Share Backblaze API Key Permission Items

After reading various posts about utilizing two different API keys to enhance the security posture of the data being put in Backblaze, one for backup and one for pruning, with the general idea that the key for backup does not have delete/modify permission, I want to implement something similar. However, I’m hesitant to do this in the blind and thought perhaps someone who has done this can share the API permission items associated to the two keys such that they work as intended, with the bare minimum required permission. There are so many permission items to associate to and I am not certain what other permissions are needed by Duplicacy that I may not be aware of. TIA.

Yep, got the cli tool up and running (i.e. authorize-account). I just needed the list of permissions to use for the two keys. You provided what I need. Thanks.