As you noted if already configured there is no import option. When configuring fresh there are now three options:
Original Message:
Sent: Wed April 24, 2024 10:35 AM
From: Matt Jenkins
Subject: ISAM Ansible Migration Automation
Nick, I didn't realize this exported the policy database, as I had assumed it just exported the config files. I just tried it on my lab and in fact it does zip up everything. I also found the REST API documentation for /isam/runtime_components?action=export which is great.
One question, I don't see an import option, nor do I see it listed in the REST API documentation. How does the import work? Perhaps I don't see it as my lab's runtime is currently configured.
Thanks for pointing this out!
Edit: PS: For others, the ibmsecurity Python library has a function to do this. I don't see any Ansible roles built around it, but it would be simple to create one since the Python library function is there.
https://github.com/IBM-Security/ibmsecurity/blob/5f0eb04fff1b075eee749e7d6b63726de08890f5/ibmsecurity/isam/web/runtime/process.py#L108C5-L108C25
It also looks like there is an import function, which I assume I don't see because as I referenced above my lab is already configured. I don't see it mentioned in the REST API documentation, but the Python library also has it coded up:
https://github.com/IBM-Security/ibmsecurity/blob/5f0eb04fff1b075eee749e7d6b63726de08890f5/ibmsecurity/isam/web/runtime/process.py#L127
------------------------------
Matt Jenkins
Original Message:
Sent: Wed April 24, 2024 09:59 AM
From: Nick Lloyd
Subject: ISAM Ansible Migration Automation
Hi Sampada,
Starting in 10.0.4.0 there is a Policy Server export/import feature. This does not include the data from either the the embedded CONFIGDB or HVDB. See https://www.ibm.com/docs/en/sva/10.0.7?topic=environment-exporting-runtime-configuration for details.
------------------------------
Nick
IBM Security Verify Customer Support
Original Message:
Sent: Mon April 22, 2024 04:51 AM
From: Sampada Bhelsewale
Subject: ISAM Ansible Migration Automation
I am migrating the reverseproxies and junctions of one ISAM to another with Ansible.
How to migrate the policy server ?
------------------------------
Sampada Bhelsewale
------------------------------