pingcli platform export

Synopsis

Export configuration-as-code packages for the Ping Platform.

The CLI can export Terraform HCL to use with released Terraform providers. The Terraform HCL option generates import {} block statements for resources in the target environment. Using Terraform import {} blocks, the platform’s configuration can be generated and imported into state management. More information can be found at https://developer.hashicorp.com/terraform/language/import

pingcli platform export [flags]

Examples

  Export configuration-as-code for all products configured in the configuration file, applying default options.
    pingcli platform export

  Export configuration-as-code packages for all configured products to a specific directory, overwriting any previous export.
    pingcli platform export --output-directory /path/to/my/directory --overwrite

  Export configuration-as-code packages for all configured products, specifying the export format as Terraform HCL.
    pingcli platform export --format HCL

  Export configuration-as-code packages for PingOne (core platform and SSO services).
    pingcli platform export --services pingone-platform,pingone-sso

  Export configuration-as-code packages for PingOne (core platform), specifying the PingOne environment connection details.
    pingcli platform export --services pingone-platform --pingone-client-environment-id 3cf2... --pingone-worker-client-id a719... --pingone-worker-client-secret ey..... --pingone-region-code EU

  Export configuration-as-code packages for {pingfed}, specifying the {pingfed} connection details using basic authentication.
    pingcli platform export --services pingfederate --pingfederate-authentication-type basicAuth --pingfederate-username administrator --pingfederate-password 2FederateM0re --pingfederate-https-host https://pingfederate-admin.bxretail.org

  Export configuration-as-code packages for PingFederate, specifying the PingFederate connection details using OAuth 2.0 client credentials.
    pingcli platform export --services pingfederate --pingfederate-authentication-type clientCredentialsAuth --pingfederate-client-id clientID --pingfederate-client-secret clientSecret --pingfederate-token-url https://pingfederate-admin.bxretail.org/as/token.oauth2

  Export configuration-as-code packages for PingFederate, specifying optional connection properties
    pingcli platform export --services pingfederate --x-bypass-external-validation=false --ca-certificate-pem-files "/path/to/cert.pem,/path/to/cert2.pem" --insecure-trust-all-tls=false

Options

-f, --format string Specifies the export format. (default HCL)
Options are: HCL.
-h, --help help for export
-d, --output-directory string Specifies the output directory for export. Can be an absolute filepath or a relative filepath of the present working directory.
Example: '/Users/example/pingcli-export'
Example: 'pingcli-export'
-o, --overwrite Overwrite the existing generated exports in output directory. (default false)
--pingfederate-access-token string The PingFederate access token used to authenticate to the PingFederate admin API when using a custom OAuth 2.0 token method.
--pingfederate-admin-api-path string The PingFederate API URL path used to communicate with PingFederate's admin API. (default /pf-admin-api/v1)
--pingfederate-authentication-type string The authentication type to use when connecting to the PingFederate admin API.
Options are: accessTokenAuth, basicAuth, clientCredentialsAuth.
Example: 'basicAuth'
--pingfederate-ca-certificate-pem-files []string Relative or full paths to PEM-encoded certificate files to be trusted as root CAs when connecting to the PingFederate server over HTTPS. (default [])
Accepts a comma-separated string to delimit multiple PEM files.
--pingfederate-client-id string The PingFederate OAuth client ID used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type.
--pingfederate-client-secret string The PingFederate OAuth client secret used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type.
--pingfederate-https-host string The PingFederate HTTPS host used to communicate with PingFederate's admin API.
Example: 'https://pingfederate-admin.bxretail.org'
--pingfederate-insecure-trust-all-tls Trust any certificate when connecting to the PingFederate server admin API. (default false)
This is insecure and should not be enabled outside of testing.
--pingfederate-password string The PingFederate password used to authenticate to the PingFederate admin API when using basic authentication.
--pingfederate-scopes []string The PingFederate OAuth scopes used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type. (default [])
Accepts a comma-separated string to delimit multiple scopes.
Example: 'openid,profile'
--pingfederate-token-url string The PingFederate OAuth token URL used to authenticate to the PingFederate admin API when using the OAuth 2.0 client credentials grant type.
--pingfederate-username string The PingFederate username used to authenticate to the PingFederate admin API when using basic authentication.
Example: 'administrator'
--pingfederate-x-bypass-external-validation-header Bypass connection tests when configuring PingFederate (the X-BypassExternalValidation header when using PingFederate's admin API). (default false)
--pingone-authentication-type string The authentication type to use to authenticate to the PingOne management API. (default worker)
Options are: worker.
--pingone-export-environment-id string The ID of the PingOne environment to export. Must be a valid PingOne UUID.
--pingone-region-code string The region code of the PingOne tenant.
Options are: AP, AU, CA, EU, NA.
Example: 'NA'
--pingone-worker-client-id string The worker client ID used to authenticate to the PingOne management API.
--pingone-worker-client-secret string The worker client secret used to authenticate to the PingOne management API.
--pingone-worker-environment-id string The ID of the PingOne environment that contains the worker client used to authenticate to the PingOne management API.
-s, --services []string Specifies the service(s) to export. Accepts a comma-separated string to delimit multiple services. (default pingfederate, pingone-mfa, pingone-platform, pingone-protect, pingone-sso)
Options are: pingfederate, pingone-mfa, pingone-platform, pingone-protect, pingone-sso.
Example: 'pingone-sso,pingone-mfa,pingfederate'

Options inherited from parent commands

  -C, --config string          The relative or full path to a custom Ping CLI configuration file. (default $HOME/.pingcli/config.yaml)
      --no-color               Disable text output in color. (default false)
  -O, --output-format string   Specify the console output format. (default text)
                               Options are: json, text.
  -P, --profile string         The name of a configuration profile to use.

More information

pingcli platform - Administer and manage the Ping integrated platform.

Configuration Automation - Ping CLI