We are running Vault open source with a Consul backend. I am setting up an automated backup and restore function leveraging Consul snapshots.
I’m trying to determine the minimum privileges a consul token requires to be able to run “consul snapshot” commands. The documentation refers to a “management” token, does this mean that any token used to manage snapshots needs the same rights as the built in “global-management” policy?
This seems like overkill, if that’s not the case is there documentation on the minimum rights needed to manage snapshots?