Introduce Non Admin Backup validations around BSL usage when there is no default BSL in the DPA

[mpryc]

Idea: "As an improvement we could add NAB level validation on BSL/NaBSL name"

This is the scenario where DPA is configured with noDefaultBackupLocation option and the user tries to create Backup without NaBSL in it.

[shubham-pampattiwar]

Context being, allowing Non-Admin users to create NAB object using only one of the 2 possible storage locations:

• NABSL
• Default BSL in OADP NS

[kaovilai]

• Default BSL in OADP NS

That is my only concern here that we had discussed today.
This default BSL that NA did not create, they obviously do not have creds. If an admin is paranoid they can noDefaultBackupLocation, and any Admin BSL they require can be created manually outside dpa and/or create a non default backupLocation in dpa.

The validation here should disallow backup to a BSL in OADP namespace which do not have default set.

[kaovilai]

This validation should additionally disallow any NaBSL BSLs from having default set.

[mpryc]

This validation should additionally disallow any NaBSL BSLs from having default set.

@kaovilai Is this the only one which would be "NAC Controller level | Controller Restriction" category ? We have this issue to review all of the configs across other Specs as well to find those which are considered harmful: #151

[kaovilai]

This validation should additionally disallow any NaBSL BSLs from having default set.

@kaovilai Is this the only one which would be "NAC Controller level | Controller Restriction" category ? We have this issue to review all of the configs across other Specs as well to find those which are considered harmful: #151

Sure