Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Deployment Guide for Amazon Elastic Kubernetes Services (EKS) Cluster
  5. Assessing cluster configuration before deployment
  7. How does the webhook validation works
NetBackup™ Deployment Guide for Amazon Elastic Kubernetes Services (EKS) Cluster

How does the webhook validation works

  • Webhooks are implemented to validate the CR input provided in the sample/environment.yaml file which is the interface of NetBackup installation on the EKS cluster.

  • For each user input in the sample/environment.yaml file a validation webhook is implemented.

  • If any of the input value is not in the required form, then webhooks displays an error and prevents the creation of an environment.

  • For primary server deployment, following webhook validations have been implemented:

    • Validate RetainReclaimPolicy: This check verifies that the storage classes used for PVC creation in the CR have reclaim policy as Retain. The check fails if any of the webhook do not have the Retain reclaim policy.

    • Validate MinimumVolumeSize: This check verifies that the PVC storage capacity meets the minimum required volume size for each volume in the CR. The check fails if any of the volume capacity sizes does not meet the following requirements for Primary server.

      • Catalog volume size: 100Gi

      • Log volume size: 30Gi

      • Data volume size: 30Gi

    • Validate CSI driver: This will verify that the PV created is provisioned using the efs.csi.aws.com driver, that is, AWS Elastic file system (EFS) for volumes catalog. If any other driver type is used, the webhook fails.

    • Validate AWS Elastic file system (EFS) controller add-on: Verifies if the AWS Elastic file system (EFS) controller add-on is installed on the cluster. This AWS Elastic file system (EFS) controller is required to use EFS as persistence storage for pods which will be running on cluster. Webhooks will check the EFS controller add-on is installed and it is running properly. If no, then validation error is displayed.

    • AWS Load Balancer Controller add-on check: Verifies if the AWS load balancer controller add-on is installed on the cluster. This load balancer controller is required to use load balancer in the cluster. Webhooks will check the load balancer controller add-on is installed and it is running properly. If no, then a validation error is displayed.

Feedback

Was this page helpful?
Previous

Assessing cluster configuration before deployment

Next

Webhooks validation execution details

Feedback

Was this page helpful?