Supported Validations
The following table contains all the supported validations for each Privacera service:
Service Name |
Validation Type |
Checks |
Privacera Portal tag : portal |
pre_check |
Validate External Database Properties |
Validate Properties for OKTA Login |
||
Validate Properties for LDAP Login |
||
Validate Properties for AAD Login |
||
Validate Properties for Portal SSL |
||
Check Portal padmin user password strength |
||
pre_validation |
Check if external MySQL database is reachable |
|
Check if external Postgres database is reachable |
||
Check if LDAP server is reachable |
||
service_check |
Check if the portal is accessible |
|
security_check |
Check if all portal password property values are secured with JCEKS keystore |
|
Verify Privacera Portal SSL Certificate |
||
Ranger tag : ranger |
pre_check |
Validate External Database Properties |
Validate Properties for Ranger SSL |
||
Check Ranger passwords strength |
||
pre_validation |
Check if external MySQL database is reachable |
|
Check if external Postgres database is reachable |
||
service_check |
Check if ranger admin is accessible |
|
security_check |
Check if all ranger password property values are secured with JCEKS keystore |
|
Verify Ranger Admin SSL Certificate |
||
Solr tag : solr |
pre_check |
Validate Properties for Solr Auth |
Check Solr auth user password strength |
||
service_check |
Check if Solr is accessible |
|
service_validation |
Check if Solr Service is Functional |
|
security_check |
Verify Solr SSL Certificate |
|
Zookeeper tag : zookeeper |
service_check |
Check if the Zookeeper container is running |
MariaDB tag : mariadb |
pre_check |
Check MariaDB root user password strength |
Audit Fluentd tag : audit-fluentd |
pre_check |
Validate audit-fluentd aws s3 properties |
Validate audit-fluentd azure properties |
||
service_check |
Check if audit-fluentd is accessible |
|
Audit Server tag : auditserver |
pre_check |
Validate AuditServer basic authentication properties |
Check AuditServer basic authetication password strength |
||
service_check |
Check if auditserver is accessible |
|
security_check |
Check if all auditserver password property values are secured with JCEKS keystore |
|
Crypto tag : crypto |
service_validation |
Check if Crypto is Functional |
Dataserver tag : dataserver |
pre_check |
Validate Properties for Azure Cloud |
Validate Properties for Shared Key Azure Cloud |
||
Validate Properties for GCP Cloud |
||
Validate Properties s3 Endpoint |
||
Validate Properties databricks scala |
||
Validate Properties For SSL |
||
Check strength of dataserver related passwords |
||
pre_validation |
Check if able to connect to s3 using IAM role |
|
Check if able to connect to s3 using keys |
||
Check if able to connect to s3 http endpoint |
||
Check if able to connect to s3 https endpoint |
||
Check if able to connect to adls gen2 shared_key_pairs |
||
Check if able to connect to adls gen2 storage |
||
Check if able to connect to gcp |
||
service_check |
Check if non-ssl dataserver is accessible |
|
Check if ssl dataserver is accessible |
||
service_validation |
Check if S3 Service is Functional with Dataserver |
|
Check if DynamoDB Service is Functional with Dataserver |
||
Check if Glue Service is Functional with Dataserver |
||
Check if Kinesis Service is Functional with Dataserver |
||
Check if Lambda Service is Functional with Dataserver |
||
security_check |
Check if all dataserver password property values are secured with JCEKS keystore |
|
Verify Dataserver SSL Certificate |
||
Discovery tag : discovery |
pre_check |
Validate Properties for External Database |
Validate Properties for AWS Resources |
||
Validate Properties for Azure Resources with terraform disabled |
||
Validate Properties for Azure Resources with Terraform enabled |
||
Validate Properties for GCP Resources |
||
Validate Properties for Discovery kubernetes |
||
Validate Properties for Discovery real time scan |
||
Validate Properties for Discovery Databricks |
||
Validate Properties for Discovery Databricks with managed script |
||
Validate Properties for Discovery Databricks Plugin |
||
pre_validation |
Check if external mysql database is reachable |
|
Check if external postgres database is reachable |
||
service_check |
Check if discovery container is running |
|
service_validation |
Check if Discovery S3 Scanning is Functional |
|
Grafana tag : grafana |
service_check |
Check if grafana container is running |
Graphite tag : graphite |
service_check |
Check if graphite container is running |
Kafka tag : kafka |
service_check |
Check if kafka container is running |
PEG tag : peg |
pre_check |
Validate Credentials for PEG to Privacera Portal Communication |
Validate PEG Basic Auth Properties |
||
Validate PEG Host Name |
||
Check PEG basic auth password strength |
||
service_check |
Check if PEG is accessible |
|
service_validation |
Check if PEG is Functional |
|
security_check |
Check if PEG Privacera Portal password property values are secured with JCEKS keystore |
|
Verify PEG SSL Certificate |
||
Pkafka tag : pkafka |
service_check |
Check if pkafka container is running |
PolicySync tag : policysync |
service_check |
Check if policysync container is running |
Ranger KMS tag : kms |
pre_check |
Validate Ranger KMS Master Key password property |
Validate Ranger KMS Host Name |
||
Check Ranger KMS Master key password strength |
||
service_check |
Check if ranger kms container is running |
|
security_check |
Check Master key password used in Ranger KMS is stored in secure JCEKS keystore |
|
Verify Ranger KMS SSL Certificate |
||
Ranger Usersync tag : usersync |
pre_check |
Validate Properties for LDAP Usersync |
Validate Properties for AAD Usersync |
||
Validate Properties for LDAP SSL Usersync |
||
Check strength of usersync passwords |
||
pre_validation |
Check if ldap server is reachable |
|
service_check |
Check if ranger usersync container is running |
|
security_check |
Check if all ranger usersync password property values are secured with JCEKS keystore |