Anti-Ransomware Policy API Reference - Security Center

Retrieves the details of an anti-ransomware policy for servers.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-sas:DescribeBackupPolicy

get

*BackupPolicy

acs:yundun-sas:{#regionId}:{#accountId}:backuppolicy/{#BackupPolicyId}

None

Request parameters

Parameter	Type	Required	Description	Example
Id	integer	Yes	The ID of the anti-ransomware policy. Note You can call the DescribeBackupPolicies operation to query the IDs of anti-ransomware policies.	51880

Response elements

Element	Type	Description	Example
	object	The data returned.
RequestId	string	The ID of the request, which is used to locate and troubleshoot issues.	A4EB8B1C-1DEC-5E18-BCD0-D1BBB3936FA7
BackupPolicyDetail	object	The details of the anti-ransomware policy.
Status	string	The status of the anti-ransomware policy. Valid values: enabled: The anti-ransomware policy is manually enabled. disabled: The anti-ransomware policy is manually disabled. After an anti-ransomware policy is disabled, the data backup task that is running based on the policy stops. closed: The anti-ransomware policy automatically stops because the anti-ransomware capacity is insufficient.	closed
PolicyVersion	string	The version of the anti-ransomware policy. 1.0.0 2.0.0	2.0.0
Policy	string	IsDefault: the type of the anti-ransomware policy. Valid values: 1: recommended policy 0: custom policy Include: the format of the files that you want to protect. If you want to protect the files in all formats, set this field to []. Source: the directory that you want to protect. If you want to protect all directories, set this field to []. ExcludeSystemPath: specifies whether to exclude a specific directory from the anti-ransomware policy. If you want to exclude a directory, set this field to true. If you do not want to exclude a directory, leave this field empty. Exclude: the directory that you want to exclude from the anti-ransomware policy. If you do not want to exclude a directory, set this field to []. Schedule: the start time and interval of a data backup task. We recommend that you specify a start time that begins during off-peak hours but does not start on the hour. Examples: If you set this field to I\|1583216092\|P21D, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of three weeks. If you set this field to I\|1583216092\|PT24H, the data backup task starts from 2020-03-03 14:14:52, and the task is run at an interval of 24 hours. Retention: the period during which backup data is retained. Unit: days. If you set this field to 7, backup data is retained for a week. If you set this field to 365, backup data is retained for a year. If you set this field to -1, backup data is permanently retained. SpeedLimiter: the limit on the network bandwidth for data backup tasks. If you set this field to 0:24:30720, the maximum bandwidth for a data backup task is 30 MB/s from 00:00 to 24:00. UseVss: specifies whether to enable the VSS feature. The feature is available only for Windows servers. Valid values: true: yes false: no Note The VSS feature is available only if you create the anti-ransomware policy for Windows servers. After you enable the feature, the number of backup failures due to running processes is significantly reduced. We recommend that you enable the VSS feature. After you enable the feature, the data of disks that are in the exFAT and FAT32 formats cannot be backed up.	{ "Exclude": [ "/bin/", "/usr/bin/", "/sbin/", "/boot/", "/proc/", "/sys/", "/srv/", "/lib/", "/selinux/", "/usr/sbin/", "/run/", "/lib32/", "/lib64/", "/lost+found/", "/var/lib/kubelet/", "/var/lib/ntp/proc", "/var/lib/container", "Windows\\", "Python27\\", "Program Files (x86)\\", "Program Files\\", "Boot\\", "$RECYCLE.BIN", "System Volume Information\\", "Users\\Administrator\\NTUSER.DAT", "ProgramData\\", "pagefile.sys", "Users\\Default\\NTUSER.DAT", "Users\\Administrator\\ntuser.*" ], "ExcludeSystemPath": true, "Include": [], "IsDefault": 1, "Retention": 7, "Schedule": "I\|1630689360\|PT24H", "Source": [], "SpeedLimiter": "", "UseVss": true }
ClientStatus	string	The status of the anti-ransomware agent. Valid values: running: normal exception: abnormal	running
Name	string	The name of the anti-ransomware policy.	testBuckUp
Id	integer	The ID of the anti-ransomware policy.	51880
RegionId	string	The ID of the region in which backup data is stored.	cn-beijing
UuidList	array	An array consisting of the UUIDs of the servers to which the anti-ransomware policy is applied.
	string	The UUID of the server to which the anti-ransomware policy is applied.	inet-49611a6b-a98a-455d-a18a-92af9265****

Examples

Success response

JSON format

{
  "RequestId": "A4EB8B1C-1DEC-5E18-BCD0-D1BBB3936FA7",
  "BackupPolicyDetail": {
    "Status": "closed",
    "PolicyVersion": "2.0.0",
    "Policy": "{\n      \"Exclude\": [\n            \"/bin/\",\n            \"/usr/bin/\",\n            \"/sbin/\",\n            \"/boot/\",\n            \"/proc/\",\n            \"/sys/\",\n            \"/srv/\",\n            \"/lib/\",\n            \"/selinux/\",\n            \"/usr/sbin/\",\n            \"/run/\",\n            \"/lib32/\",\n            \"/lib64/\",\n            \"/lost+found/\",\n            \"/var/lib/kubelet/\",\n            \"/var/lib/ntp/proc\",\n            \"/var/lib/container\",\n            \"Windows\\\\\",\n            \"Python27\\\\\",\n            \"Program Files (x86)\\\\\",\n            \"Program Files\\\\\",\n            \"Boot\\\\\",\n            \"$RECYCLE.BIN\",\n            \"System Volume Information\\\\\",\n            \"Users\\\\Administrator\\\\NTUSER.DAT*\",\n            \"ProgramData\\\\\",\n            \"pagefile.sys\",\n            \"Users\\\\Default\\\\NTUSER.DAT*\",\n            \"Users\\\\Administrator\\\\ntuser.*\"\n      ],\n      \"ExcludeSystemPath\": true,\n      \"Include\": [],\n      \"IsDefault\": 1,\n      \"Retention\": 7,\n      \"Schedule\": \"I|1630689360|PT24H\",\n      \"Source\": [],\n      \"SpeedLimiter\": \"\",\n      \"UseVss\": true\n}",
    "ClientStatus": "running",
    "Name": "testBuckUp",
    "Id": 51880,
    "RegionId": "cn-beijing",
    "UuidList": [
      "inet-49611a6b-a98a-455d-a18a-92af9265****"
    ]
  }
}

Error codes

HTTP status code	Error code	Error message	Description
500	ServerError	ServerError
403	NoPermission	caller has no permission	You are not authorized to do this operation.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.