Skip to content

Supported Validations#

The following table contains all the supported validations for each Privacera service:

Service Name

Validation Type

Checks

Privacera Portal

tag : portal

pre_check

Validate External Database Properties

Validate Properties for OKTA Login

Validate Properties for LDAP Login

Validate Properties for AAD Login

Validate Properties for Portal SSL

Check Portal padmin user password strength

pre_validation

Check if external MySQL database is reachable

Check if external Postgres database is reachable

Check if LDAP server is reachable

service_check

Check if the portal is accessible

security_check

Check if all portal password property values are secured with JCEKS keystore

Verify Privacera Portal SSL Certificate

 

Ranger

tag : ranger

pre_check

Validate External Database Properties

Validate Properties for Ranger SSL

Check Ranger passwords strength

pre_validation

Check if external MySQL database is reachable

Check if external Postgres database is reachable

service_check

Check if ranger admin is accessible

security_check

Check if all ranger password property values are secured with JCEKS keystore

Verify Ranger Admin SSL Certificate

 

Solr

tag : solr

pre_check

Validate Properties for Solr Auth

Check Solr auth user password strength

service_check

Check if Solr is accessible

service_validation

Check if Solr Service is Functional

security_check

Verify Solr SSL Certificate

 

Zookeeper

tag : zookeeper

service_check

Check if the Zookeeper container is running

 

MariaDB

tag : mariadb

pre_check

Check MariaDB root user password strength

 

Audit Fluentd

tag : audit-fluentd

pre_check

Validate audit-fluentd aws s3 properties

Validate audit-fluentd azure properties

service_check

Check if audit-fluentd is accessible

 

Audit Server

tag : auditserver

pre_check

Validate AuditServer basic authentication properties

Check AuditServer basic authetication password strength

service_check

Check if auditserver is accessible

security_check

Check if all auditserver password property values are secured with JCEKS keystore

 

Crypto

tag : crypto

service_validation

Check if Crypto is Functional

 

Dataserver

tag : dataserver

pre_check

Validate Properties for Azure Cloud

Validate Properties for Shared Key Azure Cloud

Validate Properties for GCP Cloud

Validate Properties s3 Endpoint

Validate Properties databricks scala

Validate Properties For SSL

Check strength of dataserver related passwords

pre_validation

Check if able to connect to s3 using IAM role

Check if able to connect to s3 using keys

Check if able to connect to s3 http endpoint

Check if able to connect to s3 https endpoint

Check if able to connect to adls gen2 shared_key_pairs

Check if able to connect to adls gen2 storage

Check if able to connect to gcp

service_check

Check if non-ssl dataserver is accessible

Check if ssl dataserver is accessible

service_validation

Check if S3 Service is Functional with Dataserver

Check if DynamoDB Service is Functional with Dataserver

Check if Glue Service is Functional with Dataserver

Check if Kinesis Service is Functional with Dataserver

Check if Lambda Service is Functional with Dataserver

security_check

Check if all dataserver password property values are secured with JCEKS keystore

Verify Dataserver SSL Certificate

 

Discovery

tag : discovery

pre_check

Validate Properties for External Database

Validate Properties for AWS Resources

Validate Properties for Azure Resources with terraform disabled

Validate Properties for Azure Resources with Terraform enabled

Validate Properties for GCP Resources

Validate Properties for Discovery kubernetes

Validate Properties for Discovery real time scan

Validate Properties for Discovery Databricks

Validate Properties for Discovery Databricks with managed script

Validate Properties for Discovery Databricks Plugin

pre_validation

Check if external mysql database is reachable

Check if external postgres database is reachable

service_check

Check if discovery container is running

service_validation

Check if Discovery S3 Scanning is Functional

 

Grafana

tag : grafana

service_check

Check if grafana container is running

 

Graphite

tag : graphite

service_check

Check if graphite container is running

 

Kafka

tag : kafka

service_check

Check if kafka container is running

 

PEG

tag : peg

pre_check

Validate Credentials for PEG to Privacera Portal Communication

Validate PEG Basic Auth Properties

Validate PEG Host Name

Check PEG basic auth password strength

service_check

Check if PEG is accessible

service_validation

Check if PEG is Functional

security_check

Check if PEG Privacera Portal password property values are secured with JCEKS keystore

Verify PEG SSL Certificate

 

Pkafka

tag : pkafka

service_check

Check if pkafka container is running

 

PolicySync

tag : policysync

service_check

Check if policysync container is running

 

Ranger KMS

tag : kms

pre_check

Validate Ranger KMS Master Key password property

Validate Ranger KMS Host Name

Check Ranger KMS Master key password strength

service_check

Check if ranger kms container is running

security_check

Check Master key password used in Ranger KMS is stored in secure JCEKS keystore

Verify Ranger KMS SSL Certificate

 

Ranger Usersync

tag : usersync

pre_check

Validate Properties for LDAP Usersync

Validate Properties for AAD Usersync

Validate Properties for LDAP SSL Usersync

Check strength of usersync passwords

pre_validation

Check if ldap server is reachable

service_check

Check if ranger usersync container is running

security_check

Check if all ranger usersync password property values are secured with JCEKS keystore



Last update: July 23, 2021