Adding an R-Cloud module

To be able to protect SaaS application data, you must add an R-Cloud module to which the SaaS application is related as a source to R‑Cloud.

Staging target

If the R-Cloud module that you plan to add to R‑Cloud supports storing data on a staging target, as part of adding an R-Cloud module, you also add an Amazon S3 bucket, a Google Cloud bucket, or an S3 compatible bucket to R‑Cloud as a staging target. The staging target is used either to temporarily store SaaS application data before it is moved to the target that you define in the R‑Cloud policy, or to store SaaS application data as a snapshot. For information on whether your R-Cloud module supports staging targets, see Protecting SaaS applications.

Prerequisites

  • Only if you plan to add your R-Cloud module to a protection set other than the default one. The protection set must be created. For instructions, see Creating protection sets.

  • Only if your R-Cloud module supports storing data on a staging target. The staging target that you plan to add to R‑Cloud must be created in Amazon S3 or Google Cloud Storage.

  • Only if your R-Cloud module supports OAuth 2.0 and you want to use it to access the SaaS application data. The OAuth 2.0 application credentials must be available to R‑Cloud. You can use the global OAuth 2.0 application credentials that R‑Cloud generates automatically for you and adds them to R‑Cloud, or the custom OAuth 2.0 application credentials that you need to add to R‑Cloud yourself.

    You can add the custom OAuth 2.0 application credentials as part of adding an R-Cloud module, or use the ones that you already added as part of adding a cloud account to R‑Cloud. For details, see Adding OAuth 2.0 application credentials.

Limitations

Only if your R-Cloud module supports storing data on a staging target. When adding a staging target to R‑Cloud, the following limitations apply:

  • Targets that are specified in any of the R‑Cloud policies cannot be used as staging targets.

  • Targets with Object Lock (WORM) enabled cannot be used as staging targets.

  • Automatically created staging targets are created only in Google Cloud Storage.

  • The staging target that you add to R‑Cloud when adding an R-Cloud module and the target that is defined in the policy assigned to the related SaaS application must reside on the same cloud platform.

Considerations

Only if your R-Cloud module supports storing data on a staging target. When adding a staging target to R‑Cloud, consider the following:

  • The staging target must be dedicated exclusively to SaaS application backups.

  • Data belonging to different R-Cloud modules cannot be stored on the same staging target (one staging target per R-Cloud module).

  • If you use an automatically created staging target, the HMSA must be configured to perform all operations on the target specified in the policy that is assigned to the related SaaS application. Alternatively, the same cloud account must be configured to perform all operations on both targets (the staging target and the target specified in the policy that is assigned to the related SaaS application).

  • To access the Sources dialog box from the toolbar, click  Administration, and then select Sources.

  • To access the Sources dialog box from R-Graph, in an empty R-Graph with no sources configured, click Set Up Source.

You can also add sources directly from the Marketplace panel by clicking Configure in the product details page, bypassing the initial Sources dialog box.

Procedure

  1. Not applicable if you are redirected from the Marketplace panel. In the Sources dialog box, click the SaaS tab, and then click New New.

  2. From the R‑Cloud Module drop-down menu, select the R-Cloud module that you want to add to R‑Cloud.

  3. In the Display Name field, enter a display name for the R-Cloud module.

  4. From the Protection Set drop-down menu, select the protection set to which you want to add the R-Cloud module. By default, the R-Cloud module is added to the currently selected protection set.

  5. Only if your R-Cloud module supports storing data on a staging target. From the Staging Target drop-down menu, select the staging target that you want to use for storing the data.

    If your R-Cloud module supports automatically created targets and you want your staging target to be selected automatically, make sure to select the Automatically selected option. In this case, R‑Cloud creates a staging target and uses it to temporarily store the data.

  6. Depending on whether your R-Cloud module supports OAuth 2.0, select the preferred authentication type, and then provide the required authentication information:

    • If your R-Cloud module supports OAuth 2.0 and you want to use it to access the SaaS application data:

      1. From the Authentication Type drop-down menu, select one of the following authentication types:

        Authentication type Description
        OAuth 2.0 - authorization code

        Your application authorization code and the client credentials are exchanged for an access token that must be refreshed periodically or when the R-Cloud module configuration changes.

        OAuth 2.0 - authorization code with certificate Your application authorization code and the certificate are exchanged for an access token that must be refreshed periodically or when the R-Cloud module configuration changes.
        OAuth 2.0 - client credentials Your application credentials are exchanged for an access token.
        OAuth 2.0 - client credentials with certificate

        Your application certificate is used for acquiring an access token.
        OAuth 2.0 - pre-approved client credentials Your application credentials are exchanged for an access token without the need to grant consent.
        OAuth 2.0 - pre-approved client credentials with certificate

        Your application certificate is used for acquiring an access token without the need to grant consent.

      2. From the Application Credentials drop-down menu, select the OAuth 2.0 application credentials that you want to add to R‑Cloud. If such OAuth 2.0 application credentials are not already added to R‑Cloud, you can add them as follows:

        1. In the drop-down menu, click Add Add New. You are automatically redirected to the Add OAuth 2.0 Application Credentials dialog box.

        2. In the Name field, enter a name for your OAuth 2.0 application credentials.

        3. From the Protection Set drop-down menu, select the protection set to which you want to add the OAuth 2.0 application credentials. By default, the OAuth 2.0 application credentials are added to the currently selected protection set.

        4. From the Application Platform drop-down menu, select the platform that hosts your registered application.

        5. In the Client ID field, enter the client ID of the registered application.

        6. From the Authentication Method drop-down menu, select one of the following authentication methods, and then do as requested:

          Authentication method Instructions
          Client Secret Enter the client secret of the registered application.
          Certificate

          1. Browse and upload the client private key.

          2. Only if the private key is encrypted. Enter the private key passphrase.

        7. Click Save.

      3. Specify the requested authentication information.

      4. Click Grant Access to grant access to the registered application. You are redirected to the platform that hosts your registered application.

    • If your R-Cloud module does not support OAuth 2.0: Select your authentication type, and then specify the requested authentication information, such as the organization name, the user name, API tokens, the preferred service account, and so on.

  7. Click Save.

The R-Cloud module is added to the list of sources.

You can later do the following:

  • Edit any of the existing R-Cloud modules (click Edit Edit and make the required modifications).

  • Delete the R-Cloud modules that you do not need anymore (click Delete Delete). Before deleting an R-Cloud module, make sure that the following prerequisites are met:

    • The policy must be unassigned from the SaaS application related to the R-Cloud module. To unassign the policy from the SaaS application, in the SaaS panel, select the application, and then click Set Policy Set Policy. Click Unassign, and then click Yes to confirm that you want to unassign the policy from the selected SaaS application.

    • No restore points may be present for the SaaS application related to the R-Cloud module. If the SaaS application still has valid restore points, you must expire them manually and wait for the next retention maintenance task to finish before removing the R-Cloud module. For details on how to expire restore points, see Expiring backups manually.

    • No tasks with the Ready status or a progress bar indicating the Running status may be present for the SaaS application related to the R-Cloud module.