Amster usage examples
In this section, you can find examples of tasks you can do with Amster.
For Amster examples in Docker and Kubernetes deployments, see the ForgeRock DevOps guide. |
Clone an Access Management instance
This example shows the high-level steps required to clone an AM instance, from exporting the configuration of the original instance, to installing the new instance and importing the configuration into it.
Follow these steps to clone an AM instance using Amster:
-
Create a transport key in the original AM instance, if one does not exist already. For more information, refer to Create transport keys to export configuration data.
-
Keep the transport key safe by exporting it to another keystore. The key is required to import the configuration into the new AM instance. For more information, see Duplicate and install a transport key.
-
Connect to the original AM instance using the
amster
command. For more information, refer to Connect to AM. -
Export all the configuration of the original AM instance using the
export-config
command. For more information, refer to Export configuration data. -
Take note of the value of the Password Encryption Key field on the original AM, for example,
O6QWwHPO4os+zEz3Nqn/2daAYWyiFE32
.To locate it, log in to the original AM instance, and navigate to Deployment > Servers > Server Name > Security > Encryption.
-
In the new server, deploy the AM
.war
file in a web container, but do not configure it. -
Install the new AM instance using the
install-openam
command, specifying the original AM password encryption key with the--pwdEncKey
option. For example:am> install-openam \ --serverUrl https://openam.example.com:8443/openam \ --adminPwd forgerock \ --pwdEncKey O6QWwHPO4os+zEz3Nqn/2daAYWyiFE32 \ --acceptLicense
For more information, refer to Install AM with Amster.
-
Import the transport key of the original AM instance into the keystore of the new AM instance. For more information, see Duplicate and install a transport key.
-
Connect to the new AM instance using the
amster
command. For more information, refer to Connect to AM. -
Import the configuration of the original AM instance using the
import-config
command. For more information, refer to Import configuration data.
Amster sample scripts
This section covers sample scripts and files found in the /path/to/amster/samples
directory:
transport-key.sh
-
Shell script to manage transport keys. You can use it as a template for your own scripts to create, delete, and export the key to another keystore.
Invoke the script’s help for a list of possible actions:
$ ./transport-key.sh help
For more information about the transport key, refer to Create transport keys to export configuration data.
realm.amster
-
Amster script containing an example of different operations that can be done at realm level, such as creating a data store, displaying its configuration, modifying it, and deleting it.
For more information about writing scripts for Amster, see Scripts.
import-example.amster
-
Amster script containing an example of the
import-config
command.For more information about writing scripts for Amster, see Scripts.
export-example.amster
-
Amster script containing an example of the
export-config
command.