Skip to content

Instantly share code, notes, and snippets.

@HeyItsGilbert

HeyItsGilbert/label_groups_schema.json

Created April 17, 2025 21:46
Show Gist options
  • Save HeyItsGilbert/4b3273e0961244553e4b5ed8473e8fd8 to your computer and use it in GitHub Desktop.
Save HeyItsGilbert/4b3273e0961244553e4b5ed8473e8fd8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
label_groups_schema.json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"description": "Schema for validating label groups configuration files.",
"properties": {
"LABELGROUPS": {
"type": "array",
"description": "A list of label groups.",
"items": {
"type": "object",
"description": "A label group object.",
"patternProperties": {
"^.*$": {
"$comment": "This is a regex pattern to match any key. Each key is the name of the label group.",
"type": "object",
"description": "A label group with multiple OR and multiple AND criteria.",
"properties": {
"set": {
"type": "object",
"description": "Defines the criteria for grouping resources.",
"properties": {
"datacenter": {
"type": "array",
"description": "List of datacenters to match.",
"items": {
"type": "string",
"description": "A single datacenter."
}
},
"environment": {
"type": "array",
"description": "List of environments to match.",
"items": {
"type": "string",
"description": "A single environment."
}
},
"application": {
"type": "array",
"description": "List of applications to match.",
"items": {
"type": "string",
"description": "A single application."
}
},
"role": {
"type": "array",
"description": "List of roles to match.",
"items": {
"type": "string",
"description": "A single role."
}
}
},
"additionalProperties": false
}
},
"required": [
"set"
],
"additionalProperties": false
}
},
"additionalProperties": false
}
}
},
"required": [
"LABELGROUPS"
],
"additionalProperties": false
}
Raw
label_schema.json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Labels Schema",
"type": "object",
"description": "Schema for validating label configurations.",
"properties": {
"LABELS": {
"type": "array",
"description": "A list of label objects.",
"items": {
"type": "object",
"description": "An object representing a label.",
"additionalProperties": false,
"patternProperties": {
"^[a-zA-Z]+$": {
"$comment": "Assuming label names are alphanumeric.",
"type": "object",
"description": "A label object with specific properties.",
"properties": {
"numeric_ip_addresses": {
"type": "object",
"description": "Defines numeric IP address-related properties.",
"properties": {
"subnet": {
"type": "array",
"description": "A list of subnets in CIDR format.",
"items": {
"type": "string",
"format": "ipv4_cidr",
"pattern": "^\\d+\\.\\d+\\.\\d+\\.\\d+/(8|[1-2][0-9]|3[0-4])$",
"$comment": "Note: ipv4_cidr is not a standard format in JSON Schema draft-07, but it illustrates the intent. Consider custom validation logic."
}
},
"range": {
"type": "array",
"description": "A list of IP ranges.",
"items": {
"anyOf": [
{
"type": "string",
"pattern": "^\\d+\\.\\d+\\.\\d+\\.\\d+-\\d+\\.\\d+\\.\\d+\\.\\d+$",
"description": "An IP range in the format 'start-end'.",
"format": "ipv4_range",
"$comment": "IP range pattern."
}
]
}
}
},
"additionalProperties": false
},
"name": {
"type": "object",
"description": "Defines name-related properties for the label.",
"properties": {
"regex": {
"type": "array",
"description": "A list of regex patterns to match names.",
"items": {
"type": "string",
"pattern": ".*",
"format": "regex",
"$comment": "Placeholder for regex patterns; adjust as necessary."
}
},
"wildcard": {
"type": "array",
"description": "A list of wildcard patterns to match names.",
"items": {
"type": "string",
"pattern": "\\*.*",
"$comment": "Wildcard pattern; adjust as necessary."
}
},
"fqdns": {
"type": "array",
"description": "A list of fully qualified domain names (FQDNs).",
"items": {
"type": "string",
"format": "hostname",
"$comment": "Standard hostname format."
}
}
},
"additionalProperties": false
}
},
"additionalProperties": false
}
}
}
}
},
"required": [
"LABELS"
],
"additionalProperties": false
}
Raw
rules_schema.json
{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"description": "Schema for validating rule configuration files.",
"properties": {
"rule": {
"type": "object",
"description": "Defines the rule configuration.",
"properties": {
"enabled": {
"type": "boolean",
"description": "Indicates whether the rule is enabled."
},
"section_position": {
"type": "string",
"enum": [
"ALLOW",
"ALERT",
"BLOCK"
],
"description": "Specifies the section position of the rule. Must be one of 'ALLOW', 'ALERT', or 'BLOCK'."
},
"action": {
"type": "string",
"enum": [
"ALLOW",
"ALERT",
"BLOCK",
"BLOCK_AND_ALERT"
],
"description": "Defines the action to be taken. Must be one of 'ALLOW', 'ALERT', 'BLOCK', or 'BLOCK_AND_ALERT'."
},
"comments": {
"type": "string",
"maxLength": 2000,
"description": "Optional comments about the rule. Maximum length is 2000 characters."
},
"source": {
"type": "object",
"description": "Details about the source of the traffic.",
"properties": {
"address_classification": {
"type": "string",
"description": "Classification of the source address. FILL ME IN."
}
},
"required": [
"address_classification"
],
"additionalProperties": false
},
"destination": {
"type": "object",
"description": "Details about the destination of the traffic.",
"properties": {
"labels": {
"type": "object",
"description": "Labels used to identify the destination.",
"properties": {
"or_labels": {
"type": "array",
"description": "Array of OR conditions for labels.",
"items": {
"type": "object",
"description": "AND condition for labels.",
"properties": {
"and_labels": {
"type": "array",
"description": "Array of labels that must all match.",
"items": {
"type": "string",
"description": "A single label."
}
}
},
"required": [
"and_labels"
],
"additionalProperties": false
}
}
},
"required": [
"or_labels"
],
"additionalProperties": false
}
},
"required": [
"labels"
],
"additionalProperties": false
},
"ports": {
"type": "array",
"description": "List of specific ports to match.",
"items": {
"type": "integer",
"pattern": "^[0-9]{1,5}$",
"description": "A single port number."
}
},
"port_ranges": {
"type": "array",
"description": "List of port ranges to match.",
"items": {
"type": "string",
"description": "A single port range in the format 'start-end'."
}
},
"exclude_port_ranges": {
"type": "array",
"description": "List of port ranges to exclude.",
"items": {
"type": "string",
"description": "A single port range in the format 'start-end'."
}
},
"exclude_ports": {
"type": "array",
"description": "List of specific ports to exclude.",
"items": {
"type": "integer",
"description": "A single port number."
}
},
"ip_protocols": {
"type": "array",
"description": "List of IP protocols to match.",
"items": {
"type": "string",
"enum": [
"TCP",
"UDP",
"ICMP"
],
"description": "A single IP protocol. Must be one of 'TCP', 'UDP', or 'ICMP'."
}
},
"icmp_matches": {
"type": "array",
"description": "List of ICMP matches. FILL ME IN.",
"items": {
"type": "string",
"description": "A single ICMP match."
}
},
"attributes": {
"type": "array",
"description": "List of additional attributes. FILL ME IN.",
"items": {
"type": "string",
"description": "A single attribute."
}
},
"scope": {
"type": "array",
"description": "Scope of the rule. FILL ME IN.",
"items": {
"type": "string",
"description": "A single scope value."
}
}
},
"required": [
"enabled",
"section_position",
"action",
"comments",
"source",
"destination",
"ports",
"ip_protocols"
],
"additionalProperties": false
}
},
"required": [
"rule"
],
"additionalProperties": false
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment