CREATE_PROTECTION

CREATE_PROTECTION_POLICY

This procedure creates a protection policy.

Syntax

PROCEDURE create_protection_policy (
   protection_policy_name IN VARCHAR2,
   description IN VARCHAR2 DEFAULT NULL,
   storage_location_name IN VARCHAR2,
   polling_policy_name IN VARCHAR2 DEFAULT NULL,
   recovery_window_goal IN DSINTERVAL_UNCONSTRAINED,
   max_retention_window IN DSINTERVAL_UNCONSTRAINED DEFAULT NULL,
   recovery_window_sbt IN DSINTERVAL_UNCONSTRAINED DEFAULT NULL,
   unprotected_window IN DSINTERVAL_UNCONSTRAINED DEFAULT NULL,
   guaranteed_copy IN VARCHAR2 DEFAULT 'NO',
   allow_backup_deletion IN VARCHAR2 DEFAULT 'YES',
   store_and_forward IN VARCHAR2 DEFAULT 'NO',
   log_compression_algorithm IN VARCHAR2 DEFAULT 'BASIC',
   autotune_reserved_space IN VARCHAR2 DEFAULT 'NO',
   recovery_window_compliance IN DSINTERVAL_UNCONSTRAINED DEFAULT NULL,
   keep_compliance IN VARCHAR2 'NO',
   comments IN VARCHAR2 DEFAULT NULL,
   max_reserved_space IN VARCHAR2 DEFAULT NULL,
   secure_mode IN VARCHAR2 DEFAULT 'NO',
   level0_refresh IN DSINTERVAL_UNCONSTRAINED DEFAULT NULL
);

Parameters

Table 21-11 CREATE_PROTECTION_POLICY Parameters

Parameter	Description
`protection_policy_name`	The user-assigned name of the protection policy.
`description`	An optional description of the usage for the policy.
`storage_location_name`	The name of the storage location. The Recovery Appliance uses this location for actively received incoming backups, and for newly created backup files for all databases sharing this protection policy.
`polling_policy_name`	The name of the backup polling policy. The polling policy specifies the rules for how the Recovery Appliance polls for backups of protected databases that use this protection policy. If null, then no backup polling occurs for databases that use this protection policy.
`recovery_window_goal`	The recovery window goal for databases that use this protection policy. For each protected database, the Recovery Appliance attempts to ensure that the oldest backup on disk can support a point-in-time recovery to any time within the specified interval, counting backward from the current time. Specify the goal as any valid `INTERVAL DAY TO SECOND` expression, such as `INTERVAL '2' DAY` (2 days), `INTERVAL '4' HOUR` (4 hours), and so on.
`max_retention_window`	The maximum length of time that the Recovery Appliance must retain backups for databases that use this protection policy. Recovery Appliance only holds backups longer than the specified period when they are required to preserve the recovery window goal for a database. If null, `max_retention_window` defaults to 2*`recovery_window_goal`.
`recovery_window_sbt`	The recovery window for SBT backups of databases that use this protection policy. For each protected database, the Recovery Appliance keeps backups long enough on tape to guarantee that a recovery is possible to any time within the specified interval, counting backward from the current time. If this parameter is not null, then you must also create an SBT job for this protection policy, and then schedule it using a scheduling facility such as Oracle Scheduler. See `CREATE_SBT_JOB_TEMPLATE`. If this parameter is null, the purge backup automatically is never run and backups are kept beyond their expiration date. Specify the window as any valid `INTERVAL DAY TO SECOND` expression, such as `INTERVAL '2' DAY` (2 days), `INTERVAL '4' HOUR` (4 hours), and so on.
`unprotected_window`	The maximum amount of data loss that is tolerable for databases using this protection policy. When a protected database exceeds the specified amount of data loss, the Recovery Appliance posts a warning to `RA_INCIDENT_LOG`. The most recent time to which each protected database is recoverable is shown in the `HIGH_TIME` column of `RA_RESTORE_RANGE`. Specify the window as any valid `INTERVAL DAY TO SECOND` expression, such as `INTERVAL '2' DAY` (2 days), `INTERVAL '4' HOUR` (4 hours), and so on. The `unprotected_window_threshold` specifies the last set value for the `unprotected_window` in this API. `unprotected_window` specifies how much time is "unprotected" for this database. For this calculation, the data in `ra_disk_restore_range` does not have backup from online redo yet and is not reflected in `ra_*restore_range` views.
`guaranteed_copy`	The setting of the guaranteed copy feature. Specifying `NO` means that the Recovery Appliance always accepts new backups, even if it must delete old backups when space is low. This option prioritizes the ability to successfully process the backup currently being received over the ability to restore older backups. Specifying `YES` ensures that the Recovery Appliance copies backup data to tape or cloud before removing it from Recovery Appliance storage. This option prioritizes the ability to restore older backups over the ability to successfully process the backup currently being received. If set to `YES`, then for each protected database the Recovery Appliance can only hold up to `disk_reserve_space` bytes of backup data that is not yet copied to all libraries with the `guaranteed_copy=YES`. If hardware or network errors prevent timely copying, then future attempts to create new unbacked up pieces will fail when the Recovery Appliance reaches the `disk_reserve_space` limit.
`allow_backup_deletion`	Setting this to `NO` will prevent RMAN users from deleting backups on the Recovery Appliance. The default value is set to `YES`. `NO` means that the Recovery Appliance will prevent backups from being deleted by RMAN users for the databases using this protection policy. `YES` means that the Recovery Appliance will allow for backups to be deleted by RMAN users for the databases using this protection policy.
`store_and_forward`	The setting for the Backup and Redo Failover feature. This setting is used only in a protection policy defined on the alternate Recovery Appliance where the protected databases associated with this policy will redirect backups and redo in the event of an outage on the primary Recovery Appliance. `YES` means that the alternate Recovery Appliance does not index these redirected backups. Instead, the backups are stored as-is, and are sent to the primary Recovery Appliance when the outage is over. The backup pieces are deleted once they are replicated on the primary; support for incremental forever is turned off for this alternate Recovery Appliance only. The downstream Recovery Appliance resumes the incremental forever strategy once it receives these backups. `NO` is the default. Refer to Managing Temporary Outages with a Backup and Redo Failover Strategy for more information.
`log_compression_algorithm`	The setting for the archive log compression feature. This setting is used to adjust the compression level of NZDL/polled archive log backups. `OFF` means that the archive logs will not be compressed. `BASIC` means the BASIC compression algorithm will be used to compress the backups. `LOW` means the LOW compression algorithm will be used to compress the backups. `MEDIUM` means the MEDIUM compression algorithm will be used to compress the backups. `HIGH` means the HIGH compression algorithm will be used to compress the backups. Advanced Compression Option (ACO) license is not required on the protected database for use of LOW, MEDIUM, and HIGH log compression settings. For more details on log compression usage, see ZDLRA: Changes in the Protection Policy Compression Algorithms (Doc ID 2654539.1).
`autotune_reserved_space`	This setting is used to control whether the Recovery Appliance will automatically define and update the `reserved_space` settings for databases associated with this policy. Even when this feature is enabled, initial and updated settings for `reserved_space` may still be supplied under the `update_db` to override the automatic modifications of `reserved_space` for a period specified by the `recovery_window_goal` parameter. `YES` means that the Recovery Appliance will supply an initial `reserved_space` setting for a database if none is supplied. The Recovery Appliance will also tune settings daily based upon database space usage. `NO` means that the Recovery Appliance administrator is responsible for specifying and maintaining the `reserved_space` settings for databases associated with this protection policy. `NO` is the default.j
`recovery_window_compliance`	This setting specifies for each database a range of backups that will not be deleted. These backups must not use more than `disk_reserved_space` bytes of storage, and if they do, new backups will be rejected until those backups age out of the range. "filling disk_reserved_space" should be "filling disk_reserved_space with compliance protected backups" Specify the window as any valid `INTERVAL DAY TO SECOND` expression, such as `INTERVAL '4' HOUR` (4 hours).
`keep_compliance`	This setting prevents someone from using `RMAN CHANGE` command to shrink the "keep until time" specified for an archival backup. `YES` means the "keep until time" for an archival backup may not be modified by the `RMAN CHANGE` command. If `KEEP_COMPLIANCE` is active, `KEEP FOREVER` backups will never be deleted. `NO` means the "keep until time" for an archival backup may be modified by the `RMAN CHANGE` command. `NO` is the default.
`comments`	Optional user supplied comment describing reason for executing this command.
`max_reserved_space`	This parameter is the maximum `disk_reserved_space` permitted for each database individually that is supported by the protection policy The format of this value is a character string that must contain a number consisting only of the characters `0-9`, followed optionally by one of the following unit specifiers: K: Kilobytes M: Megabytes G: Gigabytes T: Terabytes If no unit is specified, then Recovery Appliance interprets the value as a number of bytes. If `max_reserved_space` is specified as NULL, the `disk_reserved_space` setting for the databases will not be contrained except by the restriction tha the sum of the reserved spaces for all databases must fit within the storage location.
`secure_mode`	Determines whether backups stored on the Recovery Appliance must be encrypted. `YES` means that only encrypted backup and redo are accepted by the Recovery Appliance. `NO` means unencrypted backups are allowed to be stored on the Recovery Appliance. `NO` is the default.
`level0_refresh`	If specified, the Recovery Appliance chooses some number of data files from each backup to be level 0 backups. This spreads the creation of new level 0 backup data across the `level0_refresh` interval. Its purpose is to limit the number of encryption keys needed to maintain virtual level 0 backups. Specify the refresh cycle as any valid `INTERVAL DAY TO SECOND` expression, such as `INTERVAL '20' DAY` (20 days).