This page provides details about backups, backup vaults, and backup policies.
Volume backups
NetApp Volumes supports volume backups, which are copies of your volumes stored independently from the volume. Backups are stored in backup vaults, which are containers for backups. If a volume is lost or deleted, you can use backups to restore your data to a new volume.
When you create the first backup of a volume, all of the volume's used data is sent to the backup vault. Subsequent backups of the same volume only include data that has changed from the previous backup. This allows for fast incremental-forever backups and reduces the required capacity inside the backup vault.
You can create manual and scheduled backups. Manual backups can be taken from a volume or from an existing volume snapshot. Scheduled backups require a backup policy.
Considerations
Backups aren't supported for volumes protected with customer-managed encryption keys (CMEK).
Backups aren't supported for large capacity volumes.
Backups are supported with volume replication. Source volumes allow you to use scheduled backups or to create manual backups. For destination volumes, you must use manual backups. If you try to assign a backup policy to a destination volume, it will fail. When you reverse a volume replication direction, remove the backup policy first from the future destination volume.
Before you use VPC Service Controls, see Limitations of VPC Service Controls for NetApp Volumes for more information.
If you have set a Minimum enforced retention policy on a backup vault that contains the backup, the backup can't be deleted before the scheduled date in the Deletable on field. For more information, see Prevent backup deletion.
Backup vaults
Backup vaults are logical containers that store volume backups. You can create multiple backup vaults within each region, and each vault can store multiple backups for multiple volumes in that region.
There are two types of backup vaults that can exist in a region:
In-region backup vaults: store backups in the same region as the original volume.
Cross-region backup vaults: store backups of a volume in a different region. When you create a cross-region vault, a source vault is created in the volume region, and a destination vault is automatically created in the specified destination region. Both vaults store the backup metadata, but only the destination vault stores the actual backup data. This allows volumes and backups to exist in different regions.
The source vault and the volumes you want to backup must be in the same region.
You can restore backups from the source or destination vault by creating a new volume in the vault's location.
You must specify a name for the source vault while destination vaults are automatically named using the following template:
<source_vault_name>-destination-<4-random-letters>
Considerations
Volumes can only store backups in one vault.
You can only backup a volume to a backup vault in the same region.
In-region backup vaults are generally available (GA) for all service levels. You can restore backups located in in-region vaults to any storage pool, for any service level, in the backup's region.
Cross-region backup vaults are supported for Standard, Premium, and Extreme service levels and aren't available for the Flex service level. You can restore backups located in cross-region vaults to any pool in either the source or destination backup vault location.
When you create a backup vault, you can optionally specify a minimum retention period to apply to each new backup stored in the vault. This retention period applies to all existing and future backups of the selected backup types stored in that vault. For more information, see Prevent backup deletion.
You can't change the type of an existing backup vault.
Region groups
You can create cross-region backup vaults between regions that are part of the same region group. However, you can only restore existing backups by creating a new volume in the source or destination backup vault region. For more information about region groups across different locations, see volume replication.
Backup policies
Backup policies define a schedule for automated backup creation. You can specify how many hourly, daily, weekly, and monthly backups of the volume you want NetApp Volumes to retain. If a policy is attached to a volume and enabled, then backups are generated automatically.
The number of backups to store as defined in the policy must align with the retention period configured in the backup vault. For more information, see Prevent backup deletion.
Scheduled backups
Scheduled backups use the following backup name format to help you identify the exact point in time each backup was taken:
(daily|weekly|monthly)-scheduled-backup-<id>-<timestamp>
The timestamp is UTC in the following format:
<YYYY>-<MM>-<DD>-<hhmmss>
You can't specify the exact time a scheduled backup is created. Scheduled backups that use a backup policy retain the number of specified daily, weekly, and monthly backups. When the maximum amount of backups retained is reached, the oldest backup is deleted.
Prevent backup deletion
The contents of a backup can't be modified. However, IAM users with the appropriate permissions can delete backups. To protect against accidental or malicious deletions by administrators, you have the option to set a retention period for backups that prevents their deletion before that period expires.
Considerations
You can enable this feature on a backup vault by specifying a retention period which must be between 2 to 5475 days, and the type of backups to retain.
You can choose to retain daily, weekly, monthly, or manual backups. You must select at least one backup type.
Each backup created in the vault is assigned an expiry date, calculated by adding the vault's retention period to the backup's creation time. The backup can't be deleted before this expiry date.
The scheduled backups are also protected by deletion prevention.
After you set the minimum retention period for a backup vault, the following considerations are applicable:
The minimum retention period for a backup vault is permanent and can only be increased, but can't be decreased. If you increase the retention period, it adds the extra time to the current expiry date of each existing backup within the vault.
The backup types you choose to retain can't be modified. However, you can add the new backup types.
Make sure that backups are scheduled and retained for a duration that meets or exceeds the defined backup retention period.
For example, if your backup policy specifies 14 daily backups, but you have set a retention period of 30 days for daily backups in the vault, the scheduler will cause issues. The system tries to delete the oldest daily backup after 14 days, but will be blocked until the 30-day retention period ends. It is essential to plan your retention period, the type of backups to retain, and your backup policy carefully. Note that a volume can hold a maximum of 1,000 backups, between manual and scheduled. Once this limit is reached, the older backups can't be deleted, and no new backups can be created.
You are charged for backups. If you use this feature, you can't delete backups before they reach their expiry date. Therefore, it is recommended to plan this feature usage carefully.