Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Creating a backup policy

Written by
Improved by
Updated at May 13, 2025

Creating a policy becomes available after you activate Cloud Backup.

You can create or update a policy using the Yandex Cloud management console, Terraform, or a JSON specification via the Yandex Cloud CLI or API.

Note

You cannot create backup policies with some advanced settings in the Yandex Cloud management console. Use the CLI, Terraform, or API to create such policies.

After activation, the system automatically creates the following backup policies:

  • Default daily: Daily incremental backup with the last 15 backups retained.
  • Default weekly: Weekly incremental backup with the last 15 backups retained.
  • Default monthly: Monthly incremental backup with the last 15 backups retained.

Note

Backups are created based on the VM's or Yandex BareMetal server's local time. There may be a slight delay in the schedule depending on the current service load.

  1. In the management console, select the folder where you want to create a backup policy.

  2. In the list of services, select Cloud Backup.

  3. Navigate to the Backup policies tab.

  4. Click Create policy.

  5. On the backup policy creation page:

    • Enter a name. The naming requirements are as follows:

      • It must be from 2 to 63 characters long.
      • It may contain lowercase Latin letters, numbers, and hyphens.
      • It must start with a letter and cannot end with a hyphen.

    • Select the type of backup:

      • Incremental: Saves only data that is different from the previous backup. On the first run, a full backup of the resource will be made.
      • Full: Saves all VM or BareMetal server data.

    • Under Schedule, specify:

      • Frequency: Select the backup frequency:
        • Every day. Either once a day at a specified time or several times a day at a particular interval within the specified time period.
        • Weekly. Select days of the week and time for backups on those days.
        • Monthly. Specify the months, day of the month, and time for backups.

      Backups are created based on the VM's or BareMetal server's local time. There may be a slight delay in the schedule depending on the current service load.

    • For incremental backups, you can enable Create a full copy once a week and select the day of the week for the full backup. On the selected day, a full backup will be created instead of an incremental one.

    • Under Retention settings, set the backup retention policy:

      • Retain all copies: All backups created under this backup policy will be retained.

      • Only the last: Specify the number of recent backups you want to retain or the number of days, weeks, or months for which to retain the backups. All other backups are deleted automatically.

        Note

        If your policy is created via the management console, subsequent updates of backup retention settings will take effect only after you create another backup. If the changes have not taken effect, detach the policy from the VM or BareMetal server and then reattach it.

    • Under Additional:

      • Optionally, enable Fast backup to accelerate creating incremental backups. The presence of changes in the file will be determined by size, date, and last update time. If the option is disabled, Cloud Backup will compare the contents of all files with the backup contents. This option does not work for volumes with JFS, ReiserFS3, ReiserFS4, ReFS, or XFS file systems.

      • Optionally, enable Multivolume snapshot to create time-synchronized data backups spanning several volumes. This parameter decides whether snapshots of several volumes will be created simultaneously or one after another.

    • Optionally, select a data Compression in the backup. The higher the compression level, the longer it takes to create a backup, but such a backup will be smaller in size. How efficient compression is depends on the type of data you are backing up: files that are already compressed, such as JPG, PDF, or MP3, are difficult to compress further, unlike, for example, DOC or XLS.

      Note

      You can only select a compression level when creating a policy. You cannot change it for an existing policy.

    • Optionally, under Repeat operation on task failure, specify backup settings in the event of failure:

      • Number of attempts: Maximum number of retry attempts. If reached, the operation is considered failed. Attempts will stop as soon as the operation succeeds or when the specified number of attempts is reached, whichever comes earlier.
        Does not apply if the backup was started manually.
      • Time between attempts: Interval between retries.

    • Optionally, under Error handling, configure Cloud Backup behavior if errors occur:

      • Repeat operation on task failure: Retry settings in case of backup errors:
        • Number of attempts: Maximum number of retry attempts.
        • Time between attempts: Interval between retries.
      • Retry in case of an error while creating a snapshot: Retry settings in case of snapshot errors:
        • Number of attempts: Maximum number of retry attempts.
        • Time between attempts: Interval between retries.

    • Optionally, under File filters, you can use filters to exclude specific files and folders from your backups or do the opposite and back up only specific file system items:

      • Do not backup files that meet the following criteria.
      • Only backup files that meet the following criteria.

      Exclusion filters take precedence over inclusion filters.

      To include or exclude files, add some criteria, e.g., filenames, paths, or masks. Wildcards * and ? are supported. Use a new line for each criterion. Criteria are case-insensitive.

  6. Click Save.

If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the CLI command to create a backup policy:

    yc backup policy create --help

  2. Specify the configuration of the backup policy you are creating as a data schema in JSON format.

    Sample configuration file
    {
  "compression": "NORMAL",
  "format": "AUTO",
  "multiVolumeSnapshottingEnabled": true,
  "preserveFileSecuritySettings": true,
  "reattempts": {
    "enabled": true,
    "interval": {
      "type": "SECONDS",
      "count": "30"
    },
    "maxAttempts": "30"
  },
  "silentModeEnabled": true,
  "splitting": {
    "size": "1099511627776"
  },
  "vmSnapshotReattempts": {
    "enabled": true,
    "interval": {
      "type": "MINUTES",
      "count": "5"
    },
    "maxAttempts": "3"
  },
  "vss": {
    "enabled": true,
    "provider": "TARGET_SYSTEM_DEFINED"
  },
  "archive": {
    "name": "'[Machine Name]-[Plan ID]-[Unique ID]A'"
  },
  "performanceWindow": {
  },
  "retention": {
    "rules": [
      {
        "maxCount": "10"
      }
    ],
    "beforeBackup": true
  },
  "scheduling": {
    "backupSets": [
      {
        "time": {
          "weekdays": [
            "MONDAY"
          ],
          "repeatAt": [
            {
              "minute": "5"
            }
          ],
          "type": "WEEKLY"
        }
      }
    ],
    "enabled": true,
    "maxParallelBackups": "2",
    "randMaxDelay": {
      "type": "MINUTES",
      "count": "30"
    },
    "scheme": "ALWAYS_INCREMENTAL",
    "weeklyBackupDay": "MONDAY"
  },
  "cbt": "ENABLE_AND_USE",
  "fastBackupEnabled": true,
  "quiesceSnapshottingEnabled": true
}

    Save the configuration to a .json file.

    The example describes a configuration for a backup policy that will create incremental VM or BareMetal server backups every Monday at 00:05 (UTC+0). Only the last 10 backups will be stored.

    See the full backup policy specification for details.

  3. Create a backup policy:

    yc backup policy create \
  --name <policy_name> \
  --settings-from-file <path_to_configuration_file>

    Where:

    • --name: Name of the backup policy you are creating.
    • --settings-from-file: Path to the backup policy configuration file in JSON format.

    Result:

    id: cbq5rwepukxn********
name: test2
created_at: "2023-07-03T08:24:16.735555276Z"
updated_at: "2023-07-03T08:24:16.746377738Z"
enabled: true
settings:
  compression: NORMAL
  format: AUTO
  multi_volume_snapshotting_enabled: true
  preserve_file_security_settings: true
  reattempts:
    enabled: true
    interval:
      type: SECONDS
      count: "30"
    max_attempts: "30"
  silent_mode_enabled: true
  splitting:
    size: "1099511627776"
  vm_snapshot_reattempts:
    enabled: true
    interval:
      type: MINUTES
      count: "5"
    max_attempts: "3"
  vss:
    enabled: true
    provider: TARGET_SYSTEM_DEFINED
  archive:
    name: '''[Machine Name]-[Plan ID]-[Unique ID]A'''
  performance_window: {}
  retention:
    rules:
      - max_count: "10"
    before_backup: true
  scheduling:
    backup_sets:
      - time:
          weekdays:
            - MONDAY
          repeat_at:
            - minute: "5"
          type: WEEKLY
    enabled: true
    max_parallel_backups: "2"
    rand_max_delay:
      type: MINUTES
      count: "30"
    scheme: ALWAYS_INCREMENTAL
    weekly_backup_day: MONDAY
  cbt: ENABLE_AND_USE
  fast_backup_enabled: true
  quiesce_snapshotting_enabled: true
folder_id: d2q792qpemb4********

    For more information about the command, see the CLI reference.

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the documentation on the Terraform website or mirror website.

If you do not have Terraform yet, install it and configure its Yandex Cloud provider.

To create a backup policy:

  1. In the Terraform configuration file, describe the backup policy parameters:

    resource "yandex_backup_policy" "my_policy" {
    archive_name                      = "[Machine Name]-[Plan ID]-[Unique ID]a"
    cbt                               = "USE_IF_ENABLED"
    compression                       = "NORMAL"
    fast_backup_enabled               = true
    format                            = "AUTO"
    multi_volume_snapshotting_enabled = true
    name                              = "<backup_policy_name>"
    performance_window_enabled        = true
    preserve_file_security_settings   = true
    quiesce_snapshotting_enabled      = true
    silent_mode_enabled               = true
    splitting_bytes                   = "9223372036854775807"
    vss_provider                      = "NATIVE"

    reattempts {
        enabled      = true
        interval     = "1m"
        max_attempts = 10
    }

    retention {
        after_backup = false

        rules {
            max_age       = "365d"
            repeat_period = []
        }
    }

    scheduling {
        enabled              = false
        max_parallel_backups = 0
        random_max_delay     = "30m"
        scheme               = "ALWAYS_INCREMENTAL"
        weekly_backup_day    = "MONDAY"

        execute_by_time {
            include_last_day_of_month = true
            monthdays                 = []
            months                    = [1,2,3,4,5,6,7,8,9,10,11,12]
            repeat_at                 = ["04:10"]
            repeat_every              = "30m"
            type                      = "MONTHLY"
            weekdays                  = []
        }
    }

    vm_snapshot_reattempts {
        enabled      = true
        interval     = "1m"
        max_attempts = 10
    }
}

    Where:

    • archive_name: Names of generated archives. This is an optional parameter. The parameter variables include:

      Make sure the last character in the generated archive name is not a variable.

    • cbt: Configuration for tracking backup contents. This is an optional parameter. It can take either of these two values:

      • CHANGED_BLOCK_TRACKING_UNSPECIFIED: Not specified.
      • USE_IF_ENABLED: Use if enabled.
      • ENABLE_AND_USE: Enable and use.
      • DO_NOT_USE: Do not use.

      The default value is DO_NOT_USE.

    • compression: Backup compression ratio. This is an optional parameter. It can take either of these two values:

      • NORMAL: Standard compression ratio.
      • HIGH: High compression ratio.
      • MAX: Maximum compression ratio.
      • OFF: Disabled.

      The default value is NORMAL.

    • fast_backup_enabled: Fast backup for tracking changes to files. When enabled, file changes are detected by the file size and its timestamp. When disabled, files are checked for changes by comparing their contents to backed up files. It can either be true or false.

    • format: Backup format. This is an optional parameter. It can take either of these two values:

      • VERSION_11: Deprecated format, not recommended.
      • VERSION_12: Recommended format for high-speed backup and recovery.
      • AUTO: Automatic format selection. The default option is VERSION_12, unless you are creating incremental backups for the images created in other versions.

    • multi_volume_snapshotting_enabled: Creating backups for multiple volumes at the same time. This is an optional parameter. It can either be true or false.

    • name: Name of the backup policy.

    • performance_window_enabled: Time windows to limit backup performance. This is an optional parameter. It can either be true or false. The default value is false.

    • preserve_file_security_settings: Retain security file settings. This is an optional parameter. It can either be true or false. The default value is true. We recommend using the true value.

    • quiesce_snapshotting_enabled: Use quiescing mode when creating backups. This is an optional parameter. It can either be true or false. The default value is false.

    • silent_mode_enabled: Silent mode that assumes minimum interaction with users. This is an optional parameter. It can either be true or false. The default value is true.

    • splitting_bytes: Defines the size for splitting backups. This is an optional parameter. The default value is 9223372036854775807.

    • vss_provider: VSS settings. This is an optional parameter. It can either be NATIVE or TARGET_SYSTEM_DEFINED. The default value is NATIVE.

    • reattempts: Defines repeat attempts in case the backup operation fails:

      • enabled: Retry creating a backup if non-critical errors occur (e.g., when failing to connect to a target disk). This is an optional parameter. It can either be true or false. The default value is true.
      • interval: Interval between retries. This is an optional parameter. The default value is 5m.
      • max_attempts: Maximum number of retry attempts. If reached, the operation is considered failed. This is an optional parameter. The default value is 5.

    • retention: Backup retention options:

      • after_backup: Apply backup retention rules after the backup is completed. It can either be true or false.

      • rules: Backup retention rules:

        • max_age: Delete backups whose age exceeds max_age.
        • max_count: Delete backups if their number exceeds max_count.
        • repeat_period: Period for applying the rules.

        The max_age and max_count attributes are mutually exclusive. i.e., the use of one makes it impossible to use the other.

    • scheduling: Backup scheduling options:

      • enabled: Enable backup scheduling. This is an optional parameter. It can either be true or false. The default value is true.

      • max_parallel_backups: Maximum number of concurrent backups. This is an optional parameter. The default value is 0 (unlimited).

      • random_max_delay: Sets a random delay between concurrent jobs. This is an optional parameter. The default value is 30m.

      • scheme: Backup schedule scheme. This is an optional parameter. It can take either of these two values:

        • ALWAYS_INCREMENTAL: Always incremental.
        • ALWAYS_FULL: Always full.
        • WEEKLY_FULL_DAILY_INCREMENTAL: Create an incremental backup every day and a full one weekly.
        • WEEKLY_INCREMENTAL: Create an incremental backup every week.

        The default value is ALWAYS_INCREMENTAL.

      • weekly_backup_day: Day of the week when the weekly backup is run. This is an optional parameter. The default value is MONDAY.

      • execute_by_time: Settings for backups at a specific time:

        • include_last_day_of_month: Running backups on the last day of each month. This is an optional parameter. It can either be true or false. The default value is false.
        • monthdays: List of days to to which the schedule applies. This is an optional parameter. It can be used for the MONTHLY format.
        • months: List of months to which the schedules applies. This is an optional parameter.
        • repeat_at: List of time values in HH:MM (24-hour) format to which the schedule applies. This is an optional parameter.
        • repeat_every: Frequency for repeat backups. This is an optional parameter.
        • type: Schedule type. The possible values are HOURLY, DAILY, WEEKLY, and MONTHLY.
        • weekdays: List of days of the week to which the schedule applies. It can be used for the WEEKLY format.

    • vm_snapshot_reattempts: Backup retries in case of failures:

      • enabled: Retry a backup if any errors occur. This is an optional parameter. It can either be true or false. The default value is true.
      • interval: Interval between retries. This is an optional parameter. The default value is 5m.
      • max_attempts: Maximum number of retry attempts. If reached, the operation is considered failed. This is an optional parameter. The default value is 5.

    For more information about yandex_backup_policy properties, see this Terraform article.

  2. Create the resources:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

    Terraform will create all required resources. You can check the new resources in the management console or using this CLI command:

    yc backup policy list

To create a backup policy, use the create REST API method for the Policy resource or the PolicyService/Create gRPC API call.

See also

Previous
Restoring a Cloud Backup agent
Next
Updating a policy