Create a protection plan

You can create Resource based and Tag based protection plans in Cloud Snapshot Manager.

Prerequisites

Before creating a protection plan, consider the following:

About this task

Resource-based protection plan enables you to individually select the resources that you want to protect after you set the parameters for discovery of your resources. You can add or remove resources at any point by editing the plan.

Tag based protection plan ensures that resources that comply with the specified tags are backed up as part of the protection plan. Resources can have rules which are defined by tags that you use in the AWS or Azure console and labels that you use in the GCP. Tagging of resources takes place in the cloud provider environment. When a new resource is created with that tag or label, it is automatically assigned to the protection plan. This is a powerful way to automate the protection of new resources. The tagged resources are automatically added to the protection plan, and protection of resources occur at the scheduled time.

Steps

  1. In the Protection Plans page, click New Protection Plan.
  2. Enter relevant details including the following in the Plan Details section and click Next.
    • For AWS resources, select the Backup policy. Then select the Cross-Region policy or the Cross-Account policy or both if applicable.

      Cross-Region and Cross-Account copies are created after a successful backup in the original region. So, schedules enabled in Cross-Region or Cross-Account policies should also be enabled in the selected Backup policy. Snapshot retention time can be different across the policies.

    • For Azure resources, select the Backup policy. Then select the Cross-Region policy if applicable.
    • For GCP resources, select the Backup policy. Cross-Region and Cross-Account policies are not applicable.
  3. In the Resources section, do the following:
    1. Select AWS or Azure or GCP whichever is applicable.
    2. Select the Plan Type that is applicable.
  4. If you have selected Resource Based Plan, click Add Resources and do the following:
    1. In the Select Resources page displayed, select relevant parameters, and click To search for resources..
    2. Select the resources to protect. You can use a different search criteria and select another set of resources to protect.
    3. After using different search criteria and selecting resources, close the window.
      All the resources selected to be protected are displayed in the Resources section.
    4. Click Next.
  5. If you have selected Tag Based Plan, do the following:
    1. Specify parameters including the tag name, the tag value, and click To add resources..
      Here too, you can use different search criteria and select resources. For information about how to use the Tags feature in Cloud Snapshot Manager, see Using tags for tag based protection plans.
      Based on the tag rules specified, all the resources to be protected are displayed in the Resources section.
    2. Click Next.
  6. In the Additional Configuration section, select the options that are applicable based on the resources selected:
    • Data Exclusion - Click Exclude data volumes to exclude all attached volumes from a backup except the volume on which the VM's operating system is installed.
    • Application Consistency (AWS) - Click Enable AWS Application Consistency and do one of the following based on your requirement:
      • Select Execute VSS Snapshot of Eligible Windows VMs to take VSS snapshots.
      • Select Execute Custom Scripts to run custom scripts. For custom scripts, provide either the SSM document name to run before the snapshot is taken or after the snapshot is taken or both. Also, provide timeout for execution of the script.
    • Application Consistency (Azure) - Click Enable Azure Application Consistency. Provide either the script name to run before the snapshot is taken or after the snapshot is taken or both. Also, provide timeout for execution of the script.

      The Application Consistency option is available only when at least one VM is selected to be added to the protection plan. If Cloud Snapshot Manager is unable to take an application consistent snapshot due to any of the requirements not being met, a crash consistent snapshot is taken.

      While taking an application consistent snapshot of an Azure VM, there must not be any custom script extension installed in the VM. There is a limitation from Azure that only one custom script extension can be present in a VM, and Cloud Snapshot Manager uses custom script extension for running pre and post scripts. If a custom script extension is already present in the VM, then the application consistent snapshot job fails to run pre or post scripts and only be partially completed.

    • Application Consistency (GCP) - Click Enable GCP Application Consistency. While taking an application consistent snapshot of a GCP Linux VM, prepare the guest environment. Create Pre-Post Shell script on guest environment. For more information, see Application consistent backup for GCP Linux VMs section. Application Consistent Windows VSS snapshots are not supported. For Windows VM, VSS snapshots works only on Windows instances with image version v20160810 or latest version..
    • DDVE Copy - For the VM regions specified in the section, select the required DDVE appliance and Storage Unit to copy snapshots to for long term retention. Currently, only AWS and Azure VMs are supported for copying to DDVE.

      For Azure tag based protection plan, you must be aware of the regions where your tagged resources are located and manually add those regions in the DDVE Copy section.

  7. Click Save.

Results

Protection jobs automatically trigger to create and delete snapshots according to the policies that you have set for the plan. To view the snapshots taken, go to the Snapshots page and for information about how to search for the snapshots, see Search snapshots. The Storage Type for snapshots copied to DDVE is DDVE.