How We Worklet: Python Script to Migrate Policies from Org to Org in Automox

Welcome to the fifth installment of our blog series: How We Worklet.

Today, we have the great pleasure of talking shop with Automox IT Cloud Engineer, Ryan Braunstein.

But before we dive in and discover what Ryan’s Worklet is all about, let’s briefly revisit just what Worklets are and how you can use them within Automox.

Recap: What’s a Worklet and how is it used?

Automox Worklets™️ are super helpful automation tools. Worklets hand over the reins so you can eliminate manual tasks across all your endpoints (regardless of OS or location) and improve your endpoint security posture and compliance. With Automox, there’s no need to spend hours combing through audit spreadsheets or applying fixes manually.

Automox Worklets are script-based units of work that consolidate your tooling and automate work – from configuration, vulnerability remediation, provisioning, and other routine and repetitive tasks across Windows, macOS, and Linux. Worklets save money, reduce cyber risk, and save your IT team members time (and their sanity).

Leverage our catalog of pre-built Worklets or customize them for your unique environment to strengthen endpoint security controls and meet compliance standards without breaking a sweat.

Today’s Winning Worklet: Python script to migrate policies from org to org

Today's Winning Worklet is brought to you by Ryan Braunstein.

Ryan is an IT Cloud Engineer. His background is in automating everything networking and security. He's worked in multiple roles, from boots on the ground positions at MSPs to IT leadership roles.

Ryan graduated from the University of Maryland with a degree in Computer Networks and Security. Outside of Automox, he keeps up with security current events, plays video games, and makes awesome music with his band, The Love Atomic. Check out some of their awesome tunes on Spotify.

We were lucky enough to sit down with Ryan to learn more about his Worklet and the different use cases to which it can be applied. Here’s what he said:

Why did you build the 'Python Script to Migrate Policies from Org to Org' Worklet? What problem does it solve?

When we went to migrate our organization's internal Automox account to a separate account we ran into the issue of all our internal scripting being written in PowerShell.

For a Windows user, this is completely acceptable. But, I felt we should have a script that could be used universally – on any system or within customer environment. So, I chose Python to accomplish that task.

What task does this Worklet accomplish?

This script takes all policies within an org and moves them over to the recipient org. The only thing this script is incapable of moving are payload files, which I believe was also a limitation of the PowerShell script provided to us.

How long did it take to build?

The script itself took about 20 minutes to put together, if I’m overestimating.

How does it work?

Once configured to reflect your environment variables, the script reaches out via Automox’s /policy API endpoint and creates a list of all the policy IDs contained in the current org.

We've outlined the code below, but you can also take a closer look at it here.

Before you built this Worklet, how much time did it take to do the same task(s)?

To migrate all of our policies by hand would have taken at least a few hours in the day with how many we had. To manually migrate 75 policies, I'd say the project would take at least 6 hours.

Now that you have this Worklet, how much time does the same task take?

Well, now that we’ve got the Python Script to Migrate Policies from Org to Org Worklet, it’ll take around 5 minutes to migrate those 75 policies. And it might take another 15 to 20 minutes to re-upload their payloads.

Is the Python Script to Migrate Policies from Org to Org Worklet device-specific?

Nope. Any device that can run Python can use the Worklet.

Which type of IT or security role might especially benefit from using this Worklet?

I think this script would be most useful in the hands of an IT Manager or an MSP looking to migrate other orgs into Automox from their current Automox org. As far as Worklets or scripts go, this one is pretty niche.

Have you been able to measure any quantitative outcomes as a result of implementing this Worklet?

The Worklet reduced our policy migration time by several hours.

And finally… just for fun, if this Worklet were an animal, what would it be and why? What would its theme song be?

Honestly, as much as I’d like to call this policy a cheetah or something cool like a rhinoceros, it’s probably more like a workhorse capable of pulling a cart. It's completely utilitarian and used for getting from point A to B.