All Products
Search

This Product

    Cloud Backup:Manage backup policies

    Document Center

    Cloud Backup:Manage backup policies

    Last Updated:May 14, 2024

    You can configure independent backup policies for different data sources in different scenarios for enterprises. You can manage backup policies in a unified manner and flexibly back up data. This topic describes how to create, modify, and delete a backup policy.

    Policy for backing up recent data densely and earlier data sparsely

    In enterprise-level backup scenarios, the capacity to back up recent data densely and earlier data sparsely is common and important for data protection. Cloud Backup provides such backup capability.

    The policy for backing up recent data densely and earlier data sparsely optimizes the efficiency in using storage resources while ensuring data security.

    • Dense backups of recent data: Cloud Backup frequently backs up the recent data that has changes. The backup may be performed on an hourly, daily, or weekly basis. This ensures that data can be restored to the most recent state if data is lost or corrupted. Recent backups are generally stored in more accessible storage systems, such as the Standard tier.

    • Sparse backups of earlier data: Some backups may not need to be accessed frequently over time. In this case, the backup frequency is reduced. For example, the backup may be performed on a weekly, quarterly, or yearly basis. These backups are generally migrated to more cost-efficient storage solutions, such as the Archive tier.

    This policy has the following advantages:

    1. Cost-effectiveness: Storage costs decrease over time because high-cost fast-access storage resources do not need to be retained for all historical data.

    2. Restoration efficiency: Recent backups can be quickly restored to ensure business continuity and data timeliness.

    3. Data retention: Historical data that meets regulatory requirements and business requirements can be retained for a long time.

    4. Resource optimization: You can migrate infrequently accessed data to cheaper storage systems, optimizing the use of storage resources.

    Cloud Backup automatically backs up data sources based on the backup policy that you configure. Backup policies help you flexibly manage data sources. A backup policy includes the following settings: the backup cycle, retention period, cross-region replication policy, and automatic archiving of backup data.

    Limits

    Important

    Before you create backup policies, take note of the following limits:

    • You can create backup policies only in some regions. To view the regions that support backup policies, click Policy Center in the left-side navigation pane of the Cloud Backup console.

    • Only Elastic Compute Service (ECS) instance backup, Object Storage Service (OSS) backup, Apsara File Storage NAS (NAS) backup, on-premises file backup, ECS file backup, and on-premises NAS backup support backup policies.

    • Only OSS backup, NAS backup, on-premises file backup, ECS file backup, and on-premises NAS backup support backup vault configurations and the automatic archiving feature.

    • The cross-region replication feature is available only for ECS instance backup.

    Create a backup policy

    Before you back up a data source, you must create a backup policy.

    1. Log on to the Cloud Backup console.

    2. In the left-side navigation pane, click Policy Center.

    3. In the top navigation bar, select a region.

    4. On the Policy Center page, click Create Backup Policy.

    5. In the Create Policy panel, configure parameters such as Policy Name, Schedule, Lifecycle, and Replication Policy, and then click OK.

      Parameter

      Description

      Policy Name

      The name of the custom backup policy.

      The name must be 2 to 128 characters in length and cannot start with auto, a special character, or a digit. The name can contain only the following special characters: periods (.), underscores (_), hyphens (-), and colons (:).

      Backup Vault

      The backup vault to which you want to store the backup data. If you do not need to configure a backup vault, select No.

      • No: No backup vault is created.

      • Create Vault: If you select this option, specify a name for the backup vault in the Vault Name field. By default, the vault name is assigned based on the date and time.

      • Select Vault: If you select this option, select a backup vault from the Vault Name drop-down list.

      Important

      For ECS instance backup, the snapshot capacity is used. You do not need to configure a backup vault.

      To maximize the redundancy of your backup data, Cloud Backup uses zone-redundant storage (ZRS)-enabled backup vaults by default in regions that support ZRS-enabled backup vaults. For regions that support only locally redundant storage (LRS)-enabled backup vaults, Cloud Backup uses LRS-enabled backup vaults. You do not need to manually select a backup vault type.

      Vault Name

      This parameter is required only if the Backup Vault parameter is set to Create Vault or Select Vault. Enter or select the name of a backup vault.

      Vault Resource Group

      This parameter is required only if the Backup Vault parameter is set to Create Vault. This parameter specifies the resource group to which the backup vault belongs.

      You can use resource groups to manage resources owned by your Alibaba Cloud account. Resource groups help you simplify the resource and permission management of your Alibaba Cloud account. For more information, see Create a resource group.

      Backup Vault Encryption Method

      This parameter is required only if the Backup Vault parameter is set to Create Vault. This parameter specifies the method that is used to encrypt the data in the backup vault.

      • Cloud Backup-managed (default): You can use the default encryption method of Cloud Backup.

      • KMS: You can use Key Management Service (KMS) to encrypt the data that is stored in the backup vault. If you select this option, configure the KMS KeyId parameter.

        Important

        • If you enable KMS-based encryption, you cannot modify a KMS key.

        • Before you can use the KMS key to encrypt the data in the backup vault, you must create a key ID in the KMS console. For more information, see Create a CMK.

      Schedule

      Backup Frequency

      The data backup cycle. You must specify parameters such as First Execution Time and Time Interval.

      • Hourly: Data is backed up at an interval of the specified hours.

      • Daily: Data is backed up at an interval of the specified days.

      • Weekly: Data is backed up on the specified days of the week.

      • Monthly: Data is backed up on the specified days of the specified months.

      Lifecycle

      Retention and deletion of backup data:

      • For example, the Retention Period at Standard Tier parameter is set to seven days and the Retention Period at Archive Tier parameter is set to No. After seven days, the data in the backup vault is deleted.

      • For example, the Retention Period at Standard Tier parameter is set to Specify Time and the Retention Period at Archive Tier parameter is set to 30 days. Data is stored at the Standard tier for the specified period of time and then transferred to the Archive tier. After the data is stored at the Archive tier for 30 days, the data is deleted.

      Important

      • When you use a backup vault to create a mirror vault for cross-region backup, the data at the Archive tier of the backup vault is not replicated to a remote location. After the data at the Standard tier in the backup vault is transferred to the Archive tier, the corresponding data in the remote mirror vault is deleted.

      • Data at the Archive tier is calculated based on the size of the raw data that is transferred from the Standard tier to the Archive tier. An object or file whose size is less than 1 MB is calculated as 1 MB. If a large number of small files exist, we recommend that you carefully evaluate whether to transfer data to the Archive tier. For more information, see Automatic archiving.

      Retention Period at Standard Tier

      The retention period of backup data at the Standard tier.

      By default, backup data is retained at the Standard tier of the backup vault.

      Important

      You cannot permanently retain the backup data of ECS instances.

      • Permanent: The backup data is permanently retained at the Standard tier.

      • Schedule Time: You can specify a retention period. Valid values: 1 to 999999. Unit: days. By default, backup data of ECS instances is retained for seven days and other backup data is retained for two years. Data is deleted when the retention period expires.

      Retention Period at Archive Tier

      This parameter is required only if you set Retention Period at Standard Tier to Schedule Time.

      For backup data that needs to be retained for a long time, you can use this parameter to automatically transfer recovery points from the Standard tier to the Archive tier to reduce data protection costs.

      • No: Data is not retained at the Archive tier. Data is retained at the Standard tier and then is deleted when the retention period expires.

      • Permanent: Data at the Standard tier is automatically deleted when the retention period expires. Data is retained permanently at the Archive tier.

      • Schedule Time: You can specify a retention period. Valid values: 1 to 999999. Unit: days. Data is deleted when the retention period expires.

      Special Retention Period

      To meet data security requirements, Cloud Backup allows you to specify a retention period for general backups and specify longer retention periods for the first backups that are generated every week, every month, and every year. A special retention policy includes the settings of retention periods for the first backups that are generated every week, every month, and every year. For more information, see Special retention periods.

      Important

      Limits are imposed on the special retention period, the retention period at the Standard tier, and the retention period at the Archive tier. When you configure the special retention period, take note of the following items:

      • The special retention period must be greater than the sum of the retention period at the Standard tier and the Archive tier.

      • If you do not specify the retention period at the Archive tier, the special retention period extends the retention period at the Standard tier.

      • If you specify the retention period at the Archive tier, the special retention period extends the retention period at the Archive tier.

      Keep At Least One Backup Version

      We recommend that you turn on the switch. If you turn on the switch, the latest backup version generated by the backup plan is not deleted due to the expiration of the retention period or accidental operations. This prevents the risk that no backup version is available for restoration due to reasons such as improper backup plan settings. For more information, see Keep at least one backup version.

      Replication Policy

      Replication to Other Region

      This parameter is required only if the Backup Vault parameter is set to No. If you turn on Replication to Other Region, the backups that are created by using the backup policy are automatically replicated to the specified destination region, implementing cross-region data protection.

      The replication policy is not supported when you use a backup vault. In this case, you can use the cross-region backup feature to implement cross-region replication. For more information, see Back up data across regions.

      Destination Region

      This parameter is required only if you turn on Replication to Other Region. This parameter specifies the destination region to which you want to replicate the backup data.

      Retention Period

      This parameter is required only if you turn on Replication to Other Region. This parameter specifies the period of time for which you want to retain the backup data that is replicated to the destination region.

      • Permanent: The backup data is permanently retained.

      • Schedule Time: You can specify a retention period. Valid values: 1 to 999. Unit: days. The default retention period is 7 days. Data is deleted when the retention period expires.

      After the backup policy is created, you can view the backup policy on the Policy Center page.

      Note

      When you create a backup plan for a specific data source, you can associate the backup plan with a backup policy.

      备份策略

    Modify the backup policy

    You can click Edit in the Actions column to modify the backup policy. You can modify the settings of the backup policy. After the backup policy is modified, the modification takes effect in the next backup job.

    For example, if the backup policy that you created does not meet your business requirements, you can perform this operation to modify the backup policy.

    Disassociate the backup policy from the data sources

    You can choose More > Disassociate in the Actions column to disassociate the backup policy from the data sources. After the backup policy is disassociated from the data sources, Cloud Backup no longer performs the backup plan for the data sources.

    Warning

    After a backup policy is disassociated from a data source, Cloud Backup no longer runs the backup policy for the data source. The data source is no longer protected, and the backups that have been generated are not affected. Proceed with caution.

    Delete the policy backup

    You can choose More > Delete in the Actions column to delete the backup policy. After you delete the backup policy, Cloud Backup no longer runs backup jobs for the associated data sources but retains the backup data.

    Warning

    After a backup policy is deleted, Cloud Backup no longer runs backup jobs for the associated data sources. The data sources are no longer protected. Proceed with caution.