Config/guerrilla-config-schema.json
|
{
"$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "guerrilla-config-schema-v1", "title": "PSGuerrilla Configuration", "description": "Schema for guerrilla-config.json files generated by the PSGuerrilla configuration website.", "type": "object", "required": ["version", "environments"], "properties": { "$schema": { "type": "string", "description": "JSON Schema reference URL" }, "version": { "type": "string", "const": "1.0", "description": "Configuration schema version" }, "generated": { "type": "string", "format": "date-time", "description": "ISO 8601 timestamp when this config was generated" }, "generator": { "type": "string", "description": "Tool that generated this configuration" }, "missionMode": { "type": "object", "description": "Selected mission capabilities: reporting, monitoring, or both", "properties": { "reporting": { "type": "boolean" }, "monitoring": { "type": "boolean" } }, "additionalProperties": false }, "environments": { "type": "object", "description": "Environment-specific audit and monitoring configuration", "properties": { "googleWorkspace": { "$ref": "#/$defs/environmentWithMonitoring" }, "activeDirectory": { "$ref": "#/$defs/environmentWithMonitoring" }, "entraAzure": { "$ref": "#/$defs/environmentWithMonitoring" }, "m365": { "$ref": "#/$defs/environmentWithMonitoring" }, "intune": { "$ref": "#/$defs/environmentAuditOnly" } }, "additionalProperties": false }, "reporting": { "type": "object", "properties": { "formats": { "type": "array", "items": { "type": "string", "enum": ["html", "csv", "json", "pdf"] }, "uniqueItems": true }, "sections": { "type": "object", "properties": { "executiveSummary": { "type": "boolean" }, "technicalDetail": { "type": "boolean" }, "remediationPlaybook": { "type": "boolean" }, "remediationScripts": { "type": "boolean" }, "deltaReport": { "type": "boolean" }, "quickWins": { "type": "boolean" }, "budgetJustification": { "type": "boolean" }, "threatActorProfiles": { "type": "boolean" } }, "additionalProperties": false }, "frameworks": { "type": "object", "properties": { "nist800171": { "type": "boolean" }, "cisBenchmarks": { "type": "boolean" }, "mitreAttack": { "type": "boolean" }, "anssi": { "type": "boolean" }, "ferpa": { "type": "boolean" }, "coppa": { "type": "boolean" }, "cipa": { "type": "boolean" }, "stateEdtech": { "type": "boolean" }, "stateRequirements": { "type": "object", "properties": { "enabled": { "type": "boolean" }, "states": { "type": "array", "items": { "type": "string" } } }, "additionalProperties": false } }, "additionalProperties": false } }, "additionalProperties": false }, "alerting": { "type": "object", "properties": { "channels": { "type": "array", "items": { "type": "object", "required": ["type", "vaultKey", "severityThreshold"], "properties": { "type": { "type": "string", "enum": ["teams", "slack", "email", "sms", "webhook", "syslog", "pagerduty", "pushover", "eventlog"] }, "vaultKey": { "type": "string" }, "severityThreshold": { "type": "string", "enum": ["ALL", "LOW", "MEDIUM", "HIGH", "CRITICAL"] } }, "additionalProperties": false } } }, "additionalProperties": false }, "credentials": { "type": "object", "properties": { "strategy": { "type": "string", "const": "secretManagement" }, "vaultName": { "type": "string", "default": "PSGuerrilla" }, "references": { "type": "object", "properties": { "googleWorkspace": { "type": "object", "properties": { "type": { "type": "string", "enum": ["serviceAccount"] }, "vaultKey": { "type": "string" }, "scopes": { "type": "array", "items": { "type": "string" } } }, "additionalProperties": false }, "microsoftGraph": { "type": "object", "properties": { "type": { "type": "string", "enum": ["appRegistration"] }, "vaultKey": { "type": "string" }, "tenantIdVaultKey": { "type": "string" }, "clientIdVaultKey": { "type": "string" }, "authMethod": { "type": "string", "enum": ["clientSecret", "certificate"] } }, "additionalProperties": false }, "activeDirectory": { "type": "object", "properties": { "type": { "type": "string", "enum": ["currentUser", "serviceAccount"] }, "authMethod": { "type": "string", "enum": ["kerberos", "credential"] }, "vaultKey": { "type": "string" } }, "additionalProperties": false } }, "additionalProperties": false } }, "additionalProperties": false } }, "additionalProperties": false, "$defs": { "environmentWithMonitoring": { "type": "object", "required": ["enabled"], "properties": { "enabled": { "type": "boolean" }, "audit": { "type": "object", "properties": { "enabled": { "type": "boolean" }, "targetOU": { "type": "string", "description": "Google Workspace organizational unit path to scope user enumeration (e.g., '/Staff'). Defaults to '/' (all users).", "default": "/" }, "categories": { "type": "object", "additionalProperties": { "type": "boolean" } } }, "additionalProperties": false }, "monitoring": { "type": "object", "properties": { "enabled": { "type": "boolean" }, "intervalMinutes": { "type": "integer", "minimum": 1, "maximum": 1440 }, "detections": { "type": "object", "description": "Individual monitoring detections to enable or disable", "additionalProperties": { "type": "boolean" } } }, "additionalProperties": false } }, "additionalProperties": false }, "environmentAuditOnly": { "type": "object", "required": ["enabled"], "properties": { "enabled": { "type": "boolean" }, "audit": { "type": "object", "properties": { "enabled": { "type": "boolean" }, "categories": { "type": "object", "additionalProperties": { "type": "boolean" } } }, "additionalProperties": false } }, "additionalProperties": false } } } |