How do I export all of my policy objects from one Org so I can import to the other?

CarlT
Here to help

How do I export all of my policy objects from one Org so I can import to the other?

Hi All

We need to configure some firewall rules on some MX appliances, we have lots of objects on one of them.

I would like to export all the objects from this org and import them into another.

What is the easiest way of doing this?

I am not an API person so if it does involve things like Python etc, please explain the steps in detail 🙂

Many thanks

7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal

Hi,

 

You can use this one.

 

mx_firewall_control/mxfirewallcontrol.py: Script to display, modify and create backups of MX Layer 3 firewall rulesets. Can be used as a command line utility or a backend process for a custom management portal. See also mxfirewallcontrol_manual.pdf and mxfirewallcontrol_example_input_file.txt in this directory.

 

https://developer.cisco.com/codeexchange/github/repo/meraki/automation-scripts/

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
ww
Kind of a big deal
Kind of a big deal

You could get them using this page and then send(post) them to the other org.

Or try starting with postman/tutorial that should be doable when starting with api's

 

https://developer.cisco.com/meraki/api-v1/get-organization-policy-objects/

 

https://developer.cisco.com/meraki/build/meraki-postman-collection-getting-started/

rhbirkelund
Kind of a big deal
Kind of a big deal

Do you also use Object Groups?

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
CarlT
Here to help

Hi, yes we do

alemabrahao
Kind of a big deal
Kind of a big deal

It is not possible to export from one organization to another except via API.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
rhbirkelund
Kind of a big deal
Kind of a big deal

I couldn't really wrap my head around mapping New Objects to the New Groups, but here's the gist of it.

Unless you modify it yourself to map them, you'll have to do so manually in the dashboard.

I have only just written this. I have not tested it.

 

 

 

#! /usr/bin/env python3

import meraki

SRC_ORG_ID = ""
DEST_ORG_ID = ""

def GetObjectsAndGroups(p_dashboard,p_OrgId):
    print(f"Retrieving Policy Objects for {p_OrgId}..")
    PolicyObjects = p_dashboard.organizations.getOrganizationPolicyObjects(
        p_OrgId, total_pages='all'
    )
    print("Done!")
    print(f"Retrieving Policy Objects Groups for {p_OrgId}..")
    PolicyObjectGroups = p_dashboard.organizations.getOrganizationPolicyObjectsGroups(
        p_OrgId, total_pages='all'
    )
    print("Done!")

    result = {
        "objects": PolicyObjects,
        "groups": PolicyObjectGroups
    }
    return result

def PostObject(p_dashboard,p_OrgId,p_Objects):
    NewPolicyObjects = []
    print("Creating new object, one-by-one..")
    for item in p_Objects:
        print(f"Pushing  Obj: {item['name']}...")
        response = p_dashboard.organizations.createOrganizationPolicyObject(
            p_OrgId, item['name'], item['category'], item['type'], 
            groupIds=[]
        )
        print(f"Done! New object id is {response['id']}")
        NewPolicyObjects.append(response)
    return NewPolicyObjects

def PostObjGroup(p_dashboard,p_OrgId,p_Groups):
    NewPolicyObjGroups = []
    print("Creating new group, one-by-one..")
    for item in p_Groups:
        print(f"Pushing  Group: {item['name']}...")
        response = p_dashboard.organizations.createOrganizationPolicyObjectsGroup(
            p_OrgId, item['name'],
            objectIds=[]
        )
        print(f"Done! New group id is {response['id']}")
        NewPolicyObjGroups.append(response)
    return NewPolicyObjGroups


def main():
    dashboard = meraki.DashboardAPI(
        suppress_logging=True,
        simulate=False
    )

    # Pull objects from source Organisatiion
    Src_PolicyObjects = GetObjectsAndGroups(dashboard,SRC_ORG_ID)

    # Push object to destination Organization
    NewPolicyObjects = PostObject(dashboard,DEST_ORG_ID,Src_PolicyObjects['objects'])

    #Push object groups
    NewPolicyObjectGroups = PostObjGroup(dashboard,DEST_ORG_ID,Src_PolicyObjects['groups'])

    ### TODO: Map Objects to Groups


if __name__ == "__main__":
    main()

 

 

Edit: Remove simulate param, and added missing colon to method definition.

 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
PhilipDAth
Kind of a big deal
Kind of a big deal

I haven't used it, but I believe Boundless Digital might offer a tool to do this.

https://www.boundlessdigital.com/network-management/meraki-automation/move-devices-and-networks/ 

Get notified when there are additional replies to this discussion.