Supported Validations#

The following table contains all the supported validations for each Privacera service:

Service Name	Validation Type	Checks
Privacera Portal tag : portal	pre_check	Validate External Database Properties
		Validate Properties for OKTA Login
		Validate Properties for LDAP Login
		Validate Properties for AAD Login
		Validate Properties for Portal SSL
		Check Portal padmin user password strength
	pre_validation	Check if external MySQL database is reachable
		Check if external Postgres database is reachable
		Check if LDAP server is reachable
	service_check	Check if the portal is accessible
	security_check	Check if all portal password property values are secured with JCEKS keystore
	security_check	Verify Privacera Portal SSL Certificate

Ranger tag : ranger	pre_check	Validate External Database Properties
		Validate Properties for Ranger SSL
		Check Ranger passwords strength
	pre_validation	Check if external MySQL database is reachable
	pre_validation	Check if external Postgres database is reachable
	service_check	Check if ranger admin is accessible
	security_check	Check if all ranger password property values are secured with JCEKS keystore
	security_check	Verify Ranger Admin SSL Certificate

Solr tag : solr	pre_check	Validate Properties for Solr Auth
	pre_check	Check Solr auth user password strength
	service_check	Check if Solr is accessible
	service_validation	Check if Solr Service is Functional
	security_check	Verify Solr SSL Certificate

Zookeeper tag : zookeeper	service_check	Check if the Zookeeper container is running

MariaDB tag : mariadb	pre_check	Check MariaDB root user password strength

Audit Fluentd tag : audit-fluentd	pre_check	Validate audit-fluentd aws s3 properties
	pre_check	Validate audit-fluentd azure properties
	service_check	Check if audit-fluentd is accessible

Audit Server tag : auditserver	pre_check	Validate AuditServer basic authentication properties
	pre_check	Check AuditServer basic authetication password strength
	service_check	Check if auditserver is accessible
	security_check	Check if all auditserver password property values are secured with JCEKS keystore

Crypto tag : crypto	service_validation	Check if Crypto is Functional

Dataserver tag : dataserver	pre_check	Validate Properties for Azure Cloud
		Validate Properties for Shared Key Azure Cloud
		Validate Properties for GCP Cloud
		Validate Properties s3 Endpoint
		Validate Properties databricks scala
		Validate Properties For SSL
		Check strength of dataserver related passwords
	pre_validation	Check if able to connect to s3 using IAM role
		Check if able to connect to s3 using keys
		Check if able to connect to s3 http endpoint
		Check if able to connect to s3 https endpoint
		Check if able to connect to adls gen2 shared_key_pairs
		Check if able to connect to adls gen2 storage
		Check if able to connect to gcp
	service_check	Check if non-ssl dataserver is accessible
	service_check	Check if ssl dataserver is accessible
	service_validation	Check if S3 Service is Functional with Dataserver
		Check if DynamoDB Service is Functional with Dataserver
		Check if Glue Service is Functional with Dataserver
		Check if Kinesis Service is Functional with Dataserver
		Check if Lambda Service is Functional with Dataserver
	security_check	Check if all dataserver password property values are secured with JCEKS keystore
	security_check	Verify Dataserver SSL Certificate

Discovery tag : discovery	pre_check	Validate Properties for External Database
		Validate Properties for AWS Resources
		Validate Properties for Azure Resources with terraform disabled
		Validate Properties for Azure Resources with Terraform enabled
		Validate Properties for GCP Resources
		Validate Properties for Discovery kubernetes
		Validate Properties for Discovery real time scan
		Validate Properties for Discovery Databricks
		Validate Properties for Discovery Databricks with managed script
		Validate Properties for Discovery Databricks Plugin
	pre_validation	Check if external mysql database is reachable
	pre_validation	Check if external postgres database is reachable
	service_check	Check if discovery container is running
	service_validation	Check if Discovery S3 Scanning is Functional

Grafana tag : grafana	service_check	Check if grafana container is running

Graphite tag : graphite	service_check	Check if graphite container is running

Kafka tag : kafka	service_check	Check if kafka container is running

PEG tag : peg	pre_check	Validate Credentials for PEG to Privacera Portal Communication
		Validate PEG Basic Auth Properties
		Validate PEG Host Name
		Check PEG basic auth password strength
	service_check	Check if PEG is accessible
	service_validation	Check if PEG is Functional
	security_check	Check if PEG Privacera Portal password property values are secured with JCEKS keystore
	security_check	Verify PEG SSL Certificate

Pkafka tag : pkafka	service_check	Check if pkafka container is running

PolicySync tag : policysync	service_check	Check if policysync container is running

Ranger KMS tag : kms	pre_check	Validate Ranger KMS Master Key password property
		Validate Ranger KMS Host Name
		Check Ranger KMS Master key password strength
	service_check	Check if ranger kms container is running
	security_check	Check Master key password used in Ranger KMS is stored in secure JCEKS keystore
	security_check	Verify Ranger KMS SSL Certificate

Ranger Usersync tag : usersync	pre_check	Validate Properties for LDAP Usersync
		Validate Properties for AAD Usersync
		Validate Properties for LDAP SSL Usersync
		Check strength of usersync passwords
	pre_validation	Check if ldap server is reachable
	service_check	Check if ranger usersync container is running
	security_check	Check if all ranger usersync password property values are secured with JCEKS keystore