Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
t
Tilman Bender
03/02/2022, 3:17 PMI have just purchesd Fleet Premium and created groups for my windows-clients and my servers. I already configured some policies (back when I did not have the Teams feature). How can I move those policies to a specific team?
l
Lucas Rodriguez
03/02/2022, 4:39 PMHi Tilman! Fleet currently doesn't support changing a policy's team.
An option I can think of in case we are talking about too many policies to move manually (*):
You could use
fleetctlteam_idfleetctl applyt
Tilman Bender
03/03/2022, 8:26 AMThank you Lucas, that sounds like the right path to go 🙂
btw. is there a way to tell the API to return YAML?
otherwise I would have to first retrieve the policies as JSON and then transform them into an importable YAML
You mean "use fleet API" to fetch the global policies, right? From what I know fleetctl does not support getting the policies yet. Anyway I tried suggestion, but unfortunatley the team_id seems to be ignored. My policies always end up as global
l
Lucas Rodriguez
03/03/2022, 3:02 PMAh yes, this would require you also edit their name, e.g. add a suffix or something.
Once that's done and it's all good, you would remove the global ones.
(This is sort of a "first copy then remove original" approach.)
t
Tilman Bender
03/06/2022, 6:11 PMI basically settled on an "import,move,rename" approach:
• import using fleetctl -> policies end up as global (i.e. team_id is NULL)
• move the policies by updating team_id directly in the DB
• update the names directly in the DB prefixing them (e.g. "Windows: Run LSA as PPL" becomes "Virtual Windows: ..." )
Sitll a bit thedious bit it will work until the import starts repsecting the team_id or until you can bulk move them via the UI.
l
Lucas Rodriguez
03/17/2022, 1:45 PMOK, sorry for all the trouble this has caused you. Hopefully we'll implement this soon in #4426