AvePoint Learn
Request article
Contact support
Request article
Contact support
English

Home > Replication (Private Preview) > Create a Policy

Export to PDF

Create a Policy

For steps on creating a policy for Microsoft Azure, Amazon Web Services, or Google Cloud, refer to the sections below.

Create a Microsoft Azure Replication Policy

To create a replication policy for Microsoft Azure resources, complete the following steps:

  1. On Replication page, click Create.

  2. In the Create replication policy panel, complete the following steps:

    1. Define the resource scope - Select Microsoft Azure as the service type. Replication policies now allow you to add Azure Kubernetes Service, SQL database, storage account, MySQL flexible server, PostgreSQL flexible server, virtual machines Web app (container mode), and virtual machine scale sets to the policy-s protection scope. To define the resource scope, complete the configurations:

      • App profile - Select an app profile you have added in AvePoint Online Services. Azure resources of the app profile-s tenant will be able to be included in this policy-s protection scope.

      • Add resources to protect – Click Add resources to replication pack. In the dropdown list, select the resource type.

        In the Add resources to replication pack panel, select the resources to add. You can also search for specific resources by their names in the search box or filter them by their type, subscription, or resource groups. After finishing selecting, click Add.

        In the Resource scope step, you can always click Manage on the resource tiles to change the protection scope. To remove a resource from the scope, click the Remove button.

        NOTE
        • Protected resources will not be removed from the protection scope even after they are deleted in your Azure environments. However, replication jobs for the deleted resources will fail. You can restore the deleted resources if they were deleted accidentally. Or you can remove them from the protection scope if the deletion has been confirmed.
        • When protecting a storage account, make sure there are no more than one replication rule enabled for this storage account in your Azure environment. As the policy-s replication job will create a replication rule and a storage account cannot have more than two replication rules created in Azure.
        • Only Kubernetes clusters in running status can be replicated.
        • Replica databases created at the destination cannot be included in the protection scope as source database.

      Click Next when the resource scope configurations are completed.

    2. Set up the replication and failover target, including:

      • Target region - Select the target region.

      • Target subscription - Select the target subscription.

        NOTE

        PostgreSQL can only be replicated within the same Azure subscription.

      • Target resource group name - Select the target resource group name. If you cannot find the proper one, click Create at the end of the dropdown list to create a new resource group under the target subscription.

        NOTE

        To avoid conflicts between resources with the same names, it is recommended that each target resource group is added in individual replication policies.

      Click Next to proceed.

    3. If you have added the following resources encrypted by Customer-managed key or Platform-managed and customer-managed keys, configure the key mappings between your source and destination keys to enable the replication and protection of these encrypted resources:

      • MySQL flexible server

      • PostgreSQL flexible server

      • Virtual machine

      • Virtual machine scale set

      In this step, select the Destination key vault and Destination key for each source key of the resources. Then, click Next to continue.

      NOTE

      The available keys are loaded based on the configured target region and subscription. If you cannot find the key in the selection list, check their regions, subscriptions, expiration date, and status.

    4. Configure policy settings, including:

      • Policy name and Description - Enter the name and description of this policy.

      • Webhook URL - Enter a Webhook URL to receive failover details in HTTPS POST requests when the failover of this policy completes. For the details of the request triggered, refer to Run Failover.

        NOTE

        Test failovers do not trigger webhook requests.

      • Recovery point objective (RPO) - Configure the recovery point objective for this policy.

        NOTE
        • Shorter recovery point objective (RPO) means more resources will be created in your target, resulting in a higher cost in your cloud environment. For the details on additional costs, refer to the Additional Costs section below.
        • Recovery point objectives (RPO) of Azure databases, storage accounts cannot be defined by this setting as they follow the Azure native RPO goals.

        When replicating Azure databases and storage accounts, only configurations and settings are replicated to AvePoint default storage, and the following replication jobs run based on the policy’s RPO.

        If a policy for SQL database or storage account is created, upon the first replication job, SQL database replication rule will be created in your target environment while storage account replication rule will be created in your Azure object replication page. Their following content replication will follow the RPO of Azure native replication.

        For details on the native Azure replication services, refer to Active geo-replication for SQL databases, Object replication for block blobs for storage accounts, Read replicas in Azure Database for MySQL - Flexible Server for MySQL flexible service, and Read replicas in Azure Database for PostgreSQL flexible server for PostgreSQL flexible server for PostgreSQL flexible server.

      • First replication time - Select the first replication time. The following scheduled replication jobs will run based on this time and your recovery point objective.

      • Retention - Only recovery points within the last 24 hours will be kept and this retention policy cannot be changed. If there are no recovery points within the last 24 hours, the latest recovery point will be kept.

      Click Next to proceed.

    5. Check your configurations overall. In the Resource scope details section, click Show all to view the detailed information of resources in the protection scope. To make any adjustments, click the corresponding step on top of this panel and edit accordingly.

  3. Click Save to complete the policy creation. Click Save and run to save the policy and run a replication job immediately. However, this job-s running time will not overwrite the configured first replication time. A job will still run at your configured time and the following replication jobs will run by configured RPO based on the configured first replication time.

    NOTE

    If the policy is protecting an Azure VM, replication jobs will create snapshots with the prefix ACBCR in your environment. To ensure the resource protection, please do not manually delete them.

Create an Amazon Web Services- Replication Policy

To create a replication policy for your AWS resources, complete the following steps:

  1. On Replication page, click Create.

  2. In the Create replication policy panel, complete the following steps:

    1. Define the resource scope - Select Amazon Web Services as the service type. Replication policies now allow you to add EC2 instances, Elastic Beanstalk (with Docker platform), Elastic Kubernetes Services, Aurora databases, DynamoDB tables, and RDS databases, and S3 buckets to the policy-s protection scope. To define the resource scope, complete the configurations:

      • App profile - Select an app profile you have added in AvePoint Online Services. AWS resources of the app profile-s tenant will be included in this policy-s protection scope.

      • Region - Select a region in which the resources can be added to this policy-s scope. One policy can only have resources from one region.

      • Add resources to protect – Click Add resources to replication pack. In the dropdown list, select the resource type.

        In the Add resources to replication pack panel, select the resources to add. You can also search for specific resources by their names in the search box. After finishing selecting, click Add.

        In the Resource scope step, you can always click Manage on the resource tiles to change the protection scope. To remove a resource from the scope, click the Remove button.

        NOTE
        • Protected resources will not be removed from the protection scope even after they are deleted in your AWS environments. However, replication jobs for the deleted resources will fail. You can restore the deleted resources if they were deleted accidentally. Or you can remove them from the protection scope if the deletion has been confirmed.
        • Only Kubernetes clusters in running status can be replicated.
        • Aurora and RDS databases with Managed in AWS Secrets Manager configuration enabled cannot be protected by policies.
        • RDS databases with Secrets Manager integrated cannot currently be protected by policies.
        • Replica databases created at the destination cannot be included in the protection scope as the source database.
        • Only specific versions of the Aurora MySQL and Aurora PostgreSQL database engines in certain AWS Regions support Aurora Global Database. For the complete list, see Supported Regions and DB engines for Aurora global databases.

      Click Next when the resource scope configurations are completed.

    2. Set up the replication and failover target by selecting a target region. Then click Next to proceed.

    3. Complete KMS key mapping - If the resources in your protection scope is using KMS encryption, configure the mapping of your source and destination KMS keys to ensure the protection of encrypted resources.

    4. Configure policy settings, including:

      • Policy name and Description - Enter the name and description of this policy.

      • Webhook URL - Enter a Webhook URL to receive failover details in HTTPS POST requests when the failover of this policy completes. For the details of the request triggered, refer to Run Failover.

        NOTE

        Test failovers do not trigger webhook requests.

      • Recovery point objective (RPO) - Configure the recovery point objective for this policy.

        NOTE
        • Shorter recovery point objective (RPO) means more resources will be created in your target, resulting in a higher cost in your cloud environment.
        • Recovery point objectives (RPO) of Aurora databases, RDS databases, DynamoDB tables, and S3 buckets cannot be defined by this setting as they follow Amazon's native RPO goal. When replicating Aurora databases, RDS databases, DynamoDB tables, and S3 buckets, only configurations and settings are replicated to AvePoint default storage and their following replication jobs run based on the policy’s RPO. If a policy with S3 bucket or a database is created, upon the first replication job, S3 bucket replication rule will be created in your S3 bucket while database read replica will be created in your source database. Their following content replication will follow the native S3 replication rule and built-in replication feature of the DB engine.
        • For Aurora (MySQL Compatible), you can have up to five cross-region read replicas per source cluster. To ensure the cross-region read-replica can be created, you must turn on the source Aurora MySQL DB cluster. For more details, refer to Replicating Amazon Aurora MySQL DB clusters across AWS Regions.
          For details on the native AWS services, refer to Working with DB instance read replicas for RDS databases and Replicating objects within and across Regions for S3 bucket.

      • First replication time - Select the first replication time. The following scheduled replication jobs will run based on this time and your recovery point objective.

      • Retention - Only recovery points within the last 24 hours will be kept and this retention policy cannot be changed. If there are no recovery points within the last 24 hours, the latest recovery point will be kept.

      Click Next to proceed.

    5. Check your configurations overall. In the Resource scope details section, click Show all to view the detailed information of resources in the protection scope. To make any adjustments, click the corresponding step on top of this panel and edit accordingly.

  3. Click Save to complete the policy creation. Click Save and run to save the policy and run a replication job immediately. However, this job-s running time will not overwrite the configured first replication time. A job will still run at your configured time and the following replication jobs will run by configured RPO based on the configured first replication time.

    NOTE

    If the policy is protecting an EC2 instance, replication jobs will create snapshots with the prefix ACBCR in your environment. To ensure the resource protection, please do not manually delete them.

Create a Google Cloud Policy

To create a replication policy for your Google Cloud Platform resources, complete the following steps:

  1. On Replication page, click Create.

  2. In the Create replication policy panel, complete the following steps:

    1. Define the resource scope - Select Google Cloud as the service type. To define the resource scope, complete the configurations:

      • Service account - Select a service account profile you have added in AvePoint Online Services. Resources of the service account-s tenant will be able to be included in this policy-s protection scope.

      • Project - Select a project.

        NOTE

        Resources can only be replicated within the same project.

      • Add resources to protect - Click Add resources to replication pack. In the dropdown list, select the resource type.

        In the Add resources to replication pack panel, select the resources to add. You can also search for specific resources by their names in the search box. After finishing selecting, click Add.

        In the Resource scope step, you can always click Manage on the resource tiles to change the protection scope. To remove a resource from the scope, click the Remove button.

        NOTE
        • Protected resources will not be removed from the protection scope even after they are deleted in your Google Cloud environments. However, replication jobs for the deleted resources will fail. You can restore the deleted resources if they were deleted accidentally. Or you can remove them from the protection scope if the deletion has been confirmed.
        • Replica databases created at the destination cannot be included in the protection scope as the source database.

      Click Next when the resource scope configurations are completed.

    2. Set up the replication and failover target by selecting a target region. Then click Next to proceed.

    3. Complete KMS key mapping - If the resources in your protection scope is using KMS encryption, configure the mapping of your source and destination KMS keys to ensure the protection of encrypted resources.

    4. Configure policy settings, including:

      • Policy name and Description - Enter the name and description of this policy.

      • Webhook URL - Enter a Webhook URL to receive failover details in HTTPS POST requests when the failover of this policy completes. For the details of the request triggered, refer to Run Failover.

        NOTE

        Test failovers do not trigger webhook requests.

      • Recovery point objective (RPO) - Configure the recovery point objective for this policy.

        NOTE
        • Shorter recovery point objective (RPO) means more resources will be created in your target, resulting in a higher cost in your cloud environment.
        • Recovery point objectives (RPO) of cloud storage and SQL instances cannot be defined by this setting as they follow Google's native RPO goal. For details on the native Google solutions, refer to Cross-bucket replication and Google Cloud SQL cross-region read-replicas. When replicating cloud storage and SQL database instances, only configuration and setting metadata are replicated to AvePoint default storage and their following replication jobs run based on the policy's RPO.
        • For SQL instance protection, upon the first replication job, read replica will be automatically created in the source SQL instance. For more details, refer to Create replica.
        • For cloud storage protection, upon the first replication job, cross-bucket replication will be enabled with the replication destination configured in the corresponding bucket.
        • Only Kubernetes clusters in running status can be replicated.

      • First replication time - Select the first replication time. The following scheduled replication jobs will run based on this time and your recovery point objective.

      • Retention - Only recovery points within the last 24 hours will be kept and this retention policy cannot be changed. If there are no recovery points within the last 24 hours, the latest recovery point of this policy will be kept.

      Click Next to proceed.

    5. Check your configurations overall. In the Resource scope details section, click Show all to view the detailed information of resources in the protection scope. To make any adjustments, click the corresponding step on top of this panel and edit accordingly.

  3. Click Save to complete the policy creation. Click Save and run to save the policy and run a replication job immediately. However, this job's running time will not overwrite the configured first replication time. A job will still run at your configured time and the following replication jobs will run by configured RPO based on the configured first replication time.

    NOTE

    If the policy is protecting a Virtual Machine, replication jobs will create snapshots with the prefix acbcr in your environment. To ensure the resource protection, please do not manually delete them.

Additional Costs

During the replication, additional costs may be triggered if you have certain configurations in your replication policy. Refer to the following tables for the possible additional costs.

Microsoft Azure

ResourceAdditional CostPricing Reference
Virtual machineSnapshots
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot pricing details, refer to Managed Disks pricing.
Virtual machineData transfer
The cost will increase if the data is replicated to a different region.		For the data transfer pricing details, refer to Bandwidth pricing.
SQL databaseDatabase replication
The cost would increase if the database replicated to the target has larger storage.		For the database replication pricing details, refer to Azure SQL Database pricing.
Storage accountBlob versioning
Replication policy will enable the blob versioning for both the source and replicated storage accounts automatically and delete versions after 7 days, which would cause additional costs.		For the blob versioning pricing details, refer to Pricing and billing.
Storage accountBlob change feed
Replication policy will enable the blob change feed. The change feed records will be stored in your storage account at standard blob pricing cost.		For the blob change feed details, refer to How the change feed works and Azure Blob Storage pricing.
Storage accountData transfer
The cost will increase if the data is replicated to a different region.		For the data transfer pricing details, refer to Azure Blob Storage pricing.
Kubernetes ServiceSnapshots
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot pricing details, refer to Managed Disks pricing.
My SQL flexible serviceDatabase replication
The cost would be higher if the database replicated to the target has larger storage.		For the database replication pricing details, refer to Azure Database for MySQL pricing.
My SQL flexible serviceRead replica charges
Each read replica is charged based on the provisioned compute in vCores and storage in GB/month.		For the pricing details, refer to Azure Database for MySQL - Flexible Server service tiers.
PostgreSQL flexible serverDatabase replication
The cost would be higher if the database replicated to the target has larger storage.		For the database replication pricing details, refer to Azure Database for PostgreSQL pricing.
PostgreSQL flexible serverRead replica charges
Each read replica is charged based on the provisioned compute in vCores and storage in GB/month.		For the pricing details, refer to Azure Database for MySQL - Flexible Server service tiers.

Amazon Web Services

ResourceAdditional CostPricing Reference
EC2 instanceSnapshots
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot pricing details, refer to Amazon EBS pricing.
EC2 instanceData transfer
The cost will increase if the data is replicated to a different region.		For the data transfer pricing details, refer to Amazon EC2 On-Demand Pricing.
S3 bucketData transfer
The cost will increase if the data is replicated to a different region.		For the data transfer pricing details, refer to Amazon S3 Pricing.
S3 bucketBucket versioning
Replication policy will enable bucket versioning for both the source and replicated bucket, which would cause additional costs.		For bucket versioning pricing details, refer to Retaining multiple versions of objects with S3 Versioning.
Aurora and RDS databaseDatabase replication
The cost would increase if the database replicated to the target has larger storage.		For database replication pricing details, refer to Amazon RDS pricing.
Aurora and RDS databaseData transfer
The cost will increase if the data is replicated to a different region.		For data transfer pricing details, refer to Cross-Region replication costs.
DynamoDBDatabase replication
The cost would increase if the database replicated to the target has larger storage.
Elastic Kubernetes ServiceSnapshot
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot creation pricing details, refer to Amazon EBS Snapshots.

Google Cloud

ResourceAdditional CostPricing Reference
Cloud storageData processing
The cost would be higher if the data size to transfer, store, process, and retrieve is larger.		For the data processing pricing details, refer to Cloud Storage pricing.
Cloud storageStorage transfer service
Charges are incurred when transferring, rewriting, and deleting data of Cloud Storage buckets.		For the storage transfer pricing details, refer to Storage Transfer Service pricing.
Cloud storagePub/Sub
Throughput costs for message publishing and delivery
Data transfer costs associated with throughput that crosses a Google Cloud zone or region boundary
Storage costs associated with retaining messages		For the Pub/Sub service pricing details, refer to Pub/Sub pricing.
Kubernetes EngineSnapshot
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot pricing details, refer to Storage PD Snapshot SKUs.
SQL instanceDatabase replication
The cost would be higher if the database replicated to the target has larger storage.		For the SQL instance pricing details, refer to Cloud SQL pricing.
SQL instanceTemporary disk during replication
During replication, a temporary disk is created, and a full backup is taken and stored on the temporary disk. The temporary disk is deleted after the replica creation process is complete. Normal storage billing rates apply to the temporary disk.		For the disk pricing details, refer to Cloud SQL pricing.
SQL instanceData transfer
The cost will increase if the data is replicated to a different region.		For the cross-region replication Network Egress cost details, refer to Cloud SQL pricing.
VM instanceSnapshot
The cost would be higher if you configure shorter RPO in your replication policy, causing more snapshots created.		For the snapshot storage pricing details, refer to Storage PD Snapshot SKUs.
VM instanceData transfer
The cost will increase if the data is replicated to a different region.		For the data transfer pricing details, refer to PD Snapshot egress SKUs.