We’re using Vault open source at the moment. Could you tell me what permissions we need to grant a user that will be used to backup the cluster / system?
and any best practices here will be highly appreciated
What sort of Vault backup are you doing? If you’re using consul or integrated storage the backup happens externally and a token is not required since you’re not decrypting the data, just backing up the encrypted data.