Cloud Firewall lets you back up and roll back access control policies for the Internet firewall, NAT firewalls, and VPC firewall. You can back up your access control policies at a specific point in time. This lets you quickly revert your access control policy configurations to that point as needed.
Limits
You can only back up and roll back all access control policies for the Internet firewall, NAT firewalls, and VPC firewall together. You cannot perform these operations on policies for Internet border access control or NAT border access control separately. After a rollback, the policies for both Internet border access control and NAT border access control revert to their state at the time of the backup.
Each Alibaba Cloud account can have a maximum of 12 policy backup records.
If you reach the limit of 12 records, you must delete an existing backup record to create a new one.
Back up access control policies
You can only roll back to access control policies that have been backed up.
Log on to the Cloud Firewall console.
In the navigation pane on the left, choose .
On the Toolbox page, click View Backup.
On the Policy Backup and Rollback page, click Create Backup.
In the Create Backup Policy dialog box, enter a description for the backup policy and click OK.
Configuration Item
Description
Backup Time
The time when the access control policy backup was created.
Policies
The number of bidirectional access control policies for Internet firewall and VPC firewall access control policies created under the current Alibaba Cloud account.
Description
The description for the policy backup that you entered when creating the access control policy backup.
NoteThe policy backup description can contain a maximum of 256 characters. When rolling back policies, use this description and the backup time to identify the correct backup record. Therefore, fill in the backup description carefully to distinguish between backup records later.
The new policy backup record is added to the Policy Backup and Rollback page.
Roll back access control policies
A policy rollback replaces your current access control policies with the policies from the backup. To prevent service interruptions, we recommend that you follow this process:
Use the policy rollback feature to restore policies from a backup.
Log on to the Cloud Firewall console.
In the navigation pane on the left, choose .
On the Toolbox page, click View Backup.
On the Policy Backup and Rollback page, find the backup record that you want to restore and click Use Backup.
In the Are you sure that you want to roll back the backup? dialog box, click OK.
NoteThe policy rollback process takes only a few seconds.
A timeout may occur if you have many policies or if multiple users perform rollback operations at the same time. If a timeout occurs, follow the on-screen instructions.
If a policy rollback fails, your current access control policies remain unchanged.
Delete backup policies
To delete a policy backup record, on the Policy Backup and Rollback page, find the record that you want to delete, and click Delete Backup.
Deleted backup policies cannot be recovered. Proceed with caution.