Home > Blogs > VMware PowerCLI Blog

Automating File-Based Backups of vCenter Server Appliance

Did you know the vCenter Server Appliance (VCSA) has file-based backup options?

This ability was actually released in vSphere 6.5. However, there was one feature in particular that was missing: a scheduler. I’m happy to say that as part of vSphere 6.7, the VCSA received a backup scheduler!

Recently, my teammate, Emad Younis released a couple cool walkthroughs to the vSphere Central site to manage file-based backup and restore actions. Under the covers, both of these actions are served up by vSphere’s RESTful APIs and therefore PowerCLI can also be used to automate these actions! One other benefit of using the API, you don’t have to hand out the root credentials. Users with the ‘SystemConfiguration.Administrators’ permission are able to perform all of the following tasks through the API and PowerCLI!

To perform a file-based backup with PowerCLI, we’ll need to make use of the CIS module. Since the CIS module is a low-level module, let’s see a couple examples of this in action.

Create a File-Based Backup

Let’s first start with the process to perform a backup.

First step, log in to the CIS Service for the VCSA:

Next, we need to find the appropriate service to perform a backup:

File-Based Backup Example: Listing CIS Services

Based on the output, we will want the ‘com.vmware.appliance.recovery.backup.job’ service. We will store that into a variable so we can easily interact with that specific service. To see the method we are going to use, take that variable and pipe it to ‘Get-Member’.

File-Based Backup Example - Working with the CIS Service

As part of the respose, we’ll see two important items. First, the ‘create’ method which we’ll use to actually create the backup job. Second, the ‘Help’ property. We can use ‘Help’ to help us form the input for the backup job with the following command:

We can now fill in each of the parameters with information for our environment. There are a couple caveats here. First, the ‘parts’ parameter is expecting an input of an array type. Second, each of the password parameters require a special type in order to be accepted.

Finally, having input all of our information, we can create the backup job!

File-Based Backup Example: Creating Backup Job

We can combine this into a nice script as follows:

Create a Scheduled File-Based Backup

Let’s now take a look at creating a scheduled backup job with PowerCLI.

Following a similar process to the last task, we will want to use one of the services we found previously called: com.vmware.appliance.recovery.backup.schedules

This time, we see two inputs are required. First, the schedule ID. Second, the specification which is similar to the prior example. The ‘Help’ property will be quite useful to create both specifications.

Much like the prior example, this one too has some caveats. The Schedule ID input can be a string of your choosing. For reference, performing this process in the UI creates a default ID of ‘default’. The scheduling recurrence configuration can be done in many ways through the ‘days’ property. If a daily backup is desired, there’s no need for any input and it can be left ‘unset’. If a specific day/s are desired, the input has to be of an array type.

Here’s a script which can be used to create a scheduled file-based backup:

Afterwards, if you log into the VCSA Appliance Management Interface (VAMI), your backup schedule should look much like the following:
File-Based Backup Example: Creating a Backup Schedule


The ability to create file-based backups of your vCenter Server is a function that is only available to the VCSA. This function is made possible by a set of RESTful APIs which PowerCLI can also consume, with the additional benefit of not being reliant on the root account! This blog post walked through examples of creating a file-based backup job and creating a scheduled file-based backup job.

More information about VCSA file-based backup can be found on the vSphere Central site: vCenter Server Appliance 6.7 File-Based Backup

Let us know in the comments how you’re automating your VCSA backups!

This entry was posted in vCenter and tagged , , , on by .
Kyle Ruddy

About Kyle Ruddy

Kyle Ruddy is a Senior Technical Marketing Architect working for VMware R&D in the Cloud Platform Business Unit. Kyle currently focuses on vSphere and VMware Cloud on AWS automation and the associated automation frameworks including all things API, CLI, and SDK. Kyle is also a Microsoft MVP and long-term vExpert whom can be found blogging on VMware blogs, http://blogs.vmware.com/vSphere and http://blogs.vmware.com/PowerCLI, and his personal blog, https://www.kmruddy.com. His Twitter: @kmruddy

13 thoughts on “Automating File-Based Backups of vCenter Server Appliance

  1. Pingback: Automating File-Based Backups of vCenter Server Appliance – VMPRO.AT – all about virtualization

  2. Login Blog

    Check it out all details login information fidn out here.

  3. iCustomerSurvey.Com

    Check it out all customer survey details online from here.

  4. Joe

    Will the scheduler by added to VCSA 6.5?

  5. Olivier Dumas

    Is it possible to restrict the permissions of the user that connects to the REST API to limit the actions that the script will be allowed to do (ie only allow backup API calls on /rest/appliance/recovery/backup/*)

  6. Doug Young

    I guess I’m wondering why you wouldn’t just use a scheduled snapshot to protect the VCSA? Can you explain this use case?

    1. Kyle RuddyKyle Ruddy Post author

      Snapshots alone aren’t adequate enough protection to be considered a backup.

      Some examples:
      Snapshots have a dependency on the current storage system. If you lose the storage, you lose the VM and the snapshots too.
      Snapshots have a dependency on the current set of VMDKs. If there’s corruption at the VM disk level, you’ll also lose the VM and the snapshots too.
      Snapshots log changes to the disk and therefore have an impact on performance, especially if you keep them for long periods of time or maintain multiple snapshots.
      Snapshots lock certain changes to a VM, example: disk size. If you have a VM with an active snapshot, you can’t increase any disk space for that VM.

  7. Digihunt

    really help in taking VCSA backup

  8. Marie

    i am getting this error when I execute the script. I used administrator@vsphere.local account to connect to vcsa Please help.

    A server error occurred: ‘com.vmware.vapi.std.errors.unauthorized’: Unable to
    authorize user (Server error id: ‘vapi.security.authorization.invalid’). Check
    $Error[0].Exception.ServerError for more details.
    At D:\vmware\vcsa\vcsabackup\backupjob.ps1:22 char:1
    + $backupJobSvc.create($backupSpec)
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : OperationStopped: (:) [], CisServerException
    + FullyQualifiedErrorId : VMware.VimAutomation.Cis.Core.Types.V1.CisServer

  9. Ayoub

    Hello Kyle ,

    please is this script can be used to backup the vcsa with external PSC ?

  10. Mark Shannon


    i also have the below since upgrades:-

    A server error occurred: ‘com.vmware.vapi.std.errors.unauthorized’: Unable to
    authorize user (Server error id: ‘vapi.security.authorization.invalid’).

    any fixes?

    1. Kyle RuddyKyle Ruddy Post author

      There’s two options:
      Option 1 – Update
      The most recent update of vSphere 6.5 and vSphere 6.7 Update 1 both have the update to correct this issue.

      Option 2 – Workaround
      Restart the applmgmt service and try again: service-control –stop applmgmt, service-control –start applmgmt
      Restart the vAPI endpoint service and try again: service-control –stop vmware-vapi-endpoint, service-control –start vmware-vapi-endpoint
      Restart the VCSA and try again


Leave a Reply

Your email address will not be published. Required fields are marked *