Getting Started Deploying Clumio
After you have finished registering your organization with Clumio, follow these general guidelines to get started deploying Clumio. Each section contains links to documentation that provides details. You may need to log in to Clumio to access some of this content.
Establish Access Management
Control user access to Clumio.
Users can be added to the platform using Access Management Settings. Identify who needs access to Clumio, then invite them using these instructions:
SSO / MFA
Any SAML 2.0 compliant Identity Provider can be configured with Clumio. For detailed instructions on configure your SSO Provider:
Organizational units (OUs) allow you to create logical buckets of assets within your organization made up of groupings, such as departments, so that users can access and manage only the assets relevant to their work. Group data sources into OUs to reflect how users are permitted to access information, for example by AWS accounts. For detailed instructions:
Roles provide different levels of access to different types of users within your organization. Roles range from a Super Admin who has full access to all operations within the Clumio UI, to a Reporting/Audit Admin who has view-only access to the UI and can generate reports. For details, see:
Set Up Protection
These tasks get you started protecting your assets.
Onboarding & Deployment
Before onboarding the Clumio SaaS in your environment, you must decide which deployment you want to use. Clumio supports two different deployment methods, Terraform and CloudFormation Template.
Clumio Terraform provider seamlessly integrates in your environment to onboard multiple AWS account / regions. For detailed instructions:
Clumio also supports onboarding of AWS accounts using CloudFormation. For detailed instructions:
There are limitations to Clumio operations including, but not limited to, the backup and restore services. For details, see Clumio Service Limits.
Policies & Protection Rules
To efficiently apply Clumio protection rules, standardize your tag naming convention. Standardizing tags helps Clumio identify resources that need to be protected across all accounts and regions in your organization. For example, establish a Clumio Tag naming convention that correlates to Clumio Policies:
- Tag Key: Clumio Value: Gold = Gold Policy
- Tag Key: Clumio Value: Silver = Silver Policy
- Tag Key: Clumio Value: Bronze = Bronze Policy
A protection policy at Clumio represents a preconfigured schedule that defines how frequently the data from your cloud-based business applications are backed up to SecureVault Backup. A well-defined policy determines where the backup data should be stored, which data sources should be protected, how often the data should be backed up, and how long the data should be retained. For example:
- Gold Policy - Backup:
- 12hrs - retain for 2 days
- Daily - retain for 30 days
- Monthly - retain for 12 months
- Yearly - retain for 7 years.
- Silver Policy - Backup:
- Daily - retain 30 Days
- Monthly - retain 12 months
- Bronze - Backup:
- Weekly - retain for 35 days
For more information, see https://support.clumio.com/hc/en-us/articles/360059988791
Protection rules define the conditions to apply a selected backup policy to your assets. You can use protection rules to automate policy application for your EC2, EBS, RDS, and DynamoDB assets across multiple accounts and regions. Instead of applying policies to multiple tags or to assets per region, you can define a set of conditions such as asset types, accounts, regions, and tags and select a backup policy to apply to that set of conditions. Protection rules can also be prioritized, to be applied in a specified order. For more information, see:
Testing Policies and Rules
If you have onboarded AWS accounts and set policy successfully, you will start seeing resources being backed up with Clumio. When the backup process has started, test backups and restore to ensure service availability and validity.
If you do not see successful backups / restores, or your testing reveals problems, please contact Clumio Support. Email firstname.lastname@example.org.
Test your backup policy by checking for expected backup points in time for the selected resources according to your protection rules and policies. For detailed instructions, log into Clumio, and open the online help:
When backups are completed and validated successfully, try restoring data. For detailed instructions, log into Clumio, and open the online help:
Monitor Clumio Functions
After you have successfully finished setting up, start monitoring Clumio to make sure that your assets continue to be backed up as expected.
Use Clumio Reports to monitor Clumio daily. For consistent monitoring, set up the Compliance Report and Activity Report.
The compliance report displays the compliance status of an asset in a specified date range. An asset can be "In compliance" or "Out of compliance" with the applied protection policy.
An asset is out of compliance when it experiences one or more SecureVault Backup (or Snap) failures, or when the backup (or Snap) exceeds the backup window once in the specified date range.
For details, see:
The Activity Report displays the SecureVault Backup, Clumio Snap, and restore activities of all assets protected by Clumio. By default, the report (named Default Report) is filtered to display data for the past seven (7) days. Specify a different interval to view the report details over another date range.
For details, see:
The Audit Report represents a chronological history of the system activities that users have performed through the Clumio UI or REST API. Use the Audit Report to find out who made what changes in the Clumio product, and to ensure that everything is in compliance with your business requirements.
For details, see:
The Alerts page shows you when there are issues affecting the assets in your Clumio environment, for example if a backup or a restore fails. The Alerts icon in the upper right corner indicates the number of alerts in red. Click the Alerts icon from any screen to view alerts.
On the All Alerts page, click the arrow next to an alert to expand it. This shows a list of all occurrences for the associated alert.
For more information on alerts, see: