The below document outlines the workflow and requirements for migrating your IriusRisk instance from On-premise to SaaS, in this guide you will find all relevant information regarding your migration and the different steps required to achieve this.
Please review the below workflow that illustrates which steps are relevant to your migration, if SSO and customization are not applicable to your instance please disregard step’s 4 & 5.
Once you are ready to proceed with the migration you will need to ensure you are running the latest version of IriusRisk available, to see what version that is please refer to our release notes here on our support site or check with your nominated CSM, for guidance on upgrading please see our upgrade guide here. Write down your current IriusRisk version, you’ll need it later to provide it to the support team.
After upgrading the next requirement will be for you to take a snapshot of your database, if you have followed our installation guide when setting up your on-premise deployment the name for your database should be iriusprod, more information on the backup process can be found here on our support site or also here on the PostgreSQL website. Please note that this backup will be the version of your system that is uploaded to your new SaaS deployment, any changes made after this backup will not be migrated.
After updating and backing up your database the next step will be to export the database backup onto a file sharing site of your choice from which you will grant a member of the IriusRisk Product Support team access to extract the data, please note that IriusRisk does not facilitate any FTP services and these must be provided by the customer.
Files to be include in this FTP repository are:
- The .sql or .dump file of the database backup.
- A copy of your docker-compose.yml definition file.
- A copy of your SSO metadata file ‘idp.xml’ if using SSO. (see step 4)
- A copy of your groovy definition file ‘SAMLv2-config.groovy’ if using SSO. (see step 4)
- Any custom logos or images if you are using further customisation. (see step 5)
- A text file with your current IriusRisk version
Once you have completed the above steps, please raise a support case with the IriusRisk Product Support team here and specify the below details, once this is received we will take care with finalizing the migration.
- Instructions to the support team to download your files.
- What region will the majority of your user base be accessing the deployment from? (i.e. US east/west or European east/west)
- What type of deployment will work best for your IriusRisk instance? (i.e. HA/Single instance) for more information on this please speak with your nominated CSM.
- What is your preferred domain name? (i.e. Customer.iriusrisk.com)
If you do currently have a SAML integration in place for your On-Premise deployment and wish to move this configuration to your new SaaS deployment then please read through the following steps.
As part of the migration to your new SaaS deployment, changes will need to be made within your SAML server to reflect the new assertion URL, this responsibility lies with the customer and must be updated before proceeding within implementation on the new instance. The URL for the instance will need to be defined and live before making the changes within your IDP so please liaise with your Product Support Contact to finalize this, for more information on a standard SAML configuration please refer to one of our support articles for further information.
We will also require a copy of your federation metadata file (idp.xml) and a copy of your groovy definition file (SAMLv2-config.groovy) which can be transferred via the FTP step, as noted in step 3 above.
Please note that since your URL endpoint will change, the idp.xml will also need to be re-generated.
If you have any further customizations such as custom logos or anything else that you believe IriusRisk should be aware of please let us know in the support case, for custom logos and branding please ensure that the logo images are uploaded as part of the FTP step as noted in step 3 above and we will ensure that these are part of your new SaaS deployment.