vCPU-hour + storage", - "note": "On-demand pricing, Multi-AZ by default", - "vcpu_price_per_hour": 0.177, - "storage_price_per_gb_month": 0.1, - "io_price_per_million_requests": 0.2, - "example_2vcpu_100gb": { - "compute_monthly": 258.24, - "storage_monthly": 10, - "io_monthly": 5, - "total_monthly": 273.24 - } - }, - "dynamodb": { - "description": "AWS DynamoDB (NoSQL, serverless)", - "pricing_model": "pay-per-request or provisioned", - "on_demand": { - "write_unit_price_per_million": 1.25, - "read_unit_price_per_million": 0.25, - "storage_price_per_gb_month": 0.25 - }, - "example_100gb_100m_writes_1b_reads_monthly": { - "write_cost": 125, - "read_cost": 250, - "storage_cost": 25, - "total_monthly": 400, - "note": "100M writes × $1.25/M = $125, 1B reads × $0.25/M = $250, 100 GB × $0.25 = $25" - } - } - }, - "storage": { - "s3_standard": { - "description": "AWS S3 Standard Storage", - "pricing_model": "pay-per-GB + requests", - "storage_price_per_gb_month": 0.023, - "put_request_per_1000": 0.005, - "get_request_per_1000": 0.0004, - "data_transfer_out_per_gb": 0.09, - "example_1tb_1m_gets_100k_puts": { - "storage_monthly": 23.55, - "get_requests": 0.4, - "put_requests": 0.5, - "total_monthly": 24.45, - "note": "1024 GB × $0.023 = $23.55; 1M GETs × $0.0004/1K = $0.40; 100K PUTs × $0.005/1K = $0.50" - } - }, - "s3_standard_ia": { - "description": "AWS S3 Standard-Infrequent Access", - "pricing_model": "pay-per-GB (cheaper) + retrieval fee", - "note": "Good for backups, cold data", - "storage_price_per_gb_month": 0.0125, - "retrieval_price_per_gb": 0.01, - "example_1tb_1m_gets_100k_puts": { - "storage_monthly": 12.8, - "retrieval_cost": 10.24, - "total_monthly": 23.04 - } - }, - "s3_glacier": { - "description": "AWS S3 Glacier Flexible Retrieval", - "pricing_model": "pay-per-GB (cheapest) + retrieval fee", - "note": "For long-term archival, 3-5 hours retrieval", - "storage_price_per_gb_month": 0.004, - "retrieval_price_per_gb": 0.01, - "example_1tb_cold_data": { - "storage_monthly": 4.1, - "total_monthly": 4.1 - } - } - }, - "networking": { - "alb": { - "description": "AWS Application Load Balancer", - "pricing_model": "pay-per-hour + data processed", - "hourly_charge": 0.0225, - "monthly_charge": 16.43, - "per_lcu_hour": 0.006, - "note": "LCU = Load Balancer Capacity Unit" - }, - "nlb": { - "description": "AWS Network Load Balancer", - "pricing_model": "pay-per-hour + capacity", - "hourly_charge": 0.0225, - "monthly_charge": 16.43, - "per_lcu_hour": 0.006, - "note": "For high-performance TCP/UDP" - }, - "nat_gateway": { - "description": "AWS NAT Gateway", - "pricing_model": "hourly charge + data processed", - "hourly_charge": 0.045, - "monthly_charge": 32.85, - "per_gb_processed": 0.045, - "note": "For outbound internet access from private subnets" - }, - "vpc": { - "description": "AWS VPC", - "pricing_model": "VPC is free; charges for NAT Gateway, VPN, endpoints", - "vpc_cost": 0, - "vpn_connection_per_hour": 0.05, - "vpn_monthly": 36.50, - "interface_endpoint_per_hour": 0.01, - "interface_endpoint_monthly": 7.30, - "note": "VPC itself is free. NAT Gateway priced separately. VPN and endpoints are add-ons." - }, - "route53": { - "description": "Amazon Route 53 - DNS", - "pricing_model": "per hosted zone + per query", - "hosted_zone_per_month": 0.50, - "per_million_standard_queries": 0.40, - "per_million_latency_queries": 0.60, - "health_check_per_month": 0.50, - "example_1_zone_10m_queries": { - "zone_cost": 0.50, - "query_cost": 4.00, - "total_monthly": 4.50, - "note": "1 zone × $0.50 + 10M queries × $0.40/M = $4.50" - } - }, - "cloudfront": { - "description": "Amazon CloudFront - CDN", - "pricing_model": "pay-per-GB transfer + per-request", - "note": "US/Europe pricing tier, on-demand", - "per_gb_transfer_first_10tb": 0.085, - "per_10k_https_requests": 0.01, - "free_tier_transfer_gb_per_month": 1000, - "example_100gb_1m_requests": { - "transfer_cost": 8.50, - "request_cost": 1.00, - "total_monthly": 9.50, - "note": "100 GB × $0.085 = $8.50; 1M HTTPS requests × $0.01/10K = $1.00" - } - } - }, - "analytics": { - "redshift_serverless": { - "description": "Amazon Redshift Serverless - Data warehouse", - "pricing_model": "pay-per-RPU-hour", - "rpu_price_per_hour": 0.375, - "base_rpu": 8, - "storage_price_per_gb_month": 0.024, - "note": "Minimum 8 RPU base capacity. us-east-1 pricing.", - "example_8rpu_500gb_8hrs_day": { - "compute_monthly": 72.00, - "storage_monthly": 12.00, - "total_monthly": 84.00, - "note": "8 RPU × $0.375/hr × 8hrs × 30 days = $720 at full utilization; idle scaling reduces to ~$72; 500 GB × $0.024 = $12" - } - }, - "athena": { - "description": "Amazon Athena - Serverless SQL query", - "pricing_model": "pay-per-query (data scanned)", - "price_per_tb_scanned": 5.00, - "note": "Charged per TB of data scanned. Columnar formats (Parquet, ORC) and partitioning reduce costs significantly.", - "example_100gb_scanned_per_month": { - "query_cost": 0.50, - "total_monthly": 0.50, - "note": "100 GB scanned × $5.00/TB = $0.50" - } - }, - "sagemaker": { - "description": "Amazon SageMaker - ML training and inference", - "pricing_model": "pay-per-instance-hour (training + inference)", - "note": "On-demand pricing, us-east-1. Highly variable by instance type and usage pattern.", - "training_instances": { - "ml.m5.large": { - "hourly_price": 0.115, - "note": "General purpose training" - }, - "ml.m5.xlarge": { - "hourly_price": 0.23, - "note": "General purpose training" - }, - "ml.g4dn.xlarge": { - "hourly_price": 0.736, - "note": "GPU training (NVIDIA T4)" - } - }, - "inference_instances": { - "ml.t3.medium": { - "hourly_price": 0.05, - "monthly_price": 36.50 - }, - "ml.m5.large": { - "hourly_price": 0.115, - "monthly_price": 83.95 - } - }, - "serverless_inference": { - "price_per_second_per_gb_memory": 0.0000200, - "note": "Billed per second of compute time × memory provisioned" - } - } - }, - "ai": { - "bedrock_claude": { - "description": "Amazon Bedrock - Claude models", - "pricing_model": "pay-per-token (input + output)", - "note": "On-demand pricing, us-east-1", - "models": { - "claude_sonnet_4": { - "input_per_1k_tokens": 0.003, - "output_per_1k_tokens": 0.015 - }, - "claude_haiku_3_5": { - "input_per_1k_tokens": 0.0008, - "output_per_1k_tokens": 0.004 - }, - "claude_opus_4": { - "input_per_1k_tokens": 0.015, - "output_per_1k_tokens": 0.075 - } - } - }, - "bedrock_llama": { - "description": "Amazon Bedrock - Llama models", - "pricing_model": "pay-per-token (input + output)", - "note": "On-demand pricing, us-east-1", - "models": { - "llama_4_maverick": { - "input_per_1k_tokens": 0.0002, - "output_per_1k_tokens": 0.00088 - }, - "llama_4_scout": { - "input_per_1k_tokens": 0.00017, - "output_per_1k_tokens": 0.00068 - } - } - }, - "bedrock_mistral": { - "description": "Amazon Bedrock - Mistral models", - "pricing_model": "pay-per-token (input + output)", - "note": "On-demand pricing, us-east-1", - "models": { - "mistral_large": { - "input_per_1k_tokens": 0.002, - "output_per_1k_tokens": 0.006 - } - } - }, - "bedrock_nova": { - "description": "Amazon Bedrock - Amazon Nova models", - "pricing_model": "pay-per-token (input + output)", - "note": "On-demand pricing, us-east-1", - "models": { - "nova_pro": { - "input_per_1k_tokens": 0.0008, - "output_per_1k_tokens": 0.0032 - }, - "nova_lite": { - "input_per_1k_tokens": 0.00006, - "output_per_1k_tokens": 0.00024 - }, - "nova_micro": { - "input_per_1k_tokens": 0.000035, - "output_per_1k_tokens": 0.00014 - } - } - } - }, - "messaging": { - "sqs": { - "description": "Amazon SQS - Message queue", - "pricing_model": "pay-per-request", - "note": "Standard queue pricing, us-east-1", - "price_per_million_requests": 0.40, - "fifo_price_per_million_requests": 0.50, - "free_tier_requests_per_month": 1000000, - "example_10m_requests": { - "standard_monthly": 4.00, - "fifo_monthly": 5.00, - "note": "10M requests × $0.40/M = $4.00 (standard); 10M × $0.50/M = $5.00 (FIFO)" - } - }, - "sns": { - "description": "Amazon SNS - Pub/sub notifications", - "pricing_model": "pay-per-publish + delivery", - "note": "Standard topic pricing, us-east-1", - "price_per_million_publishes": 0.50, - "fifo_price_per_million_publishes": 0.50, - "sqs_delivery_per_million": 0.00, - "http_delivery_per_million": 0.60, - "free_tier_publishes_per_month": 1000000, - "example_10m_publishes_sqs_delivery": { - "publish_monthly": 5.00, - "delivery_monthly": 0.00, - "total_monthly": 5.00, - "note": "10M publishes × $0.50/M = $5.00; SQS delivery is free" - } - }, - "eventbridge": { - "description": "Amazon EventBridge - Event bus", - "pricing_model": "pay-per-event", - "note": "Default event bus pricing, us-east-1", - "price_per_million_events": 1.00, - "example_10m_events": { - "monthly": 10.00, - "note": "10M events × $1.00/M = $10.00" - } - } - }, - "cache": { - "elasticache_redis": { - "description": "Amazon ElastiCache for Redis", - "pricing_model": "pay-per-hour (on-demand)", - "note": "Single-AZ pricing (on-demand, us-east-1). For Multi-AZ, approximately double.", - "node_types": { - "cache.t3.micro": { - "hourly_price": 0.017, - "monthly_price": 12.41 - }, - "cache.t3.small": { - "hourly_price": 0.034, - "monthly_price": 24.82 - }, - "cache.t3.medium": { - "hourly_price": 0.068, - "monthly_price": 49.64 - }, - "cache.r6g.large": { - "hourly_price": 0.214, - "monthly_price": 156.22 - } - } - } - }, - "cost_calculation_examples": { - "simple_web_app": { - "description": "Simple web app: ALB + Fargate container + RDS database", - "components": { - "alb": 16.43, - "fargate_2vcpu_4gb": 72.05, - "rds_mysql_t3_medium": 24.81, - "s3_100gb": 2.3 - }, - "total_monthly": 115.59, - "note": "Excludes data transfer, backups, monitoring" - }, - "ai_chatbot": { - "description": "AI chatbot: Bedrock Claude + DynamoDB", - "components": { - "bedrock_claude_sonnet_1m_tokens_500k_output": 10.5, - "dynamodb_100gb_1b_reads": 250, - "s3_chat_logs_100gb": 2.3, - "nat_gateway": 32.85 - }, - "total_monthly": 295.65, - "note": "Estimated for 1M input + 500K output tokens + 1B reads/month" - }, - "large_database": { - "description": "Large database: Aurora PostgreSQL + backups", - "components": { - "aurora_postgres_4vcpu_1tb": { - "compute": 516.48, - "storage": 100, - "io": 50 - }, - "backup_storage_300gb": 6.9 - }, - "total_monthly": 673.38, - "note": "Multi-AZ, includes backups" - } - }, - "gcp_aws_equivalence": { - "cloud_run": { - "aws_options": ["Fargate (serverless)", "Lambda (if stateless)", "ECS on EC2 (if persistent)"], - "recommended": "Fargate if always-on or HTTP, Lambda if stateless event-driven < 15min, ECS on EC2 if high volume or custom AMI needed" - }, - "cloud_sql_mysql": { - "aws_options": ["RDS MySQL", "Aurora MySQL"], - "recommended": "Aurora MySQL if scaling needed or high availability required" - }, - "firestore": { - "aws_options": ["DynamoDB (NoSQL)", "Aurora PostgreSQL (if migrating to relational)"], - "recommended": "DynamoDB for similar pay-per-request pricing" - }, - "cloud_storage": { - "aws_options": ["S3 Standard", "S3 Intelligent-Tiering"], - "recommended": "S3 Standard for active data, S3 IA for archives" - }, - "vertex_ai_gemini": { - "aws_options": ["Bedrock Claude"], - "recommended": "Bedrock Claude for API compatibility" - }, - "cloud_load_balancer_https": { - "aws_options": ["Application Load Balancer"], - "recommended": "ALB for HTTP/HTTPS" - }, - "gke": { - "aws_options": ["EKS (Kubernetes)", "ECS (container orchestration)", "Fargate (serverless)"], - "recommended": "EKS for Kubernetes workloads, ECS for simpler needs" - } - } -}