diff --git a/examples/multiple_mzr_clusters/main.tf b/examples/multiple_mzr_clusters/main.tf
index d7216a45..4e9cdf4f 100644
--- a/examples/multiple_mzr_clusters/main.tf
+++ b/examples/multiple_mzr_clusters/main.tf
@@ -66,8 +66,8 @@ locals {
   # Choosing RHEL for the default worker pool will limit all additional worker pools to RHEL.
   # If we plan to use RHCOS with the cluster, we should create the default worker pool with RHCOS.
 
-  os_rhcos = "RHCOS"
-  os_rhel  = "REDHAT_8_64"
+  os_rhcos  = "RHCOS"
+  os_rhel_9 = "RHEL_9_64"
   cluster_1_vpc_subnets = {
     default = [
       for subnet in ibm_is_subnet.subnet_cluster_1 :
@@ -104,7 +104,7 @@ locals {
       machine_type     = "bx2.4x16"
       workers_per_zone = 2
       labels           = { "dedicated" : "logging-worker-pool" }
-      operating_system = local.os_rhel
+      operating_system = local.os_rhel_9
     }
   ]
 
diff --git a/main.tf b/main.tf
index 37b170bd..52389284 100644
--- a/main.tf
+++ b/main.tf
@@ -51,31 +51,36 @@ locals {
 locals {
   os_rhel  = "REDHAT_8_64"
   os_rhcos = "RHCOS"
+  os_rhel9 = "RHEL_9_64"
 
   # Strip OCP VERSION and use this ocp version in logic
-  ocp_version_num           = regex("^([0-9]+\\.[0-9]+)", local.ocp_version)[0]
-  is_valid_version          = local.ocp_version_num != null ? tonumber(local.ocp_version_num) >= 4.15 : false
+  ocp_version_num  = regex("^([0-9]+\\.[0-9]+)", local.ocp_version)[0]
+  is_valid_version = local.ocp_version_num != null ? tonumber(local.ocp_version_num) >= 4.15 : false
+
   rhcos_allowed_ocp_version = local.default_pool.operating_system == local.os_rhcos && local.is_valid_version
-  worker_pool_rhcos_entry   = [for worker in var.worker_pools : (worker.operating_system == local.os_rhel || (worker.operating_system == local.os_rhcos && local.is_valid_version) ? true : false)]
+
+  worker_pool_rhcos_entry = [for worker in var.worker_pools : contains([local.os_rhel, local.os_rhel9], worker.operating_system) || (worker.operating_system == local.os_rhcos && local.is_valid_version) ? true : false]
+
 
   # To verify rhcos operating system exists only for OCP versions >=4.15
   # tflint-ignore: terraform_unused_declarations
-  cluster_rhcos_validation = local.default_pool.operating_system == local.os_rhel || local.rhcos_allowed_ocp_version ? true : tobool("RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS")
+  cluster_rhcos_validation = contains([local.os_rhel9, local.os_rhel], local.default_pool.operating_system) || local.rhcos_allowed_ocp_version ? true : tobool("RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS")
 
   # tflint-ignore: terraform_unused_declarations
   worker_pool_rhcos_validation = alltrue(local.worker_pool_rhcos_entry) ? true : tobool("RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS")
 
   # Validate if default worker pool's operating system is RHEL, all pools' operating system must be RHEL
-  check_other_os                      = local.default_pool.operating_system == local.os_rhcos
-  rhel_check_for_all_standalone_pools = [for pool in var.worker_pools : pool.operating_system == local.os_rhel if pool.pool_name != "default"]
+
+  rhel_check_for_all_standalone_pools = [for pool in var.worker_pools : contains([local.os_rhel, local.os_rhel9], pool.operating_system) if pool.pool_name != "default"]
 
   # tflint-ignore: terraform_unused_declarations
-  valid_rhel_worker_pools = local.check_other_os || (local.default_pool.operating_system == local.os_rhel && alltrue(local.rhel_check_for_all_standalone_pools)) == true ? true : tobool("Choosing RHEL for the default worker pool will limit all additional worker pools to RHEL.")
+  valid_rhel_worker_pools = local.default_pool.operating_system == local.os_rhcos || (contains([local.os_rhel, local.os_rhel9], local.default_pool.operating_system) && alltrue(local.rhel_check_for_all_standalone_pools)) ? true : tobool("Choosing RHEL for the default worker pool will limit all additional worker pools to RHEL.")
 
   # Validate if RHCOS is used as operating system for the cluster then the default worker pool must be created with RHCOS
-  rhcos_check = local.default_pool.operating_system == local.os_rhel || (local.default_pool.operating_system == local.os_rhcos && local.default_pool.operating_system == local.os_rhcos)
+  rhcos_check = contains([local.os_rhel, local.os_rhel9], local.default_pool.operating_system) || (local.default_pool.operating_system == local.os_rhcos && local.default_pool.operating_system == local.os_rhcos)
+
   # tflint-ignore: terraform_unused_declarations
-  default_wp_validation = local.rhcos_check == true ? true : tobool("If RHCOS is used with this cluster, the default worker pool should be created with RHCOS.")
+  default_wp_validation = local.rhcos_check ? true : tobool("If RHCOS is used with this cluster, the default worker pool should be created with RHCOS.")
 }
 
 # Lookup the current default kube version
diff --git a/variables.tf b/variables.tf
index dad888b6..698e84c5 100644
--- a/variables.tf
+++ b/variables.tf
@@ -106,11 +106,22 @@ variable "worker_pools" {
     condition = alltrue([
       for worker_pool in var.worker_pools :
       anytrue([
-        worker_pool.operating_system == "REDHAT_8_64",
-        worker_pool.operating_system == "RHCOS"
+        worker_pool.operating_system == local.os_rhel9,
+        worker_pool.operating_system == local.os_rhel,
+        worker_pool.operating_system == local.os_rhcos
       ])
     ])
-    error_message = "RHEL 8 (REDHAT_8_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
+    error_message = "RHEL 9 (RHEL_9_64), RHEL 8 (REDHAT_8_64) or Red Hat Enterprise Linux CoreOS (RHCOS) are the allowed OS values. RHCOS requires VPC clusters created from 4.15 onwards. Upgraded clusters from 4.14 cannot use RHCOS."
+  }
+
+  validation {
+    condition = alltrue([
+      for wp in var.worker_pools :
+      (local.ocp_version_num == "4.14" && wp.operating_system == local.os_rhel) ||
+      (local.ocp_version_num == "4.15" && contains([local.os_rhel, local.os_rhcos], wp.operating_system)) ||
+      (contains(["4.16", "4.17"], local.ocp_version_num) && contains([local.os_rhel9, local.os_rhel, local.os_rhcos], wp.operating_system))
+    ])
+    error_message = "Invalid operating system for the given OCP version. Ensure the OS is compatible with the OCP version. Supported compatible OCP version and OS are v4.14: (REDHAT_8_64); v4.15: (REDHAT_8_64, RHCOS) ; v4.16 and v4.17: (REDHAT_8_64, RHCOS, RHEL_9_64)"
   }
 }