We are trying to backup a Couchbase 5.5.2 testing cluster, but the cbbackupmgr backup stops with this error:
2018-10-09T19:06:36.913+02:00 (Plan) Data transfer completed after 6.195562578s
2018-10-09T19:06:36.929+02:00 (Plan) Transfering Eventing metadata
2018-10-09T19:06:36.930+02:00 (Rest) GET http://localhost:8091/pools/default/nodeServices 200
2018-10-09T19:06:36.950+02:00 (Rest) GET http://192.168.55.1:8096/api/v1/export 403
2018-10-09T19:06:36.960+02:00 ERRO: : – plan.(*events).execute() at events.go:43
2018-10-09T19:06:36.960+02:00 (Plan) Transfer plan failed due to error :
2018-10-09T19:06:36.961+02:00 (Cmd) Error backing up cluster: :
It’s seems like the user ‘backup’ with Data Backup & Restored role assigned, has no access to http://192.168.55.1:8096/api/v1/export .
If we assign Full Admin role to ‘backup’ user, then ‘backup’ can access to http://192.168.55.1:8096/api/v1/export
If we assign all roles, except Full Admin, to ‘backup’ user, then ‘backup’ can not access to http://192.168.55.1:8096/api/v1/export
Our Couchbase Eventing service config has no functions running currently.
How can setup security for our backup user to run Couchbase backups, without Full Admin role assigment?