The most visible contents of iCloud are documents that we save to our own folders in iCloud Drive, and those saved by apps in their folders which are also shared there. What are less obvious but often even more important are shared databases, including those used by apps like Contacts and Notes, as well as those which are specially protected like Keychain. This article looks at what we can do to ensure the contents of those databases are also kept locally, in backups and archives. This is one of the most difficult areas in iCloud, so I won’t be surprised if this article improves following your comments.
How iCloud databases work
Although Apple doesn’t appear to explain how its own apps manage data which is shared in iCloud, this is assumed to be largely the same as those operated by third-parties. When a local app changes the contents of its database, this occurs first in a local Core Data store. A background system task running locally then converts that change from a Managed Object to a CloudKit Record, which is uploaded to CloudKit in iCloud and makes that change to the data held there.
Periodically, CloudKit in iCloud sends push notifications to other Macs and devices connected to that iCloud account. From those, a background system task running locally downloads all changed CloudKit records, converts them to Managed Objects, and those are saved to the local Core Data stores. That enables the local copy of that app to update its display of the data.
This means that, for each database held in iCloud, there should be a local Core Data store. If that’s in a location which is included in your backups, then your backups should include changes made to that database. If half the records in it were accidentally deleted, then it should be possible to restore an earlier copy of that database and recover the missing records.
Unfortunately, it may not work like that, given that the master copy of that database is held in iCloud. Replacing the current local copy with an older version won’t necessarily generate the CloudKit records required to restore those records to the database in iCloud. Indeed, it may lead to lasting discrepancies between different devices apparently connected to the same iCloud database, something that isn’t an uncommon problem for users, which can sometimes be fixed by forcing a full resync.
One technique which can be successful is to disconnect that Mac or device from its iCloud database, restore the older version of the database, export all contents which you want to recover, and reconnect. Once the local and iCloud databases have resynced fully, you may then be able to import any contents which are still missing, and sync that up to iCloud.
Back up your devices?
Currently, macOS can’t back up to iCloud or another Mac in the same way that iOS and iPadOS devices can. iPhones and iPads have the ability to make backups to both destinations which can then be restored, with their iCloud software handling resynchronisation. The snag with this strategy is that, once restored, databases will then be resynced with iCloud, and the changes made to iCloud databases could then be reapplied, leaving you no better off.
Apple also states that device backups don’t include much of the data which are already stored in iCloud. In particular, backups to iCloud exclude:
- “Data that’s already stored in iCloud, such as Contacts, Calendars, Notes, iCloud Photos, iMessages, Voice Memos, text (SMS) and multimedia (MMS) messages, and Health data”;
- Apple Mail data.
Those to a Mac exclude:
- “Content synced from Finder or iTunes, such as imported MP3s or CDs, videos, books, and photos”;
- “Data already stored in iCloud, such as iCloud Photos, iMessages, and text (SMS) and multimedia (MMS) messages”;
- Apple Mail data;
- Keychain data, unless the backup is encrypted.
However, during a restore from a backup on a Mac, it claims to include “contacts, calendars, notes and text messages”, which appears to contradict what is stated above.
If making a backup appears unreliable, or restoring from it seems unlikely to help, another alternative is to archive all important contents of shared databases.
In general, apps which access iCloud databases don’t include global export commands. This means that the only way to export their contents to be saved in an archive or backup is to select the items you want to export, then use an Export command to save them as individual records. For example, in Photos you select all the photos and videos you want to archive, and use the Export command in the File menu.
In Mail, you’ll need to create a mailbox for the purpose, and set its location to be local to your Mac. Then select the messages you want to move there, and finally move or copy them to that archive mailbox.
Contacts supports export of the whole database. To do that, select the Export > Contacts Archive command in the File menu. Calendar’s Export command also exports whole calendars of your choice.
Keychains have been the most tedious to export, but recent changes have made it much easier to archive passwords. You can do this from the Passwords pane, the Passwords section in Safari’s Preferences, or directly using the Export > Passwords… command in Safari’s File menu. Certificates have to be exported separately, and although that can be done with multiple certificates, each has to be individually authenticated.
The contents of iCloud databases aren’t straightforward to back up in a way that enables you to restore them effectively. While most backup utilities should make copies of their local databases, should you wish to restore from a backup, the result often isn’t what you’d expect. Where they contain important contents, you’re best off exporting those and keeping a safe local copy. Otherwise, you’ll just have to trust the copy in iCloud to remain undamaged and intact.