You can look at CloudTrail event history around the time when you run the restore to see if any CreateDBInstance call is failing/giving an error. The error code would tell the missing permission.
Please also look at any other API calls around that timestamp to note any additional API calls which gave an error.
AWS Backup - AWS OrganizationsAccepted Answerasked 7 months ago
Correct permissions to Restore an Aurora Backup from AWS Backup with KMSasked 7 months ago
Aws backup for documentdbasked a year ago
Amazon Aurora cross-account and cross-region backupasked 7 months ago
Using AWS backup service for DB backupasked 2 months ago
Babelfish backup and recovery optionsasked 5 months ago
AWS Backup: Backup windowAccepted Answerasked 4 years ago
AWS Backup, backup vault underlying storageasked 2 months ago
AWS Backup and software level backupasked a month ago
S3 AWS Backup with a copy actionasked 6 months ago