FAQ - What user roles are required to backup and restore Aerospike namespaces?
With the Security option in Aerospike Enterprise Edition it is possible to create a granular privilege structure of users and roles. When this is in place, what roles would be required to backup and restore Aerospike namespaces using the asbackup and _asrestore utilities?
A backup is effectively a read of the namespace, only the read permission is required even if the namespace contains Secondary Indexes or UDFs.
The restore process is more complex in that it is a write of the data in the backup file to the cluster. For this reason, the permissions required are those required to create the objects in question. The user executing asrestore should have the following roles.
- read-write-udf to allow creation of UDFs
- data-admin to allow creation of Secondary Indexes
If either UDFs or Secondary Indexes or both are not required the roles can be omitted though subsequent restores may fail if those objects are added to the source cluster.
- Details on asbackup and asrestore
- Details on Aerospike security
BACKUP RESTORE PERMISSIONS ROLES SECURITY FAILED ERROR
23rd August 2016