Migration & Modernization

Anonymizing RVTools Data for AWS Migration Planning

Introduction

In today’s cloud migration landscape, organizations would like to share their VMware environment data with AWS and partners while maintaining data confidentiality. A tool commonly used to export VMware configuration data is called RVTools. An RVTools export can contain sensitive information such as server names, IP addresses, and infrastructure details that organizations may want to protect.

To help our customers anonymize, AWS has created the RVTools Processor allowing customer to maintain critical configuration data required for an AWS migration assessment using services such as AWS Transform, Migration Evaluator (ME) and AWS Application Discovery Service (ADS).

This tool allows customers to share their infrastructure data with AWS and partners while maintaining control of their confidential information, and later de-anonymize the assessment results for internal use.

Understanding AWS Migration Services

AWS Transform

AWS Transform is an AI-powered service that accelerates migration and modernization planning. It imports RVTools data to provide insights into your VMware environment. The service leverages generative AI to assess your infrastructure, recommend optimization strategies, and create detailed transformation roadmaps.

AWS Transform helps organizations plan their VMware to Amazon EC2 migrations through automated analysis and detailed recommendations. While it supports various workloads like .NET, Mainframe, and Java applications, its strength lies in providing actionable modernization plans, including wave planning and infrastructure mapping to AWS services.

The diagram shows the core AWS migration and integration components, starting with on-premises environments connecting through AWS Discovery Services to enable cloud migration. The architecture flows through AWS Migration Services, Security tools, and Management components, ultimately connecting to target regions and Amazon-hosted solutions.Figure 1 – AWS Transform Overview

Migration Evaluator

Migration Evaluator helps organizations to build a data-driven business case for AWS migration. While it includes an agentless collector, it can also leverage existing infrastructure data from RVTools exports. This flexibility allows organizations to quickly start their assessment using data they already have. Migration Evaluator analyzes this data to provide right-sizing recommendations for Amazon EC2 instances, Total Cost of Ownership (TCO) analysis, and detailed migration planning insights, helping customers make informed decisions about their AWS adoption journey.

Diagram showing AWS Migration Evaluator architecture, depicting data flow from on-premises servers through a corporate data center to AWS Cloud. The image illustrates components such as Windows Server, data encryption, local database, and AWS services including S3, Migration Evaluator Management Console, and Migration Hub.Figure 2 – Migration Evaluator Overview

Both services commonly use RVTools data for initial assessments, making data anonymization valuable for effective migration planning.

The RVTools Processor

This solution processes RVTools data locally, ensuring sensitive information never leaves your control. Here’s what the tool offers:

# Example usage
python rvtools_processor.py anonymize input.csv

Key Features

  • All processing of data takes place locally
  • Consolidates multiple RVTools files – combines data from several RVTools exports into a single file, useful for assessing multi-datacenter environments
  • Anonymizes sensitive information while preserving network topology and relationships
  • Uses VM IDs with intelligent suffix handling for consolidated environments
  • Provides dynamic entity naming for better infrastructure relationship visibility
  • Supports both IPv4 and IPv6 address anonymization
  • Maintains original RVTools format and structure required by AWS migration tools
  • Supports de-anonymization of servers when AWS provides migration recommendations, customers can de-anonymize the results to align them with their actual infrastructure for accurate planning

Fields Protected

The tool anonymizes all fields which contains customer specific information. You can find a full list of fields and their anonymized replacements in the README file.

Getting Started

The tool is available today in the sample-rvtools-processor GitHub repo.

Prerequisites

1. Python 3.10 or later
# To check your Python version
python --version

2. Set up Python virtual environment (recommended):
# Create virtual environment
python -m venv rvtools_anon
# Activate virtual environment
# On Windows:
rvtools_anon\Scripts\activate
# On Linux/Mac:
source rvtools_anon/bin/activate

3. Install required Python packages:
# Install required packages in your virtual environment
pip install openpyxl pandas

4. RVTools 4.3 or later
* Export file in .xlsx or .csv format

Note:
– Using a virtual environment isolates dependencies and prevents conflicts
– Regularly check for package updates and security vulnerabilities:
pip list --outdated
– To update packages to their latest versions:
pip install --upgrade openpyxl pandas

Basic Commands

1. Combines multiple RVTools exports into a single file:
python rvtools_processor.py consolidate input1.csv input2.csv -o consolidated.csv
2. Hides sensitive information in your RVTools export and creates a mapping file for later de-anonymization:
python rvtools_processor.py anonymize input.csv -o anonymized.csv
3. Restores anonymized sensitive information back to their original values using the mapping file:
python rvtools_processor.py deanonymize anonymized.csv -m mapping.json -o original.csv
4. Combines multiple files and anonymizes them in a single operation:
python rvtools_processor.py both input1.csv input2.csv -o consolidated_anonymized.csv
5. Preview anonymization without creating files:
python rvtools_processor.py anonymize input.xlsx --dry-run
6. View all available options and help:
python rvtools_processor.py -h

Note:

  • The -i flag for input files is not necessary as the script uses positional arguments for input files.
  • The -o flag for output is optional. If not specified, the script will generate a default output filename RVTools_Anonymized_{timestamp}.xlsx.
  • The -m flag specifies the mapping file, which is required for de-anonymization. This file is created during the anonymization process and contains the link between original and anonymized values.
  • When using the both command, a temporary consolidated file is created and then anonymized.

Best Practices

Data Preparation

Before starting the anonymization process, generate new, up-to-date RVTools exports that reflect your current VMware environment. Ensure your export includes the following sheets, which contain identifiable information that the tool will process:

  • vInfo: Contains VM names, DNS names, IP addresses, and resource paths
  • vMemory: Contains VM memory configurations and identifiers
  • vCPU: Contains VM processor details and identifiers
  • vHost: Contains host names and cluster information
  • vCluster: Contains datacenter and cluster details
  • vNetwork: Contains network names, MAC addresses, and IP configurations
  • vDisk: Contains disk paths and storage identifiers

Validate your data by ensuring your RVTools export contains at least the vInfo sheet, which contains the core VM data. Additional sheets like vHost, vCPU, vMemory, and vNetwork will also be processed if present. Check that these sheets contain data and are not empty before proceeding with the anonymization.

Security Considerations

The tool processes all data locally, ensuring sensitive information never leaves your environment. It anonymizes IP addresses while preserving network relationships, and uses consistent dynamic naming for infrastructure components. For example, hosts become “HOST-XXXX”, clusters become “CLUSTER-XXXX”, maintaining relationships while protecting sensitive information.

The tool creates mapping files that link anonymous identifiers to original values. These mapping files include separate sections for different types of entities (VMs, hosts, networks, etc.). Store these mapping files securely and separately from anonymized data, as they contain the link to your original system information. You maintain full control over these mapping files and are responsible for their secure storage.

Always verify your anonymized output before sharing. As RVTools evolves, there could be new fields added, you should ensure all sensitive information is properly anonymized in the output file. You are responsible for reviewing the data before sharing.

Due to a previous hack earlier this year where the RVTools official site was compromised to deliver Bumblebee malware via a trojanized installer, it is critical to only download RVTools from the official Dell support site.

Network Preservation

  • The RVTools Processor maintains network relationships while anonymizing data:
  • Preserves subnet relationships between VMs
  • Maps IPv4 addresses while maintaining network topology
  • Supports IPv6 addresses using documentation ranges
  • Consistently anonymizes MAC addresses
  • Maintains VLAN and network segregation information

This functionality ensures that migration planning tools can understand your network architecture while keeping specific addresses private.

Clean-up

  • After completing your migration assessment and de-anonymizing your results:
  • Securely delete mapping files if they are no longer needed
  • Remove any temporary files created during the consolidation process
  • Clear any stored RVTools exports that are no longer required

Note: Follow your organization’s data retention and deletion policies when removing sensitive files.

Integration with AWS Migration Services

AWS Transform Workflow

1. Export RVTools data from your VMware environment
2. Anonymize sensitive data using the processing tool
3. Sign in to the AWS Management Console and navigate to AWS Transform
4. Upload your anonymized RVTools file through the AWS Transform console
5. Review AI-powered analysis and transformation recommendations
6. Download assessment results
7. De-anonymize results using your secure mapping file to reveal original system identifiers

Migration Evaluator Integration

1. Export RVTools data from your VMware environment
2. Process using rvtools_processor, consolidate multiple files or anonymize sensitive data
3. Upload anonymized RVTools data to the Migration Evaluator console under Self Reported Files

The screenshot shows the Migration Evaluator file upload interface where users can select RVTools export data and other supported file formats Figure 3 – Migration Evaluator Upload

4. If required de-anonymize results using the provided mapping file once deliverables are received from Migration Evaluator, this should work with both the Quick Insights export and Migration Evaluator Data Export file.

Conclusion

The RVTools Processor offers a practical solution for organizations planning AWS migrations. It allows teams to share their infrastructure data by anonymizing sensitive information while preserving critical network relationships and infrastructure hierarchies. Companies can use AWS services such as AWS Transform, Migration Evaluator and AWS Application Discovery Service (ADS) without exposing confidential details such as server names, IP addresses, and infrastructure identifiers.

The tool’s key strength is its ability to anonymize data for sharing and then restore original values when results are received, all while maintaining network topologies and infrastructure relationships. This process ensures teams can work with accurate, recognizable data throughout their migration planning. It provides both data protection and usability, addressing common challenges in cloud migrations.

The solution enables organizations to leverage AWS migration services while maintaining control over their system identifiers and infrastructure details, allowing for more accurate assessment and planning while keeping sensitive information secure.

If you would like to leverage a Migration Assessment to accelerate your migration journey to AWS, contact your AWS Account Team or the Migration Assessment team this link.