To perform Kubernetes backup and restore operations, permissions must be assigned to user and user groups, and the entities associated with those users and user groups.
|
Operation |
Permission |
Associated entities |
|---|---|---|
|
Backup |
Data Protection/Management Operations |
|
|
Recover guest files and folders to their original location |
In Place Recover |
|
|
Recover full application to its original location |
In Place Full Machine Recovery |
|
|
Recover guest files and folders to a different destination client |
Recover guest files and folders to a different destination client. |
|
|
Recover full application to a location other than the original location |
Out of Place Full Machine Recovery |
|
|
Browse backup content |
Browse |
|
|
Enable unconditional overwrite on restore |
Overwrite on Restore |
|
|
Browse cluster destination volumes |
Live Browse |
|
|
Browse destination access node directory tree |
Live Browse |
|
Use caution if you assign the Live Browse permission to the access nodes because users can browse the entire directory structure on the access nodes.
The users performing the restore must own the Kubernetes client or be associated with it.
To enable users to select an access node for restore, you can create a role that includes the Use Proxy permission, and assign the role and an associated user group to the server/server group that is configured as an access node. For more information, see Granting User Permissions for an Access Node or File Recovery Enabler for Linux.