Apply a backup plan during instance creation

This document explains how to apply a Backup and DR Service backup plan to your Compute Engine instance when you create the instance using the Google Cloud console.

Use Backup and DR Service backup plans to create rule-based and indelible backups of your Compute Engine instances and then store those backups in a secure and isolated storage locations.

Backup and DR backup plans let you define advanced backup strategies to store your Compute Engine instances in secure storage locations called backup vaults. Using the backup plan applied to your instance, you can create scheduled or on-demand backups of your instance in a backup vault.

Before you begin

Required roles

  • To get the permissions that you need to create an instance and apply a backup plan during its creation, ask your administrator to grant you the following IAM roles:

    • To create the instance: Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1) on the project for the Compute Engine instance
    • To configure scheduled backups or run on-demand backups:

    For more information about granting roles, see Manage access to projects, folders, and organizations.

    You might also be able to get the required permissions through custom roles or other predefined roles.

  • If you want to back up a Compute Engine instance to a backup vault that is in a different project than the instance, then make sure the Backup and DR Vault Service Agent for the backup vault has been granted permission to access the instances in that project. (If the backup vault and instance are in the same project, then this permission is already granted by default.)

  • To ensure that Backup and DR Vault Service Agent has the necessary permissions to back up a Compute Engine instance to a backup vault, ask your administrator to grant Backup and DR Vault Service Agent the Backup and DR Compute Engine Operator (roles/backupdr.computeEngineOperator) IAM role on the project for the Compute Engine instance.

Create an instance that has a backup plan applied

To create an instance that has a backup plan applied, follow these steps in the Google Cloud console:

  1. In the Google Cloud console, go to the Create an instance page.

    Go to Create an instance

    If prompted, select your project and click Continue.

    The Create an instance page appears and displays the Machine configuration pane.

  2. In the Name field, specify a name for your instance. For more information, see Resource naming convention.

  3. In the Region field, specify the region where you want your instance.

  4. Optional: In the Zone field, select a zone for this instance.

    The default selection is Any. If you don't change this default selection, then Google automatically chooses a zone for you based on machine type and availability.

  5. To specify a backup plan for this instance, do the following:

    1. In the navigation menu, click OS and storage. The Operating system and storage pane appears.

    2. In the Backup plan section, click Select a plan.

    3. In the Select a backup plan pane that appears, do the following:

      1. Verify that the Project field has the same project name where your backup plans exist. If not, select the correct project.
      2. In the Backup plan name column, click the name of the back plan that you want to use.
      3. To confirm your choice of backup plan and return to the Operating system and storage pane, click Apply.

  6. Optional. Specify any other configuration parameters of your choice. For more information about custom configuration options, see Create and start an instance.

  7. To create and start the VM, click Create.

What's next