All Products
Search
Document Center

Security Center:CreateBackupPolicy

Last Updated:Oct 08, 2024

Creates an anti-ransomware policy for servers.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-sas:CreateBackupPolicycreate
  • All Resources
    *
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
NamestringYes

The name of the anti-ransomware policy.

ServerBackUpPolicy01
PolicyobjectYes
  • IsDefault: the type of the anti-ransomware policy. Valid values:

    • 1: recommended policy
    • 0: custom policy
  • Include: the format of the files that you want to protect. If you want to protect the files in all formats, set this field to [].

  • Source: the directory that you want to protect. If you want to protect all directories, set this field to [].

  • ExcludeSystemPath: specifies whether to exclude a specific directory from the anti-ransomware policy. If you want to exclude a directory, set this field to true. If you do not want to exclude a directory, leave this field empty.

  • Exclude: the directory that you want to exclude from the anti-ransomware policy. If you do not want to exclude a directory, set this field to [].

  • Schedule: the start time and interval of a data backup task. We recommend that you specify a start time that begins during off-peak hours but does not start on the hour. Examples:

    • If you set this field to I|1583216092|P21D, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of three weeks.
    • If you set this field to I|1583216092|PT24H, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of 24 hours.
  • Retention: the period during which backup data is retained. Unit: days. If you set this field to 7, backup data is retained for a week. If you set this field to 365, backup data is retained for a year. If you set this field to -1, backup data is permanently retained.

  • SpeedLimiter: the limit on the network bandwidth for data backup tasks. If you set this field to 0:24:30720, the maximum bandwidth for a data backup task is 30 MB/s from 00:00 to 24:00.

  • UseVss: specifies whether to enable the VSS feature. The feature is available only for Windows servers. Valid values:

    • true: yes
    • false: no
Note The VSS feature is available only if you create the anti-ransomware policy for Windows servers. After you enable the feature, the number of backup failures due to running processes is significantly reduced. We recommend that you enable the VSS feature. After you enable the feature, the data of disks that are in the exFAT and FAT32 formats cannot be backed up.
"{"IsDefault":1,"Include":[],"Source":[],"Schedule":"I|1648061040|PT24H","Retention":7,"SpeedLimiter":"","ExcludeSystemPath":true,"Exclude":["/bin/","/usr/bin/","/sbin/","/boot/","/proc/","/sys/","/srv/","/lib/","/selinux/","/usr/sbin/","/run/","/lib32/","/lib64/","/lost+found/","/var/lib/kubelet/","/var/lib/ntp/proc","/var/lib/container","Windows","Python27","Program Files (x86)","Program Files","Boot","$RECYCLE.BIN","System Volume Information","Users\Administrator\NTUSER.DAT*","ProgramData","pagefile.sys","Users\Default\NTUSER.DAT*","Users\Administrator\ntuser.*"],"UseVss":true}"
PolicyVersionstringYes

The version of the anti-ransomware policy. Set the value to 2.0.0.

2.0.0
PolicyRegionIdstringNo

The region ID of the server that is not deployed on Alibaba Cloud.

Note We recommend that you specify the ID of the supported region that is the nearest to the location of the server. You can call the DescribeSupportRegion operation to query the supported regions of the anti-ransomware feature.
ch-hangzhou
UuidListarrayYes

The UUIDs of the servers that you want to protect.

stringYes

The UUIDs of the servers that you want to protect. Separate multiple UUIDs with commas (,).

Note You can call the DescribeCloudCenterInstances operation to query the UUIDs of servers.
3bb30859-b3b5-4f28-868f-b0892c98****

Response parameters

ParameterTypeDescriptionExample
object

The data returned.

RequestIdstring

The ID of the request, which is used to locate and troubleshoot issues.

24A20733-10A0-4AF6-BE6B-E3322413BB68
BackupPolicyobject

The information about the anti-ransomware policy.

Idstring

The ID of the anti-ransomware policy.

1301575
Statusstring

The status of the anti-ransomware policy. Valid values:

  • enabled
  • disabled
Note After you create an anti-ransomware policy, the policy is enabled by default.
enabled

Examples

Sample success responses

JSONformat

{
  "RequestId": "24A20733-10A0-4AF6-BE6B-E3322413BB68",
  "BackupPolicy": {
    "Id": "1301575",
    "Status": "enabled"
  }
}

Error codes

HTTP status codeError codeError messageDescription
400AgentNotOnlineThe agent not online.The error message returned because the Security Center agent is offline. Make sure that the Security Center agent is online and try again.
400AntiRansomwareCapacityUseUpanti ransomware capacity use up-
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-09-25The Error code has changedView Change Details
2023-03-23The Error code has changedView Change Details
2022-08-01The internal configuration of the API is changed, but the call is not affectedView Change Details
2022-08-01The internal configuration of the API is changed, but the call is not affectedView Change Details