How to restore from a read-only S3 bucket?

I’m trying to restore to an secondary test cluster (with identical replset name) for the purposes of validating a backup. However, the first thing pbm tries to do with a force-resync is to rewrite .pbm.init in the repository, which it cannot do because it doesn’t have permissions.

I’m going to try doing a very limited IAM role that would allow it to delete/upload JUST that one file, but that seems rather hackish. Is there a proper way to be able to restore from a protected path that I don’t have permission to write to? I see another thread asking a similar question about whether it’s safe to remove that file. (PBM-INIT File safe for removal?)

Based on that thread of it having just a version in it - why does it even have to rewrite that file when it’s got the exact same version as the pbm I’m using to try to do the restore as is on the live production instances?

Interestingly - it also looks like it’s trying to delete/put BUCKET/.pbm.init without the prefix. That seems like a bug.

It does look the limited IAM profile was sufficient to get this to work, though seems like that should not be required. At the bare minimum, consider making it not a requirement to rewrite that file if it has the same content.

Hi @Nathan_Neulinger,
I suggest you open a bug on this at https://jira.percona.com/ as I agree that it shouldn’t need to rewrite a file with the same contents.

PBM-1480 - forgot to add that link yesterday to the forum post.

1 Like