How to back up and archive iCloud data

The most visible contents of iCloud are documents that we save to our own folders in iCloud Drive, and those saved by apps in their folders which are also shared there. What are less obvious but often even more important are shared databases, including those used by apps like Contacts and Notes, as well as those which are specially protected like Keychain. This article looks at what we can do to ensure the contents of those databases are also kept locally, in backups and archives. This is one of the most difficult areas in iCloud, so I won’t be surprised if this article improves following your comments.

How iCloud databases work

Although Apple doesn’t appear to explain how its own apps manage data which is shared in iCloud, this is assumed to be largely the same as those operated by third-parties. When a local app changes the contents of its database, this occurs first in a local Core Data store. A background system task running locally then converts that change from a Managed Object to a CloudKit Record, which is uploaded to CloudKit in iCloud and makes that change to the data held there.

Periodically, CloudKit in iCloud sends push notifications to other Macs and devices connected to that iCloud account. From those, a background system task running locally downloads all changed CloudKit records, converts them to Managed Objects, and those are saved to the local Core Data stores. That enables the local copy of that app to update its display of the data.

This means that, for each database held in iCloud, there should be a local Core Data store. If that’s in a location which is included in your backups, then your backups should include changes made to that database. If half the records in it were accidentally deleted, then it should be possible to restore an earlier copy of that database and recover the missing records.

Unfortunately, it may not work like that, given that the master copy of that database is held in iCloud. Replacing the current local copy with an older version won’t necessarily generate the CloudKit records required to restore those records to the database in iCloud. Indeed, it may lead to lasting discrepancies between different devices apparently connected to the same iCloud database, something that isn’t an uncommon problem for users, which can sometimes be fixed by forcing a full resync.

One technique which can be successful is to disconnect that Mac or device from its iCloud database, restore the older version of the database, export all contents which you want to recover, and reconnect. Once the local and iCloud databases have resynced fully, you may then be able to import any contents which are still missing, and sync that up to iCloud.

Back up your devices?

Currently, macOS can’t back up to iCloud or another Mac in the same way that iOS and iPadOS devices can. iPhones and iPads have the ability to make backups to both destinations which can then be restored, with their iCloud software handling resynchronisation. The snag with this strategy is that, once restored, databases will then be resynced with iCloud, and the changes made to iCloud databases could then be reapplied, leaving you no better off.

Apple also states that device backups don’t include much of the data which are already stored in iCloud. In particular, backups to iCloud exclude:

“Data that’s already stored in iCloud, such as Contacts, Calendars, Notes, iCloud Photos, iMessages, Voice Memos, text (SMS) and multimedia (MMS) messages, and Health data”;
Apple Mail data.

Those to a Mac exclude:

“Content synced from Finder or iTunes, such as imported MP3s or CDs, videos, books, and photos”;
“Data already stored in iCloud, such as iCloud Photos, iMessages, and text (SMS) and multimedia (MMS) messages”;
Apple Mail data;
Keychain data, unless the backup is encrypted.

However, during a restore from a backup on a Mac, it claims to include “contacts, calendars, notes and text messages”, which appears to contradict what is stated above.

Archiving content

If making a backup appears unreliable, or restoring from it seems unlikely to help, another alternative is to archive all important contents of shared databases.

In general, apps which access iCloud databases don’t include global export commands. This means that the only way to export their contents to be saved in an archive or backup is to select the items you want to export, then use an Export command to save them as individual records. For example, in Photos you select all the photos and videos you want to archive, and use the Export command in the File menu.

In Mail, you’ll need to create a mailbox for the purpose, and set its location to be local to your Mac. Then select the messages you want to move there, and finally move or copy them to that archive mailbox.

Contacts supports export of the whole database. To do that, select the Export > Contacts Archive command in the File menu. Calendar’s Export command also exports whole calendars of your choice.

Keychains have been the most tedious to export, but recent changes have made it much easier to archive passwords. You can do this from the Passwords pane, the Passwords section in Safari’s Preferences, or directly using the Export > Passwords… command in Safari’s File menu. Certificates have to be exported separately, and although that can be done with multiple certificates, each has to be individually authenticated.

Conclusions

The contents of iCloud databases aren’t straightforward to back up in a way that enables you to restore them effectively. While most backup utilities should make copies of their local databases, should you wish to restore from a backup, the result often isn’t what you’d expect. Where they contain important contents, you’re best off exporting those and keeping a safe local copy. Otherwise, you’ll just have to trust the copy in iCloud to remain undamaged and intact.

Further reading

Can you back up iCloud documents?
Securing your data in iCloud

Archiving and copying from iCloud (Apple)

15Comments

Add yours

1

Giles Roditi on March 7, 2022 at 8:33 am

Thank you for clear guidance, appreciate the work you do.

LikeLiked by 1 person
2

bwillius on March 7, 2022 at 8:33 am

Using an archive mailbox for email is better than nothing. But there are my app and some competitors to archive email.

Most users have a lot of mailboxes. They love their mailbox structure. With the single archive mailbox the structure is gone.

You need to move the emails manually to the archive mailbox. Rules only work on the Inbox.

A normal backup is not a good idea for emails. You make a backup. You get lots of emails during the day. Then the computer dies and you restore from backup. You lose the emails of the day.

An archive app can either archive directly from Mail or from iCloud with an application specific password. The mailboxes are kept. It’s not necessary to move the emails out of iCloud. I don’t think my competitors can restore email but Mail Archiver can do that.

LikeLiked by 1 person
- 3
  
  hoakley on March 7, 2022 at 8:36 am
  
  Thank you. You’re very welcome to provide a link if you wish.
  Howard
  
  LikeLike
  - 4
    
    bwillius on March 7, 2022 at 9:11 am
    
    My application Mail Archiver X is available at https://www.mothsoftware.com .
    
    LikeLiked by 1 person
    - 5
      
      hoakley on March 7, 2022 at 9:45 am
      
      Thank you – that’s very helpful.
      Howard.
      
      LikeLike
6

fds on March 7, 2022 at 1:25 pm

For sporadic manual backups, it’s worth mentioning the “Get a copy of your data” option on Apple’s Apple ID Privacy page: https://privacy.apple.com
I do it every year for some extra peace of mind.

In regards to the confusing and seemingly contradictory wording on when “contacts, calendars, notes and text messages” are included in a backup or restore: they are included if you don’t have live iCloud syncing/storage turned on for that specific feature, and are skipped otherwise.

LikeLiked by 1 person
- 7
  
  hoakley on March 7, 2022 at 1:39 pm
  
  Thank you.
  I’m afraid that the data dump you get from that service is in no way a backup or archive, although many users seem to like the ability to obtain all their data in this way.
  Regarding the shared data, that is consistent with Apple’s support article: if you put that database in iCloud, then it can’t be backed up. Which makes it impossible to back up what you have stored in iCloud, which is the point of this article. If you were inadvertently to delete half the records, then there’s no way to restore the unedited database, which is a serious failure, and exactly why users make local backups.
  Howard.
  
  LikeLike
  - 8
    
    fds on March 7, 2022 at 3:53 pm
    
    For many categories of data, where standardized exchange formats are widely used, Apple’s export service makes absolutely fine archives. Your iCloud mail is exported as standard .mbox files, Contacts as vCards, Calendar entries as .ics, and so on. Essentially the same as what you would get by going through all those apps manually, only a whole lot more convenient requiring only ticking a couple checkboxes, and getting it all delivered as a timestamped archive ready to be backed up.
    
    LikeLiked by 1 person
    - 9
      
      hoakley on March 7, 2022 at 6:43 pm
      
      If you’re happy to back up once a year, then fine. My Mac backs up twice an hour, with additional nightly backups. You can hardly use that feature – which isn’t intended for that purpose anyway – to make backups, and even as an archive it’s much too infrequent for Calendar, Mail, and pretty well everything else.
      Howard.
      
      LikeLike
10

Bob Gerard on March 7, 2022 at 1:42 pm

Your posts always humble me. I think I know what I am doing and suddenly one of your pieces pops up in my RSS feed and I realize that I barely understand what I thought I understood. I am twice-retired, help about 40 seniors in an aging-in-place community, and have been advising them – if they have room on their internal HD – to go to Sys Prefs > iCloud > and be sure the box is checked for [Optimize Mac Storage]. Do that, I told them, and you will be fine. Now I see it may be a case of : do that and you have the best chance of being fine.

LikeLiked by 1 person
- 11
  
  hoakley on March 7, 2022 at 1:44 pm
  
  Thank you. Like so many things, it has its benefits and a downside.
  Howard.
  
  LikeLike
12

Zak on March 8, 2022 at 8:33 am

There seems no obvious way to backup Notes in bulk..

LikeLiked by 1 person
- 13
  
  hoakley on March 8, 2022 at 9:42 pm
  
  Thank you. I believe that’s correct.
  Howard.
  
  LikeLike
14

Maurizio on March 13, 2022 at 12:31 pm

i usually backup the sql db inside both path. i was able to restore notes from time machines restoring previous version of that db

The path to where Notes are stored locally on the Mac is as follows:

~/Library/Group Containers/group.com.apple.notes/

For iCloud Notes, you may look at the following location:

~/Library/Containers/com.apple.Notes/

ps: are keychains db local item linked to the uid ?

LikeLiked by 1 person
- 15
  
  hoakley on March 13, 2022 at 6:15 pm
  
  Thank you.
  Unfortunately, although this has worked well in the past, Apple obfuscates the locations increasingly, and the data often sprawls outside the databases. The upshot is that it can’t be relied upon, which is a fundamental requirement for backups. This has become a last-ditch measure to try when all else fails.
  You can try this with the keychain DB too. I prefer to take the keychain offline, then ensure it’s backed up, and returned to online afterwards. But I have never tried to restore such a keychain, just used it to copy from.
  Howard.
  
  LikeLike