Create a backup policy

You can configure independent backup policies for different data sources in different scenarios for enterprises. You can manage backup policies in a unified manner and flexibly back up data. You can configure the same backup policy for data sources of the same type and then associate the data sources with the backup policy to quickly back up the data sources. This topic describes how to create, modify, and associate a backup policy.

Policy for backing up recent data densely and earlier data sparsely

In enterprise-level backup scenarios, the capacity to back up recent data densely and earlier data sparsely is common and important for data protection. Cloud Backup provides such backup capability.

The policy for backing up recent data densely and earlier data sparsely optimizes the efficiency in using storage resources while ensuring data security.

Dense backups of recent data: Cloud Backup frequently backs up the recent data that has changes. The backup may be performed on an hourly, daily, or weekly basis. This ensures that data can be restored to the most recent state if data is lost or corrupted. Recent backups are generally stored in more accessible storage systems, such as the Standard tier.
Sparse backups of earlier data: Some backups may not need to be accessed frequently over time. In this case, the backup frequency is reduced. For example, the backup may be performed on a weekly, quarterly, or yearly basis. These backups are generally migrated to more cost-efficient storage solutions, such as the Archive tier.

This policy has the following advantages:

Cost-effectiveness: Storage costs decrease over time because high-cost fast-access storage resources do not need to be retained for all historical data.
Restoration efficiency: Recent backups can be quickly restored to ensure business continuity and data timeliness.
Data retention: Historical data that meets regulatory requirements and business requirements can be retained for a long time.
Resource optimization: You can migrate infrequently accessed data to cheaper storage systems, optimizing the use of storage resources.

Cloud Backup automatically backs up data sources based on the backup policy that you configure. Backup policies help you flexibly manage data sources. A backup policy includes the following settings: the backup cycle, retention period, cross-region replication policy, and automatic archiving of backup data.

Limits

Important

Before you create backup policies, take note of the following limits:

You can create backup policies only in some regions. To view the regions that support backup policies, click Policy Center in the left-side navigation pane of the Cloud Backup console.
Only Elastic Compute Service (ECS) instance backup, Object Storage Service (OSS) backup, Apsara File Storage NAS (NAS) backup, on-premises file backup, ECS file backup, and on-premises NAS backup support backup policies.
Only OSS backup, NAS backup, on-premises file backup, ECS file backup, and on-premises NAS backup support backup vault configurations and the automatic archiving feature.
The cross-region replication feature is available only for ECS instance backup.
The Backup Point Virus Detection feature supports the following data sources: ECS file backup (new version), on-premises file backup (new version), OSS backup, NAS backup, and on-premises NAS backup.
For more information about the regions that support the feature, see Features available in each region.

Before you back up a data source, you must create a backup policy.

Log on to the Cloud Backup console.
In the left-side navigation pane, choose Backup > Policy Center.
In the top navigation bar, select a region.
On the Policy Center page, click Create Backup Policy.

In the Create Backup Policy dialog box, configure parameters such as Policy Type, Policy Name, Schedule, Lifecycle, Automatic Archiving, Backup Vault, and Replication Policy, and then click OK.

Parameter	Description
Policy Type	The policy type. General Backup Policy: This type of policy applies to backups other than ECS instance backup, such as NAS backup, on-premises file backup, ECS file backup, and on-premises NAS backup. Backup data is stored in a general-purpose backup vault. ECS Instance Backup Policy: This type of policy applies only to ECS instance backup. Backup data uses the snapshot capacity and is not stored in a backup vault. For more information, see Overview of ECS instance backup.
Policy Name	The name of the custom backup policy. The name must be 2 to 128 characters in length and cannot start with auto, a special character, or a digit. The name can contain only the following special characters: periods (.), underscores (_), hyphens (-), and colons (:).
Schedule
Backup Frequency	The data backup cycle. You must specify parameters such as First Execution Time and Time Interval. Hourly: Data is backed up at an interval of the specified hours. Daily: Data is backed up at an interval of the specified days. Weekly: Data is backed up at an interval of the specified weeks. Monthly: Data is backed up at an interval of the specified dates.
Lifecycle	The retention period of backup data. Permanent: Backup data is permanently retained and is not deleted. Specify Time: The total retention period of backup data. For example, if you set the Specify Time parameter to 210 days, backup data is retained for 210 days and is deleted when the retention period expires.
Special Retention Period	To meet data security requirements, Cloud Backup allows you to specify a retention period for general backups and specify longer retention periods for the first backups that are generated every week, every month, and every year. A special retention policy includes the settings of retention periods for the first backups that are generated every week, every month, and every year. For more information, see Special retention periods. Important Limits are imposed on the special retention period and the retention period. We recommend that you configure the special retention period based on system recommendations. Take note of the following limits: You do not need to configure a special retention period for permanently retained backup data. The special retention period must be longer than the retention period.
Keep At Least One Backup Version	We recommend that you turn on the switch. If you turn on the switch, the latest backup version generated by the backup plan is not deleted due to the expiration of the retention period or accidental operations. This prevents the risk that no backup version is available for restoration due to reasons such as improper backup plan settings. For more information, see Keep at least one backup version. Important This feature takes effect only after a data source is associated with this backup policy. The latest backup is not automatically transferred to the Archive tier.
Automatic Archiving
Days to Transfer to Archive Tier	The number of days after which backup data is transferred to the Archive tier. By default, backup data is retained at the Standard tier of the backup vault. If you need to retain backup data for a long period of time, you can use this feature to transfer backup and recovery points from the Standard tier to the Archive tier. This feature allows you to reduce data protection costs. Important When you use a backup vault to create a mirror vault for cross-region backup, the data at the Archive tier of the backup vault is not replicated to a remote location. After the data at the Standard tier in the backup vault is transferred to the Archive tier, the corresponding data in the remote mirror vault is deleted. Data at the Archive tier is calculated based on the size of the raw data that is transferred from the Standard tier to the Archive tier. An object or file whose size is less than 1 MB is calculated as 1 MB. If a large number of small files exist, we recommend that you carefully evaluate whether to transfer data to the Archive tier. For more information, see Automatic archiving. Backup data must be retained at the Standard tier for at least 30 days before it can be transferred to the Archive tier. After backup data is transferred to the Archive tier, the data must be retained at the Archive tier for at least 60 days. No: Backup data is permanently retained at the Standard tier and is not transferred to the Archive tier. Schedule Time: You can specify a retention period. Valid values: 30 to 999999. Unit: days. For example, if you specify to transfer backup data to the Archive tier after 30 days and the backup data is retained for a total of 210 days, the backup data is retained at the Archive tier for 180 days.
Backup Vault
Backup Vault	The backup vault to which you want to store backup data. Create Vault: If you select this option, create a backup vault to store backup data. By default, the vault name is assigned based on the date and time. Select Vault: If you select this option, select a backup vault from the Vault Name drop-down list. To maximize the redundancy of your backup data, Cloud Backup uses zone-redundant storage (ZRS)-enabled backup vaults by default in regions that support ZRS-enabled backup vaults. For regions that support only locally redundant storage (LRS)-enabled backup vaults, Cloud Backup uses LRS-enabled backup vaults. You do not need to manually select a backup vault type.
Vault Name	This parameter is required only if the Backup Vault parameter is set to Create Vault or Select Vault. Enter or select the name of a backup vault.
Vault Resource Group	This parameter is required only if the Backup Vault parameter is set to Create Vault. This parameter specifies the resource group to which the backup vault belongs. You can use resource groups to manage resources owned by your Alibaba Cloud account. Resource groups help you simplify the resource and permission management of your Alibaba Cloud account. For more information, see Create a resource group.
Backup Vault Encryption Method	This parameter is required only if the Backup Vault parameter is set to Create Vault. This parameter specifies the method that is used to encrypt the data in the backup vault. Cloud Backup-managed (default): You can use the default encryption method of Cloud Backup. KMS: You can use Key Management Service (KMS) to encrypt the data that is stored in the backup vault. If you select this option, configure the KMS KeyId parameter. Important If you enable KMS-based encryption, you cannot modify a KMS key. Before you can use the KMS key to encrypt the data in the backup vault, you must create a key ID in the KMS console. For more information, see Create a CMK.
Replication Policy	Backup data is replicated to another region. If you enable the cross-region replication feature, you are charged for the storage and traffic of various types of backup sources. For more information, see Billing methods and billable items. The following two cross-region replication technologies are available: For ECS Instance Backup Policy, the cross-region snapshot replication technology is used to implement cross-region replication. This technology can be used only to back up ECS instances. For General Backup Policy, a mirror vault is created in the destination region to implement cross-region replication. You can switch to the destination region to query the replication status of the mirror vault. For more information, see Back up data across regions. If you configure a backup vault and enable cross-region replication, the replication policy applies to all the backup policies that are associated with the backup vault. Existing and newly generated backups of the backup vault are replicated based on the replication policy.
Replication to Other Region	If you turn on Replication to Other Region, the backups that are created by using the backup policy are automatically replicated to the specified destination region, implementing cross-region data protection.
Destination Region	This parameter is required only if you turn on Replication to Other Region. This parameter specifies the destination region to which you want to replicate backup data.
Remote Retention Period	If you select ECS Instance Backup Policy and turn on Replication to Other Region, the cross-region snapshot replication technology is used to implement cross-region replication. This technology can be used only for ECS instance backup. Permanent: Backup data is permanently retained. Schedule Time: You can specify a retention period. Valid values: 1 to 65535. Unit: days. The default retention period is 7 days. Data is deleted when the retention period expires.
Data Security
Backup Point Virus Detection	If you turn on this switch, data is automatically detected for viruses after the data is backed up. You can view the detection results at the related backup point. For more information, see Backup point virus detection. Important After you enable the Backup Point Virus Detection feature in a backup policy, Cloud Backup performs a full virus detection for the first backup point and incremental virus detections for subsequent backup points. You are charged for using the Backup Point Virus Detection feature.

After the backup policy is created, you can view the backup policy on the Policy Center page.

Note

When you create a backup plan for a specific data source, you can associate the backup plan with a backup policy.

The following backup policy is created if you set Policy Type to General Backup Policy.
The following backup policy is created if you set Policy Type to ECS Instance Backup Policy.

Usage notes

Due to product feature upgrades, the existing backup policy is displayed as Legacy Backup Policy. Backup jobs are not affected.

You cannot create this type of policy or associate the policy with ECS instances. ECS instances that have been associated with the policy are not affected. If you want to add an ECS instance backup job, select ECS Instance Backup Policy.
The backup data of the ECS instances that are associated with the legacy backup policy uses the snapshot capacity. The backup data is not stored in a backup vault, replicated across regions with the backup vault, or automatically archived.

Modify the backup policy

Click Edit in the Actions column to modify the backup policy. After the backup policy is modified, the modification takes effect in the next backup job.

For example, if the backup policy that you created does not meet your business requirements, you can perform this operation to modify the backup policy.

Execute the backup policy immediately

Execute a backup job immediately for all data sources that are associated with the backup policy
Choose More > Execute Immediately in the Actions column. A backup job is executed immediately for all the associated data sources.
Execute a backup job immediately for a specified data source
Click to expand the details of the backup policy and click Execute Immediately in the Actions column of the specified data source. A backup job is executed immediately for the data source.

Disassociate the backup policy from the data sources

Choose More > Disassociate in the Actions column to disassociate the backup policy from the data sources. After the backup policy is disassociated from the data sources, Cloud Backup no longer performs the backup plan for the data sources.

Warning

After a backup policy is disassociated from a data source, Cloud Backup no longer runs the backup policy for the data source. The data source is no longer protected, and the backups that have been generated are not affected. Proceed with caution.

Delete the backup policy

Choose More > Delete in the Actions column to delete the backup policy. After you delete the backup policy, Cloud Backup no longer runs backup jobs for the associated data sources but retains the backup data.

Warning

After the backup policy is deleted, Cloud Backup no longer runs backup jobs for the associated data sources. The data sources are no longer protected. Proceed with caution.