Google cloud storage 403

Matteo_Antolini · January 24, 2023, 1:31pm

I have configured a google cloud storage bucket for my backup.
I successfully created a duplicati configuration and made the first backup. Today, it gives me error 403 while I’m trying to make a new backup. I tried to refresh the authId, but without any luck.

ts678 · January 30, 2023, 4:50pm

Welcome to the forum @Matteo_Antolini

I don’t know why Google Cloud would suddenly do that. Did Test connection on Destination work?
You could also watch About → Show log → Live → Retry to see what sort of operations it was refusing.
Did problem go away by itself since? One can hope…

Matteo_Antolini · January 31, 2023, 7:11am

Hi, yes, the test connection work.
Here are the logs:

System.Net.WebException: Errore del server remoto: (403) Non consentito. //Server error: (403) Unauthorized
   in Duplicati.Library.Main.BackendManager.Delete(String remotename, Int64 size, Boolean synchronous)
   in Duplicati.Library.Main.Operation.FilelistProcessor.RemoteListAnalysis(BackendManager backend, Options options, LocalDatabase database, IBackendWriter log, IEnumerable`1 protectedFiles)
   in Duplicati.Library.Main.Operation.FilelistProcessor.VerifyRemoteList(BackendManager backend, Options options, LocalDatabase database, IBackendWriter log, IEnumerable`1 protectedFiles)
   in Duplicati.Library.Main.Operation.BackupHandler.PreBackupVerify(BackendManager backend, String protectedfile)
   in Duplicati.Library.Main.Operation.BackupHandler.<RunAsync>d__20.MoveNext()
--- Fine traccia dello stack da posizione precedente dove è stata generata l'eccezione --- //End stacktrace 
   in System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   in CoCoL.ChannelExtensions.WaitForTaskOrThrow(Task task)
   in Duplicati.Library.Main.Controller.<>c__DisplayClass14_0.<Backup>b__0(BackupResults result)
   in Duplicati.Library.Main.Controller.RunAction[T](T result, String[]& paths, IFilter& filter, Action`1 method)
   in Duplicati.Library.Main.Controller.Backup(String[] inputsources, IFilter filter)
   in Duplicati.Server.Runner.Run(IRunnerData data, Boolean fromQueue)

As I said, the configuration worked the first time, the second time without changing anything it gives me 403. I think this cloud be related to some read permissions

gpatel-fr · January 31, 2023, 9:40am

That does not point to a read permission…Did you by any chance try to configure your backend to ‘protect against ransomware’ by removing any change permission, to create a write only system ?

Matteo_Antolini · February 6, 2023, 8:11pm

You are right.

I found out the problem was due to a configuration with google cloud bucket.
I had an active retention policy that prevent the deletion of files for a period of time. Disabling this, solved the problem.