All Products
Search

This Product

    Cloud Firewall:Back up and roll back access control policies

    Document Center

    Cloud Firewall:Back up and roll back access control policies

    Last Updated:Jan 08, 2026

    You can use Cloud Firewall to back up and roll back access control policies for Internet, NAT, and VPC boundary firewalls. You can create backups to save policy configurations at specific points in time and quickly roll back to a saved state when needed.

    Limitations

    • The policy backup and rollback feature is available only in the Enterprise and Ultimate editions.

    • You can only perform a full backup and rollback of access control policies for Internet, NAT,and VPC boundary firewallsas a whole, not for individual firewall types.After a rollback, the policies for all applicable firewalls are restored to their state at the time of the backup.

    • Each Alibaba Cloud account can store a maximum of 12 policy backup records.

      To create a new backup after the 12-record limit is reached, you must delete an existing backup.

    Back up access control policies

    Before you can roll back policies, you must first create a backup.

    1. Log on to the Cloud Firewall console.

    2. In the left-side navigation pane, choose System Settings > Toolbox.

    3. On the Toolbox page, click View Backup.

    4. On the Policy Backup and Rollback page, click Create Backup.

    5. In the Create Backup Policy dialog box, enter a description for the backup and click OK.

      Parameter

      Description

      Backup Time

      The creation time of the policy backup.

      Policies

      The total number of access control policies for the Internet firewall (inbound and outbound), NAT firewall, and VPC boundary firewall under your Alibaba Cloud account.

      Description

      The description that you enter for the policy backup when you create it.

      Note

      The description can be up to 256 characters long. Because you use the description and backup time to identify backups during a rollback, we recommend writing a clear and distinctive description.

      The new policy backup appears on the Policy Backup and Rollback page.

    Roll back access control policies

    A policy rollback replaces your current access control policies with the backed-up version. To ensure a smooth process, follow the recommended procedure:

    Follow these steps to restore policies from a backup.

    1. Log on to the Cloud Firewall console.

    2. In the left-side navigation pane, choose System Settings > Toolbox.

    3. On the Toolbox page, click View Backup.

    4. On the Policy Backup and Rollback page, find the backup record you want to restore and click Use Backup.

    5. In the Confirm dialog box, click OK.

      Note

      • A policy rollback typically completes within seconds.

      • A timeout may occur if you have a large number of policies or if multiple users perform rollbacks simultaneously. If a timeout occurs, follow the on-screen instructions.

      • If a rollback fails, your current access control policies are not affected.

    Delete policy backups

    To delete a policy backup, go to the Policy Backup and Rollback page, find the backup you want to remove, and click Delete Backup.

    Warning

    After a policy backup is deleted, it cannot be restored. Proceed with caution.

    Related documents