Preparing for SaaS application data protection

Before you start protecting your Atlassian Trello data, complete the following steps:

Getting familiar with your SaaS application specifics

Before you start protecting your Atlassian Trello data, you must get familiar with all prerequisites, limitations, considerations, and/or recommendations in this topic to make sure that your module is prepared and configured correctly.

Prerequisites

  • Provide the following information when adding the Trello module as a source in R-Cloud:

    • Display name

    • Protection set

    • AUTH_SETTINGS

    • API key

    • API token

  • Before you add the module to R-Cloud as a source, create the API token and the API key in Trello. For details, see Creating the API token and key.

    The API token must be added to all your Trello workspaces that you plan to protect.

    Note  Trello uses the delegated authentication and authorization flow. As a result, R-Cloud does not have to store or manage the Trello user names and passwords. Instead, R-Cloud passes the control to Trello by identifying itself with an API key and an API token. When Trello allows you to choose an account and sign in, the API key and token give R-Cloud the control over a Trello account.

Limitations

General limitations

  • The Trello members are backed up but cannot be restored. If the members already exist and have an appropriate subscription, they will be assigned to the relevant Trello object during a restore of that object.

  • Data protection is possible for all Trello objects that are accessible by using the API token.

  • The custom Trello fields can be protected only if using a paid subscription plan.

  • The paid features cannot be recovered to a new workspace because the newly created workspace uses the free subscription plan.

  • The restored objects will have a new timestamp and will be created by the token user. The data cannot be restored on behalf of other users.

API rate limitations

The Trello API call rate limitations are the following:

  • For the API token: 100 calls per 10 seconds

  • For the API key: 300 calls per 10 seconds

These limitations may cause the HTTP 429 Too Many Requests errors during the backup and restore procedures.

Creating an API token and key

To create an API token and an API key, follow these steps in Trello to create the API token and key:

  1. Create a new Trello Power-Up. Provide the following information:

    • Power-Up name

    • Workspace name

    • Email address

    • Support email address

    • Author name

    For instructions, see the Trello Power-Ups documentation.

  2. After creating your Power-Up, create a new API key and an API token. For instructions, see the Trello Power-Ups documentation.

  3. After configuring the API token, grant your token the access permissions to your Trello account. For instructions, see the Trello documentation on the API introduction.

Configuring SaaS application data backup options

Before you start protecting SaaS applications, you can adjust SaaS application protection to the needs of your data protection environment by configuring backup options in R‑Cloud.

Important  Configuring backup options is not supported for all types of SaaS applications. Additionally, the list of available backup options varies depending on the type of your SaaS application.

Backup options

Backup option Description
Exclude Resources

Enables you to specify one or more resources to be excluded from the backup.
Options

Enables you to use backup options specific to each SaaS application or SaaS application resource (for example, if you are protecting Google Cloud SQL, you can set the offload option that enables R‑Cloud to delegate the export operation to a separate data mover).
Data Movers

Enables you to specify the source, the region, and the subnet where you want R‑Cloud to create a data mover during the backup. If the specified source is an , you can also select a security group. If the specified source is an Azure resource group, you must select a network.

Important  For the SaaS applications that run in an , in an Azure resource group, or in a Google Cloud project: If you do not configure this backup option, R‑Cloud by default creates the data mover in your , Azure resource group, or Google Cloud project after you set up a target in R‑Cloud or add a source to R‑Cloud.

Prerequisites

  • For Google Cloud SaaS applications: Specifically for the HMSA, R‑Cloud requires additional permissions. For details, see Google Cloud permissions required by R‑Cloud.

  • Only if you plan to configure the data mover and select the Azure resource group as a source for the data mover. The network that you select must allow your Azure service principal or the HMSP to access the specified source and the targets that store the protected data.

  • The data movers must have access to the SaaS applications that you want to protect and to the targets that store the protected data. To ensure this, configure SaaS application backup options so that the data mover uses the appropriate subnet.

    Tip  You can check under which subnet the SaaS applications and the targets are accessible in your cloud provider management console.

Consideration

Only if you plan to store the protected SaaS application data on an Azure target. For security purposes, it is recommended that you configure SaaS application backup options so that R‑Cloud creates the data mover in the Azure resource group to keep the protected data in the same Azure environment during the backup.

Recommendation

If you plan to use targets for storing the protected data, optimize the egress data costs by configuring SaaS application backup options so that the data mover uses the same or the nearest available region as the target.

Note  R‑Cloud performs automatic synchronization of SaaS applications at periodic intervals. However, you can at any time update the list of SaaS applications also manually by clicking Synchronize Refresh.

To access the SaaS panel, in the navigation pane, click SaaS SaaS.

Procedure

  1. In the SaaS panel, select the SaaS application or the resource for which you want to configure backup options.

  2. Click Configuration Configuration. The SaaS Configuration dialog box opens.

  3. Depending on what you want to do, perform the required action:

    I want to... Instructions
    Exclude resources from the backup. On the Exclude Resources tab, select the resources that you want to exclude from the backup.
    Use a backup option specific to my SaaS application or resource. On the Options tab, specify which of the available backup options you want to use and provide the required information.
    Specify the source, the region, the subnet, the network, or the security group for a data mover.

    On the Data Movers tab, do the following:

    1. From the Compute drop-down menu, select the source for the data mover.

      Important  If the type of the source that you select for the data mover differs from the source where the target specified in the R‑Cloud policy resides, this may result in data egress charges.

    2. From the Region drop-down menu, select the preferred region.

    3. For Azure resource groups: From the Network drop-down menu, select the preferred network.

    4. From the Subnet drop-down menu, select the preferred subnet.

    5. For s: Optionally, from the Security Group drop-down menu, select the preferred security group. By default, the data mover is created in the default security group of the preferred subnet.

  4. Click Save.