CreateBackupPolicy - Security Center - Alibaba Cloud Documentation Center

Creates an anti-ransomware policy for servers.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-sas:CreateBackupPolicy	create	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
Name	string	Yes	The name of the anti-ransomware policy.	ServerBackUpPolicy01
Policy	object	Yes	IsDefault: the type of the anti-ransomware policy. Valid values: 1: recommended policy 0: custom policy Include: the format of the files that you want to protect. If you want to protect the files in all formats, set this field to []. Source: the directory that you want to protect. If you want to protect all directories, set this field to []. ExcludeSystemPath: specifies whether to exclude a specific directory from the anti-ransomware policy. If you want to exclude a directory, set this field to true. If you do not want to exclude a directory, leave this field empty. Exclude: the directory that you want to exclude from the anti-ransomware policy. If you do not want to exclude a directory, set this field to []. Schedule: the start time and interval of a data backup task. We recommend that you specify a start time that begins during off-peak hours but does not start on the hour. Examples: If you set this field to I\|1583216092\|P21D, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of three weeks. If you set this field to I\|1583216092\|PT24H, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of 24 hours. Retention: the period during which backup data is retained. Unit: days. If you set this field to 7, backup data is retained for a week. If you set this field to 365, backup data is retained for a year. If you set this field to -1, backup data is permanently retained. SpeedLimiter: the limit on the network bandwidth for data backup tasks. If you set this field to 0:24:30720, the maximum bandwidth for a data backup task is 30 MB/s from 00:00 to 24:00. UseVss: specifies whether to enable the VSS feature. The feature is available only for Windows servers. Valid values: true: yes false: no Note The VSS feature is available only if you create the anti-ransomware policy for Windows servers. After you enable the feature, the number of backup failures due to running processes is significantly reduced. We recommend that you enable the VSS feature. After you enable the feature, the data of disks that are in the exFAT and FAT32 formats cannot be backed up.	"{"IsDefault":1,"Include":[],"Source":[],"Schedule":"I\|1648061040\|PT24H","Retention":7,"SpeedLimiter":"","ExcludeSystemPath":true,"Exclude":["/bin/","/usr/bin/","/sbin/","/boot/","/proc/","/sys/","/srv/","/lib/","/selinux/","/usr/sbin/","/run/","/lib32/","/lib64/","/lost+found/","/var/lib/kubelet/","/var/lib/ntp/proc","/var/lib/container","Windows","Python27","Program Files (x86)","Program Files","Boot","$RECYCLE.BIN","System Volume Information","Users\Administrator\NTUSER.DAT","ProgramData","pagefile.sys","Users\Default\NTUSER.DAT","Users\Administrator\ntuser.*"],"UseVss":true}"
PolicyVersion	string	Yes	The version of the anti-ransomware policy. Set the value to 2.0.0.	2.0.0
PolicyRegionId	string	No	The region ID of the server that is not deployed on Alibaba Cloud. Note We recommend that you specify the ID of the supported region that is the nearest to the location of the server. You can call the DescribeSupportRegion operation to query the supported regions of the anti-ransomware feature.	ch-hangzhou
UuidList	array	Yes	The UUIDs of the servers that you want to protect.
	string	Yes	The UUIDs of the servers that you want to protect. Separate multiple UUIDs with commas (,). Note You can call the DescribeCloudCenterInstances operation to query the UUIDs of servers.	3bb30859-b3b5-4f28-868f-b0892c98****

Response parameters

Parameter	Type	Description	Example
	object	The data returned.
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	24A20733-10A0-4AF6-BE6B-E3322413BB68
BackupPolicy	object	The information about the anti-ransomware policy.
Id	string	The ID of the anti-ransomware policy.	1301575
Status	string	The status of the anti-ransomware policy. Valid values: enabled disabled Note After you create an anti-ransomware policy, the policy is enabled by default.	enabled

Examples

Sample success responses

JSONformat

{
  "RequestId": "24A20733-10A0-4AF6-BE6B-E3322413BB68",
  "BackupPolicy": {
    "Id": "1301575",
    "Status": "enabled"
  }
}

Error codes

HTTP status code	Error code	Error message	Description
400	AgentNotOnline	The agent not online.	The error message returned because the Security Center agent is offline. Make sure that the Security Center agent is online and try again.
400	AntiRansomwareCapacityUseUp	anti ransomware capacity use up	-
403	NoPermission	caller has no permission	You are not authorized to do this operation.
500	ServerError	ServerError	-

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2024-09-25	The Error code has changed	View Change Details
2023-03-23	The Error code has changed	View Change Details
2022-08-01	The internal configuration of the API is changed, but the call is not affected	View Change Details
2022-08-01	The internal configuration of the API is changed, but the call is not affected	View Change Details