Skip to content

CD3 Validator Features

With version v9.0 we have introduced validator for Multiple VCN CIDRs in Networking Tab. CD3 Validator helps you validate the Compartments, Groups, Policies, Network component entries, Instances, Block Volumes, FSS in your CD3 to ensure error free, smooth creation of the resources when Terraform is applied. Below is a list of checks done by the CD3 Validator:

Tab Name Validation/Checks
Identity This covers Compartments, Groups, Policies Tabs.
  • Checks if the Region column contains Home Region
  • Checks for mandatory columns
VCNs
  • Checks if the Columns - Region and Compartment have valid entries.
  • Checks if the VCN Names are duplicated in Column - VCN Name for the same region.
  • Validates the VCN CIDRs (Single and Multiple) - Checks for Overlapping/Duplicate addresses.
  • Checks the VCN CIDR ranges for host bits set.
  • Checks if the Column - DNS Label has any special characters.
  • Checks for NULL Values if any in all the Columns that is Required/Mandatory.
SubnetsVLANs
  • Checks if the Columns - Region and Compartment have valid entries.
  • Checks if the VCN Names are part of VCN Tab in Column - VCN Name
  • Checks if the Column - DNS Label has any special characters or any Duplicate Values
  • Validates the Subnet CIDRs - Checks for Overlapping/Duplicate addresses
  • Checks the Subnet CIDR ranges for host bits set.
  • Checks for NULL Values if any in all the Columns that is Required/Mandatory
  • Cross Validates entries in Subnets and DHCP Tabs for Column - DHCP Options
  • Checks if Internet Gateways and Service Gateways are set appropriately.
  • Cross Validates entries in Subnets and VCNsTabs for Column - Subnet CIDR (Checks if the Subnet CIDR belongs to / falls under the VCN CIDR as mentioned in the Subnet's Tab)
DHCP
  • Checks if the Columns - Region and Compartment have valid entries
  • Checks if the VCN Names are part of VCN Tab in Column - VCN Name
  • Check if there is value for Customer DNS Column if the entered type is 'CustomDNSServer'
  • Checks for NULL Values if any in all the Columns that is Required/Mandatory
DRGs
  • Checks if the Columns - Region and Compartment have valid entries
  • Checks if DRG Name entered is as per mentioned in VCNs tab
  • Checks for the valid format of Attached To column and if it contains VCN Name as mentioned in VCNs Tab.
  • Checks for valid format of column 'Import DRG Route Distribution Statements'
  • Checks that column 'Import DRG Route Distribution Statements' cannot have any value if colum 'Import DRG Route Distribution' is empty.
Instances
  • Checks if the Columns - Region and Compartment have valid entries
  • Checks for mandatory columns - Region, Compartment Name, Availability Domain, Display Name, Network Details, SSH Key Var Name, Pub Address, Source Details, Shape
  • Checks if Network Details specified is valid
  • Checks for valid values for columns - Availability Domain, Fault Domain, Source Details, Shape
  • Checks if the NSG names mentioned in NSGs column are part of NSGs tab of the CD3 excel.
Block Volumes
  • Checks if the Columns - Region and Compartment have valid entries
  • Checks for mandatory columns Block Name, Availability Domain, Attach Type.
  • Checks for valid values for columns - Availability Domain, Attach Type, Attached to Instance.
  • Checks if AD mentioned in Block Volumes sheet is same as AD mentioned in Instances sheet for the instance to which block volume is to be attached.
FSS
  • Checks if the Columns - Region and Compartment have valid entries
  • Checks for mandatory columns - Region, Compartment Name, Availability Domain, MountTarget Name, MountTarget SubnetName.
  • Checks if Network Details specified is valid
  • Checks if the NSG names mentioned in NSGs column are part of NSGs tab of the CD3 excel.
Budgets
  • Checks for mandatory columns(Region/Name/Scope/Schedule/Amount) for Budget creation
  • Checks for mandatory parameter (Start Date and End Date ) for Single Use Schedule
  • Checks for mandatory parameter (Start Day) for MONTH Schedule
  • Value format check for "Alert Rules" column
  • Value check for email format in "Alert Recipients" column
  • Checks if provided region is home region or not
KMS
  • Checks if the Columns - Region, Vault Compartment, Key Compartment, Vault display name, Key display name have valid entries
  • Checks if valid protection mode, Key algorithm and key length are provided.
  • Checks if auto rotation and rotation interval have valid values.

Log file containing CD3 validator checks is generated at: /cd3user/tenancies/<prefix>/<prefix>_cd3validator.log.

Expected ERRORs in the log file:

  • Compartment Network does not exist in OCI.→ This error means that the component is not found in OCI. So, please make sure to create the Compartment "Network" before validating other tabs.

  • Either "Region" ashburn is not subscribed to tenancy or toolkit is not yet configured to be used for this region. → If this is a new region subscribed to the tenancy after toolkit was setup initially then Please re run createTenancyConfig.py with same tenancyconfig.properties to configure the toolkit with the new region.

  • For policy statements like below:

     allow service loganalytics to {BUCKET_READ} in tenancy 
 allow service loganalytics to {EVENTRULE_READ} in tenancy 
 allow DYNAMIC-GROUP logging_analytics_agent to {LOG_ANALYTICS_LOG_GROUP_UPLOAD_LOGS} in tenancy

       Validator can report below error which can be ignored:

       2024-04-24 11:50:08,086 - ROW 41 : Invalid verb used in Policy Statement