This page shows you how to resolve issues with Backup and DR Service for resources that are backed up within the backup vault using the backup plan. To find solutions for resources protected using the backup template in the management console, see Event IDs and error messages.
PERMISSION_DENIED issue
The backup job failed due to missing permissions in the source project and the following error message is displayed:
Backup and DR Service agent or backup vault service agent is missing the permissions required to take backups of resources in the source project.
To resolve the issue, do the following:
- If the backup vault and the resource are in the same project,
assign the Backup and DR Service agent (
roles/backupdr.serviceAgent) IAM role to the backup dr service agent, which is in theservice-<project-number>@gcp-sa-backupdr.iam.gserviceaccount.comformat. - If the backup vault and the resource to protect are in different
projects, assign the Compute instance admin (v1) (
roles/compute.instanceAdmin.v1) IAM role to the backup dr service agent, which is in theservice-<project-number>@gcp-sa-backupdr.iam.gserviceaccount.comformat.
FAILED_PRECONDITION issue
The backup job failed when the protected resource was deleted and the following error message is displayed:
Backup job failed due to unmet conditions. Check for source resource deletion or backup misconfigurations.
To resolve this issue, do the following:
Verify that the protected resource still exists from the VM instances page.
If the deletion was intentional, unprotect the Compute Engine instance.