Sorry to ask this again, I recall there being a wa...
# fleett
Tilman Bender
03/01/2022, 9:49 AMSorry to ask this again, I recall there being a way to export policies using the API and then importing them using fleetctl apply. However when I try to do that I get
no spec field on "" documentk
koo
03/01/2022, 1:32 PM@Tilman Bender is this resolved yet?
t
Tilman Bender
03/01/2022, 2:07 PM@koo hey unfortunately it is not. I just got sidetracked
k
koo
03/01/2022, 3:39 PMOkay I'll see if I can get some answers for you
t
Tomas Touceda
03/01/2022, 3:43 PMhi there, could you provide a bit more details: what fleet version are you using, what command and parameters/files are you trying that are giving you that error?
t
Tilman Bender
03/01/2022, 5:36 PMSure:
sudo fleetctl --versionfleetctl - version 4.10.0branch: HEADrevision: 67827474c22b61a08f112e682b994aa3e9356133build date: 2022-02-14build user: runnergo version: go1.17.7Tilman Bender
03/01/2022, 5:38 PMFleet is also 4.10
Tilman Bender
03/01/2022, 5:39 PMthe file I am trying to apply looks like this:
{"policies": [{"id": 1,"name": "Windows: Remote Assistance disabled","query": "SELECT 1 FROM registry WHERE path = 'HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Remote Assistance\\fAllowFullControl' AND data=0;","description": "Check the Windows regsitry to see if Windows Remote Assistance is disabled","author_id": 1,"author_name": "Tilman Bender","author_email": "<mailto:tilman@XXXXX.de|tilman@XXXXX.de>","team_id": null,"resolution": "PS: \nSet-ItemProperty -Path 'HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Remote Assistance\\' -Name fAllowFullControl –Value 0","platform": "","created_at": "2022-02-22T17:20:40Z","updated_at": "2022-02-23T16:16:57Z","passing_host_count": 1,"failing_host_count": 2},...Tilman Bender
03/01/2022, 5:42 PMI obtained it using :
curl -H "Authorization: Bearer ${FLEET_TOKEN}" "https://${FLEET_SERVER}/api/v1/fleet/global/policies" -o policies.jsonTilman Bender
03/01/2022, 5:43 PMI had read someplace that you can re-import policies using fleetctl (event though you cannot export them yet using fleetctl)
Tilman Bender
03/01/2022, 5:53 PMAh found it again: Issue #4046
Tilman Bender
03/01/2022, 5:54 PMAaand I see my problem. I'd probably have to convert my exported policies to the correct yaml
t
Tomas Touceda
03/01/2022, 8:00 PMthat is correct, the apply command accepts yaml
t
Tilman Bender
03/02/2022, 9:40 AMOkay, managed to get it working
👍 1
Tilman Bender
03/06/2022, 6:17 PMThis one is solved. Use API to export, then transform the resulting JSON into a YAML that
fleetctl apply2 Views