Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Severity :

...

High

Description:

...

This control ensures that OCI block volume backup policies

...

are configured. It is recommended to have backups automatically on each block volume  on a schedule and retain them based on the selected backup policy. The block volume can be restored during data loss events from the backups. The block volume backup policies also provide data compliance and regulatory requirements.

Remediation Steps:

Perform following to create a scheduled backup for block volume :

  1. Login to the OCI console at https://www.oracle.com/cloud/sign-in

...

  1. .html.

  2. Create a backup policy if using used defined backup policy

    1. In navigation menu click Storage.

    2. Under Block Storage, click Backup Policies.

    3. Click Create Backup Policy.

    4. Specify a name for the backup policy. 

    5. Select the compartment to create the backup policy in.

    6. Optionally, you can enable cross region copy to the specified region. This automates the copying of the volume backup to a second region after each backup is created. To enable cross region copy, select a target region from the Cross Region Copy Target list. This is the region the volume backup will be copied to.

    7. Click Create Backup Policy.

  3. Add a schedule to a user defined backup policy

    1. In navigation menu click Storage.

    2. Under Block Storage, click Backup Policies.

    3. Click the backup policy to add the schedule.

    4. Click Add Schedule.

    5. Specify the backup frequency by selecting from the Schedule Type options: DailyWeeklyMonthly, or Yearly

    6. Specify the Retention Time in days, weeks, months, or years, depending on the schedule type selected.

    7. Select Full or Incremental for Backup Type

    8. Select the Timezone to base the schedule settings on, either UTC or Regional Data Center Time.

    9. Click Add Schedule.

  4. Assign backup policy to volume

    1. In navigation menu click Storage.

    2. Under Block Storage, click Block Volumes.

    3. Click the volume for which you want to assign a backup policy to.

    4. On the Block Volume Information tab, in  Scheduled Backups, check the Managed By field.

Important:

  • Scheduled volume backups are not guaranteed to start at the exact time specified by the backup schedule. There may be several hours of delay between the scheduled start time and the actual start time for the volume backup in scenarios where the system is overloaded.

  • Oracle defined policies doesn’t include full backups , but provides incremental backup. Some compliance scenarios may require scheduled full backups. For these compliance scenarios, configure a user defined backup policy instead

Reference: