Managing policies
Creating a policy
Policies are created and defined from the Policies page, click Create to launch the Create policy wizard. Creating a policy involves the following high-level steps:
- Type a name for the policy.
- Select an asset type to protect from the Add asset type drop down menu.
- Configure policy settings for the selected backup type. Select a backup frequency and retention periods that conform to the asset's backup requirements.
- Use the additional options to specify a window of time when the backups can take place (backup window), select the Start Time checkbox, and specify the time zone and start and end times of the backup window, if you don't select specific times, the backup window is for 24 hours. When the backup window is enabled, recurring backups will only occur between the stated start and end times.
- Select a backup tier if applicable to the asset.
- Choose whether to store the backups in the same region that the asset is located (in-region), or in another region (out-of-region) that's available from the drop down menu. If you choose to backup out-of-region, AWS transfer fees will apply.
- If you are creating a policy for AWS EBS volumes, AWS EC@ instances, AWS DynamoDB tables, or AWS RDS resources, you can also choose to protect your assets using Clumio managed AWS snapshots. A policy can contain both types of backup.
- If the policy is for DynamoDB, then you can also choose to enable continuous backup.
- Review your settings on the Create policy screen. Asset types are grouped in sets. You can add more asset types to protect in this policy, edit your selections, or save the policy.
A single policy can apply more than one asset type, with each asset type having it;s own frequency and retention settings. However, you can only add assets one at a time. To add more assets to the same policy:
- Once you click Add, the Create policy screen displays. To add another asset type to the same policy, select one from the Asset type drop down list.
- The configuration screen for that asset displays. Make your selections and click Add. That asset type is now included in the same policy.
After you create a policy, you must apply the policy to your assets using AWS protection rules or directly to the asset. Refer to the documentation for each asset type to learn how to apply a policy to that asset.
Activating or deactivating policies
When a policy is created, it is activated by default. This means when you apply that policy to an asset, all scheduled backup tasks defined in that policy are performed. An active policy must be applied to an asset in order to protect it. Deactivating a policy stops all of the policy's scheduled tasks from running, affecting all assets assigned to the policy. When you deactivate a policy, any tasks that have already started ("In progress") or are waiting to start ("Queued") will be unaffected; instead, those tasks will finish to completion.
To activate or deactivate one or more policies, make your selections on the backup policies page and click Activate or Deactivate. A dialog box displays informing you about the assets affected by this action and prompting you to confirm the action.
Copying policies
You can copy a policy and save it with a new name or edit the settings to create a new policy. To copy a policy, from the Manage Policy tab on the Policies page, click the icon in the Actions column for the policy that you want to copy. The Summary screen of the Create Policy wizard displays with "_copy" appended to the policy name. You can edit this name. You can also change the backup frequency and retention periods for existing asset types, remove or add asset types, and also change the advanced settings.
Editing policies
- To edit a policy, Backup policies page, click the edit icon in the Actions column in the same row as the policy that you want to edit.
- The Edit policy screen of the Create policy wizard displays.
- Make changes to the policy name, frequency and retention settings, change backup window settings (if applicable to the selected asset), change the backup tier or backup region, and Clumio-managed AWS snapshot settings.
- Save your changes. Changes to backup tier, retention and frequency, or backup destination settings may trigger a seeding backup task.
Deleting policies
You can delete a policy at any time. When you delete a policy, removes it from all of the assets that are protected by the policy.
To delete a policy, click the delete icon in the Actions column, a dialog displays indicating any assets that will be unprotected when you delete this policy. You can choose to review the affected assets before confirming the policy deletion.
Removing directly assigned policies
The Direct Policy Assignment rule shows you which assets have had policies directly assigned from the protect page for that asset. This cannot be deleted. You can however, remove a directly assigned policy from an asset.
- Navigate to the Protect > AWS protection rules page.
- In the Direct Policy Assignment rule row, click the number in the Covered assets column. The Directly assigned assets dialog displays.
- The dialog indicates how many assets are covered by this rule. Click the relevant resource tab, select the asset from the table, and click Remove direct assignment.
The directly assigned policy no longer applies to the asset.
Updated 8 months ago