NetBackup™ Web UI Cloud Administrator's Guide

Last Published:
Product(s): NetBackup (11.0)
  1. Managing and protecting cloud assets
    1.  
      About protecting cloud assets
    2.  
      Limitations and considerations
    3.  
      AWS and Azure government cloud support
    4. Configure Snapshot Manager in NetBackup
      1.  
        Add a Snapshot Manager
      2. Add a cloud provider for a Snapshot Manager
        1.  
          Adding a new region
        2.  
          IAM Role for AWS Configuration
        3.  
          IAM policy for OCI configuration
      3.  
        Associate media servers with a Snapshot Manager
      4.  
        Discover assets on Snapshot Manager
      5.  
        Enable or disable a Snapshot Manager
      6.  
        (Optional) Add the Snapshot Manager extension
    5. Managing intelligent groups for cloud assets
      1.  
        Considerations for cloud intelligent groups
      2.  
        Create an intelligent group for cloud assets
      3.  
        Delete an intelligent group for cloud assets
    6. Protecting cloud assets or intelligent groups for cloud assets
      1.  
        Customize or edit protection for cloud assets or intelligent groups
      2.  
        Remove protection from cloud assets or intelligent groups
    7. About storage lifecycle policies
      1.  
        Adding an SLP
      2.  
        SLP configurations for PaaS and IaaS policies
    8. Managing policies for cloud assets
      1.  
        Limitations and considerations
      2.  
        Planning for policies
      3.  
        Creating policies for cloud assets
      4.  
        Setting up attributes for PaaS assets
      5.  
        Setting up attributes for IaaS assets
      6.  
        Creating schedules
      7.  
        About backup frequency
      8.  
        About assigning retention periods
      9. Configuring the Start window
        1.  
          Example of schedule duration
      10.  
        Configuring the include dates
      11.  
        Configuring the exclude dates
      12.  
        Configuring the cloud assets for PaaS
      13.  
        Configuring the cloud assets for IaaS
      14.  
        Configuring backup options for IaaS
      15. Managing cloud policies
        1.  
          Copy a policy
        2.  
          Deactivating or deleting a policy
        3.  
          Manually backup assets
    9. Scan for malware
      1.  
        Scanning backup images
      2.  
        Assets by workload type
    10. Protecting Microsoft Azure resources using resource groups
      1.  
        Before you begin
      2.  
        Limitations and considerations
      3. About resource group configurations and outcome
        1.  
          Examples of resource group configurations
      4.  
        Troubleshoot resource group permissions
    11. NetBackup Accelerator for cloud workloads
      1.  
        How the NetBackup Accelerator works with virtual machines
      2.  
        Accelerator forced rescan for virtual machines (schedule attribute)
      3.  
        Accelerator backups and the NetBackup catalog
      4.  
        Accelerator messages in the backup job details log
    12.  
      Configuring backup schedules for cloud workloads using protection plan
    13.  
      Backup options for cloud workloads
    14. AWS Snapshot replication
      1.  
        Configure AWS snapshot replication
      2.  
        Using AWS snapshot replication
      3.  
        Support matrix for account replication
    15.  
      Protect applications in-cloud with application-consistent snapshots
    16.  
      Protecting AWS or Azure VMs for recovering to VMware
    17.  
      Cloud asset cleanup
    18.  
      Cloud asset filtering
  2. Protecting PaaS assets
    1.  
      Protecting PaaS assets
    2.  
      Prerequisites for protecting PaaS assets
    3.  
      Enabling binary logging for MySQL and MariaDB databases
    4.  
      Enabling backup and restore in Kubernetes
    5.  
      Prerequisites for protecting Amazon RDS SQL Server database assets
    6. Protecting RDS Custom instances
      1.  
        Protecting RDS Custom for SQL Server assets
      2.  
        Consideration for protecting RDS Custom for SQL Server assets
      3.  
        Protecting RDS Custom for Oracle assets
      4.  
        Consideration for protecting RDS Custom for Oracle assets
    7. Protecting Azure Managed Instance databases
      1.  
        Prerequisites for protecting Azure Managed Instance databases
      2.  
        Permissions required for protecting Azure Managed Instance databases
    8. Limitation and considerations
      1.  
        For all databases
      2.  
        For PostgreSQL
      3.  
        For incremental backups for Azure PostgreSQL
      4.  
        For AWS RDS PostgreSQL and AWS Aurora PostgreSQL
      5.  
        For AWS DynamoDB
      6.  
        For AWS DocumentDB
      7.  
        For AWS Neptune
      8.  
        For AWS RDS SQL
      9.  
        For Azure, AWS RDS, and Aurora MySQL
      10.  
        For incremental backups using Azure MySQL server
      11.  
        For incremental backups using the GCP SQL Server
      12.  
        For Azure SQL and SQL Managed Instance
      13.  
        For Azure SQL and SQL Managed Instance (without temp. database)
      14.  
        For Azure SQL Server and SQL Managed Instance incremental backup
      15.  
        For Azure Cosmos DB for MongoDB
      16.  
        For Azure Cosmos DB for NoSQL
      17.  
        For Amazon RDS for Oracle
      18.  
        For Amazon Redshift databases
      19.  
        For Amazon Redshift clusters
      20.  
        For GCP SQL Server
      21.  
        For GCP BigQuery
    9. Installing the native client utilities
      1.  
        Installing the MySQL client utility
      2.  
        Installing the sqlpackage client utility
      3.  
        Installing PostgreSQL client utility
      4.  
        Installing MongoDB client utility
    10. Configuring storage for different deployments
      1.  
        For MSDP cloud deployments
      2.  
        For Kubernetes deployments
      3.  
        For VM-based BYO deployments
    11.  
      Configuring the storage server for instant access
    12.  
      About incremental backup for PaaS workloads
    13.  
      Configuring incremental backups for Azure MySQL server
    14.  
      About archive redo log backup for PaaS workloads
    15.  
      About Auto Image Replication for PaaS workloads
    16.  
      Discovering PaaS assets
    17.  
      Viewing PaaS assets
    18. Managing PaaS credentials
      1.  
        View the credential name that is applied to a database
      2.  
        Add credentials to a database
      3.  
        Creating an IAM database username
      4.  
        Creating a system or user-managed identity username
      5.  
        Configuring permissions for the database user
    19. Add protection to PaaS assets
      1.  
        Perform backup now
  3. Recovering cloud assets
    1. Recovering cloud assets
      1.  
        About the pre-recovery check for VMs
      2.  
        Supported parameters for restoring cloud assets
      3.  
        Recovering virtual machines
      4.  
        Recovering applications and volumes to their original location
      5.  
        Recovering applications and volumes to an alternate location
      6.  
        Recovery scenarios for GCP VMs with read-only volumes
      7.  
        (GCP only) Restoring virtual machines and volumes using the autoDelete disk support
    2.  
      Perform rollback recovery of cloud assets
    3. Recovering AWS or Azure VMs to VMware
      1.  
        Post-recovery considerations for cloud VMs recovered to VMware
      2. Steps to recover images from cloud VMs to VMware
        1.  
          Recovering images from AWS to VMware
        2.  
          Recovering images from Azure to VMware
    4. Recovering PaaS assets
      1.  
        Recovering non-RDS PaaS assets
      2.  
        Recovering Redshift clusters
      3.  
        Recovering AWS DocumentDB and Neptune assets
      4.  
        Recovering RDS-based PaaS asset
      5.  
        Recovering Azure-protected assets
      6.  
        Recovering duplicate images from AdvancedDisk
  4. Performing granular restore
    1.  
      About granular restore
    2.  
      Supported environment list
    3.  
      List of supported file systems
    4.  
      Before you begin
    5.  
      Limitations and considerations
    6.  
      Restoring files and folders from cloud virtual machines
    7.  
      Restoring volumes on cloud virtual machines
    8.  
      Performing steps after volume restore containing LVM
    9.  
      Troubleshooting
  5. Troubleshooting protection and recovery of cloud assets
    1.  
      Troubleshoot cloud workload protection issues
    2.  
      Error Code 9855: Error occurred while exporting snapshot for the asset: <asset_name>
    3.  
      VMs and other OCI assets with CMK-encrypted disks are marked as deleted in NetBackup UI.
    4.  
      Backup from snapshot jobs take longer time than expected
    5.  
      Backup from snapshot job fails due to connectivity issues when Snapshot Manager is deployed on an Ubuntu host
    6.  
      Error disambiguation in NetBackup UI
    7.  
      Status Code 150: Termination requested by administrator
    8. Troubleshoot PaaS workload protection and recovery issues
      1.  
        Troubleshooting Amazon Redshift issues
      2.  
        Troubleshooting Azure Postgres issues
      3.  
        Troubleshooting Amazon RDS Custom for SQL issues

Add a cloud provider for a Snapshot Manager

You can protect the assets on the Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Microsoft Azure Stack Hub, and Oracle Cloud Infrastructure (OCI) providers. Starting with 9.0, the Snapshot Manager can discover Amazon Web Services and Microsoft Azure US Government cloud workloads.

To add a cloud provider for Snapshot Manager

  1. On the left, click Workloads > Cloud.
  2. Click the Providers tab or click Add under the cloud provider for which you want to add a configuration.
  3. Enter a value in the Configuration Name field in the Add configuration pane.
  4. Select the preferred Snapshot Manager.
  5. Enter the required details.

    Cloud provider

    Parameter

    Description

    Microsoft Azure

    Credential type: Application service principal

    Tenant ID

    The ID of the AAD directory in which you created the application.

    Client ID

    The application ID.

    Secret key

    The secret key of the application.

    Credential type: System managed identity

    Enable system-managed identity on Snapshot Manager host in Azure.

    Note:

    Assign a role to the system-managed identity.

    Credential type: User managed identity

    Client ID

    The ID of the user-managed identity connected to the Snapshot Manager host.

    Note:

    The user-managed identity must have a role assigned.

    The following parameters are applicable for all the above credential types

    Regions

    One or more regions in which to discover cloud assets.

    Note:

    If you configure a government cloud, select US Gov Arizona, US Gov Texas or US Gov Virginia.

    Resource Group prefix

    The string with which you want to append all the resources in a resource group.

    Protect assets even if prefixed Resource Groups are not found

    The check box determines whether the assets are protected if they are not associated with any resource groups.

    Microsoft Azure Stack Hub

    Using AAD:

    Azure Stack Hub Resource Manager endpoint URL

    The endpoint URL in the following format allows Snapshot Manager to connect with your Azure resources.

    https://management.<location>.<FQDN>

    Tenant ID

    The ID of the AAD directory in which you created the application.

    Client ID

    The application ID.

    Secret Key

    The secret key of the application.

    Authentication Resource URL (optional)

    The URL where the authentication token is sent to.

    Using ADFS:

    Azure Stack Hub Resource Manager endpoint URL

    The endpoint URL in the following format that allows Snapshot Manager to connect with your Azure resources.

    https://management.<location>.<FQDN>

    Tenant ID

    The ID of the AAD directory in which you created the application.

    Client ID

    The application ID.

    Secret Key

    The secret key of the application.

    Authentication Resource URL (optional)

    The URL where the authentication token is sent to.

    Amazon AWS

    Access Key

    The access key ID, when specified with the secret access key, authorizes Snapshot Manager to interact with the AWS APIs.

    Note:

    For more information on how to create an IAM role, see the AWS documentation.

    Secret Key

    The secret key of the application.

    Note:

    If the Snapshot Manager is configured with IAM Config, the Access Key and Secret Key options are not available.

    Regions

    One or more AWS regions in which to discover cloud assets.

    Note:

    If you configure a government cloud, select us-gov-east-1 or us-gov-west-1.

    VPC Endpoint

    First DNS name of AWS Security Token Service (STS) endpoint service with no zone specified.

    Google Cloud Platform

    Project ID

    The ID of the project from which the resources are managed. Listed as in the project_id JSON file.

    Client Email

    The email address of the Client ID. Listed as client_email in the JSON file.

    Private Key

    The private key. Listed as private_key in the JSON file.

    Note:

    You must enter this key without quotes. Do not enter any spaces or return characters at the beginning or end of the key.

    Regions

    A list of regions in which the provider operates.

    Oracle Cloud Infrastructure

    Credential type: API Key

    User OCID

    User's OCID for which you generate the credentials.

    Tenancy

    Tenant ID of the OCI account.

    Fingerprint

    The fingerprint that you obtain while generating the credential.

    Private Key

    The private key that you obtain while generating the credential.

    Regions

    One or more OCI regions in which you want to discover the cloud assets.

    Credential type: IAM

    NetBackup Snapshot Manager must be a part of a dynamic group and that dynamic group must have enough permissions.

    Note:

    If the Snapshot Manager is configured with IAM Configuration, the other fields, except Regions, are not available.

  6. Enter the connection and authentication details in the Add Configuration pane.
  7. Click Save.

The assets on the cloud providers are automatically discovered.