To perform backup and restore operations, Veeam Backup for Salesforce requires the following permissions to be provided.
Salesforce API Integration
Veeam Backup for Salesforce requires to connect to Salesforce organization to perform backup and restore operations for Salesforce resources. The user whose credentials are used to authorize the connection must be assigned full permissions required to read and modify data:
For sandboxes, any managed application needs to be enabled and license provided to the user. For example, High Velocity Sales requires application activation.
Salesforce Connected App
Secure and encrypted connection to Salesforce is established using the Connected App tokens. The Connected App must be assigned the following OAuth scopes:
For more information on OAuth scopes in Salesforce, see Salesforce Documentation. To learn how to create the app, see this Veeam KB article.
Veeam Backup for Salesforce Components
PostgreSQL Database User
Veeam Backup for Salesforce creates databases and database schemas to store Salesforce data and metadata. Therefore, the database user must be granted permissions to create schemas and databases.
Note: If you do not grant the user permissions to create databases, you will have to manually create databases on PostgreSQL servers first, and then add databases to Veeam Backup for Salesforce as described in section Adding Databases, before you create any backup policies.