Stats
Actions
Available In
Tags
Plugin
aws-migration-architect
AWS account-to-account migration toolkit: 9 specialist skills + 9 sub-agents + 4 deterministic Workflow orchestrators. Produces schema-validated JSON artifacts at every stage. Terraform-portable HCL output with parameterized account IDs, regions, and AZs.
What's Inside
Slash Commands4
audit
/audit
Compare source and target AWS accounts after the cutover. Re-runs the same describe-* scope against both profiles, structurally diffs, categorizes drift (missing/extra/config/security/cost/scope), and emits audit-diff.json + audit-report.md.
discover
/discover
Discover-only pass — inventory the source account + dependency analysis, but skip Terraform generation and migration planning. Use to understand what is in the source account before committing to a migration.
execute
/execute
Execute an already-approved cutover-checklist.md against the target account, one resource at a time, with mandatory per-step human approval and resumable journal. Halts and offers rollback on failure. Polls long-running data-plane jobs.
migrate
/migrate
Run the full AWS account-to-account migration pipeline end-to-end (Discover → Generate → Cutover). Halts at the cutover checklist; human runs the actual cutover, then invokes /aws-migration-architect:audit.
Agents9
cutover-control-plane-builder
/cutover-control-plane-builder
Generate the control-plane cutover checklist — 7 phases (Globals → Networking → Storage Containers → Database Containers → Compute Containers → DNS Scaffolding → Control Plane Validation) of Terraform module applies and AWS control-plane API operations. NO data movement, NO writable-data freeze, NO production DNS swap. Output is cutover-checklist-control-plane.json + .md. Use when invoked by the cutover-control-plane skill or the migrate workflow.
cutover-data-plane-builder
/cutover-data-plane-builder
Generate the data-plane cutover checklist — 5 phases (Pre-Staging → Bulk Transfers → Application Data → Cutover → Data Validation) that move data, freeze writes, swap DNS, promote replicas, and validate the copy. Consumes data-migration-plan.json as primary input. NO terraform applies, NO IAM creation. Output is cutover-checklist-data-plane.json + .md. Use when invoked by the cutover-data-plane skill or the migrate workflow.
cutover-executor
/cutover-executor
Actually execute the cutover one resource at a time. Reads BOTH cutover checklists (cutover-checklist-control-plane.json AND cutover-checklist-data-plane.json) plus data-migration-plan.json + migration-plan.json + dependency-graph.json. Compiles execution-steps.json walking control-plane first then data-plane (preview/execute/verify/rollback/poll per step). Walks the list with mandatory per-step human approval. Halts and offers rollback on failure. Resumable via append-only JSONL journal (re-verifies in-flight steps against AWS before continuing). Polls long-running data-plane jobs (DataSync, DMS, S3 Batch, DynamoDB export/import). Use when invoked by the cutover-executor skill or the migrate workflow's Execute phase.
data-migration-planner
/data-migration-planner
Plan data movement for every data-bearing resource. Sizes each datastore via AWS APIs (CloudWatch + describe), picks transfer tool + mode per the rules in the data-migration-planner skill (size, RPO, encryption), estimates wall-clock time using per-tool throughput models, prices the transfer via the awspricing MCP, applies criticality-tier RPO/RTO defaults, computes freeze windows for non-continuous strategies, defines validation methods, and emits data-migration-plan.json + .md. Use when invoked by the data-migration-planner skill or the migrate workflow's DataPlan phase.
dependency-mapper
/dependency-mapper
Read-only AWS dependency analysis sub-agent. Reads inventory.json and walks every resource configuration to enumerate cross-resource references (SG, IAM, Lambda env, S3 policy, Route53, etc.), classifies IAM trusts (cross-account/OIDC/IRSA/SAML), detects hard-coded values (account IDs, regions, EIPs, ARNs, domains), assigns Low/Medium/High risk per resource, and emits Mermaid architecture diagrams. Use when invoked by the dependency-analyzer skill or the migrate workflow.
Skills9
cutover-control-plane
/cutover-control-plane
Generate the control-plane cutover runbook — the steps that create the empty target shape (IAM, networking, KMS keys, empty resource containers, DNS scaffolding) via Terraform module applies and AWS control-plane API calls. Phase 0 (Globals: IAM/Route53 root/CloudFront/Backup) → 1 (Networking) → 2 (Storage containers) → 3 (Database containers) → 4 (Compute containers) → 5 (DNS scaffolding, no record changes) → 6 (Control plane validation). Produces cutover-checklist-control-plane.md + .json. Runs BEFORE the data-plane runbook.
cutover-data-plane
/cutover-data-plane
Generate the data-plane cutover runbook — the steps that move actual data (snapshot shares, KMS grants, AMI shares, DataSync, DMS, S3 sync, snapshot-restore, ECR push, secret values), freeze writes during cutover, swap DNS / promote replicas, and validate the copy. Consumes data-migration-plan.json for sizing, strategy, freeze windows, and validation criteria. Phase 1 (Pre-Staging) → 2 (Bulk Transfers) → 3 (Application Data) → 4 (Cutover: freeze + promote + swap) → 5 (Data Validation). Produces cutover-checklist-data-plane.md + .json. Runs AFTER the control-plane runbook completes.
cutover-executor
/cutover-executor
Execute BOTH approved cutover checklists (control plane then data plane) against the target AWS account, one resource at a time. Reads cutover-checklist-control-plane.json, cutover-checklist-data-plane.json, data-migration-plan.json, migration-plan.json. Builds an execution-steps.json with preview/execute/verify/rollback/poll per step. Walks control-plane steps first (Terraform module applies + AWS control-plane API), then data-plane steps (snapshot share, restore, DataSync, DMS, freeze, route53 swap, validation). Mandatory per-step human approval. Halts and offers rollback on failure. Resumable via append-only JSONL journal — on resume, re-verifies any in-flight steps against AWS before continuing.
data-migration-planner
/data-migration-planner
Plan the data movement for every data-bearing resource in scope. Sizes each datastore via AWS APIs, picks the right transfer tool + mode (bulk vs bulk+delta vs continuous), estimates wall-clock transfer time and dollar cost (egress, cross-region, cross-account, tool runtime, double storage), captures encryption requirements (KMS grants, re-encryption), surfaces RPO/RTO targets per criticality tier, and produces freeze windows and validation criteria per datastore. Output is data-migration-plan.json + .md — consumed by cutover-data-plane to inject real timings into the cutover checklist.
dependency-analyzer
/dependency-analyzer
Find the hidden coupling that breaks migrations. Walks resource-to-resource references (SG rules, Lambda env vars, S3 policies, IAM trust chains), classifies IAM trusts (cross-account, OIDC, IRSA, SAML), detects hard-coded values (account IDs, regions, EIPs, ARNs, domains), assigns Low/Medium/High risk per resource, and emits Mermaid architecture diagrams. Use after `inventory` and before `terraform-generator` or `migration-planner`.
Stats
Version0.1.0
LanguageJavaScript
Stars0
MaintenanceGood
LicenseMIT-0
Last Commit
Added
Available In
Safety Signals
Caution
External network access
Connects to servers outside your machine
Uses power tools
Uses Bash, Write, or Edit tools
Tags
Categories
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
