Appendices
Appendix A: JSON Schema definition
The OSIRIS JSON Schema provides structural validation for OSIRIS documents.
Schema location URI: OSIRIS JSON Schema
Schema reference in documents:
{
"$schema": "https://osirisjson.org/schema/v1.0/osiris.schema.json",
"version": "1.0.0"
}A.1 Schema overview
The OSIRIS JSON Schema validates:
- Top-level document structure (version, metadata, topology)
- Required fields at each level
- Field data types (string, number, boolean, object, array)
- Enum constraints (e.g.
directionmust bebidirectional,forwardorreverse) - Format constraints (e.g.
timestampmust be ISO 8601 / RFC 3339)
The schema does not validate:
- Referential integrity (connections referencing resources)
- Type semantics (e.g. whether a type is ‘recognized’ or appropriate for the domain)
- Domain-specific semantics (Chapter 9, Level 2 and Level 3 validation)
A.2 Schema structure (excerpt/top-level outline)
[!NOTE] This is a top-level OSIRIS schema outline. $defs are omitted here for top-level readability, refer to the canonical URI for the full schema.
The schema defines:
{
"$schema": "https://json-schema.org/draft/2020-12/schema#",
"$id": "https://osirisjson.org/schema/v1.0/osiris.schema.json",
"title": "Core OSIRIS JSON Schema v1.0",
"description": "OSIRIS Open Standard for Infrastructure Resource Interchange Schema. This schema encodes baseline interoperability requirements; additional semantic rules (e.g. referential integrity, uniqueness) are validated by tooling.",
"type": "object",
"required": [
"version",
"metadata",
"topology"
],
"properties": {
"$schema": {
"type": "string",
"description": "Optional JSON Schema dialect reference for OSIRIS documents.",
"format": "uri"
},
"version": {
"type": "string",
"description": "OSIRIS specification version of this document (semver). For the v1.0 schema endpoint, any 1.x.y is allowed.",
"pattern": "^1\\.[0-9]+\\.[0-9]+$"
},
"metadata": {
"$ref": "#/$defs/metadata"
},
"topology": {
"$ref": "#/$defs/topology"
}
},
"additionalProperties": true,
"$defs": {
"osirisType": { },
"providerName": { },
"namespaceKey": { },
"tags": { },
"freeformObject": { },
"extensions": { },
"provider": { },
"resource": { },
"connectionDirection": { },
"connectionType": { },
"connection": { },
"group": { },
"topology": { },
"metadataGenerator": { },
"metadataScope": { },
"metadata": { }
}
}A.3 Using the schema
Validation tools:
A.4 Schema evolution
The OSIRIS JSON Schema evolves with the specification:
- v1.0.0 schema: Validates OSIRIS v1.0.0 documents
- v1.1.0 schema: Adds optional fields introduced in v1.1.0 but remains backwards-compatible
- v2.0.0 schema: May introduce breaking changes aligned with specification v2.0.0
Consumers SHOULD use the schema version matching their target specification version.
A.5 Complete schema
The complete JSON Schema is available at:
- Canonical URI: https://osirisjson.org/schema/v1.0/osiris.schema.json
- GIT Repository: https://github.com/osirisjson/osiris/tree/main/schema
Appendix B: Complete examples
Complete, validated examples demonstrating OSIRIS v1.0 are available in the OSIRIS GitHub repository:
- Canonical URI: https://osirisjson.org/examples/v1.0/
- GIT Repository: https://github.com/osirisjson/osiris/tree/main/examples/v1.0
B.1 Example categories
Examples are organized by domain:
IT/Cloud examples:
IT/cloud/osiris_minimal_cloud_provider_infrastructure.jsonIT/hyperscalers/osiris_minimal_hyperscalers_infrastructure.jsonIT/hyperscalers/osiris_simple_hyperscaler_infrastructure.jsonIT/hyperscalers/osiris_hyperscaler_infrastructure_belonging.jsonIT/hyperscalers/osiris_multi_hyperscaler_environment.jsonIT/hyperscalers/osiris_hybrid_hyperscaler_on_premise.json
IT/On-Premise examples:
IT/on-premise/osiris_minimal_on_premise_infrastructure.jsonIT/on-premise/osiris_on_premise_network_topology.json
OT (Operational Technology) examples:
OT/osiris_minimal_ot_infrastructure.jsonOT/osiris_it_ot_cross_network_topology.jsonOT/osiris_industrial_printer.jsonOT/osiris_security_camera.jsonOT/osiris_door_access_control.json
B.2 Example validation
All examples are validated against:
- JSON Schema (Level 1): Structural correctness
- Referential integrity (Level 2): All IDs resolve, no dangling references
- Domain rules (Level 3): Type format, naming conventions
Examples are automatically validated in the repository CI/CD pipeline.
B.3 Using examples
Examples serve multiple purposes:
- Learning: Understand OSIRIS structure and patterns
- Testing: Validate parser and consumer implementations
- Templates: Starting points for new documents
- Reference: Demonstrate best practices
Implementers SHOULD test their tools against the complete example set.
Appendix C: Resource type registry
This appendix provides a comprehensive listing of all standard resource types defined in OSIRIS v1.0.
C.1 Compute resources
| Type | Description | Common providers |
|---|---|---|
compute.vm | Virtual machine instance | AWS, Azure, GCP, VMware, Proxmox |
compute.server | Physical server | Dell, HPE, Lenovo, Supermicro |
compute.container | Container runtime instance | Docker, Kubernetes, AWS ECS |
compute.cluster | Compute cluster (e.g. Kubernetes cluster) | AWS EKS, GKE, AKS |
compute.function | Serverless function | AWS Lambda, Azure Functions, GCP Cloud Functions |
C.2 Network resources
| Type | Description | Common providers |
|---|---|---|
network.switch | Network switch | Cisco, Arista, Juniper |
network.router | Network router | Cisco, Juniper, MikroTik |
network.firewall | Network firewall | Palo Alto, Fortinet, Cisco ASA |
network.loadbalancer | Load balancer | AWS ALB/NLB, Azure Load Balancer, F5 |
network.vnet | Virtual network | Azure VNet, AWS VPC, GCP VPC |
network.subnet | Network subnet | Cloud providers, network gear |
network.vpn | VPN connection | AWS VPN, Azure VPN, WireGuard |
network.interface | Network interface | NICs, ENIs |
network.endpoint | Network endpoint (e.g. private endpoint) | Azure Private Endpoint, AWS PrivateLink |
network.gateway | Network gateway (e.g. NAT gateway, internet gateway) | AWS IGW, Azure NAT Gateway |
network.securitygroup | Network security group / ACL | AWS Security Groups, Azure NSGs |
C.3 Storage resources
| Type | Description | Common providers |
|---|---|---|
storage.volume | Block storage volume | AWS EBS, Azure Disk, GCP Persistent Disk |
storage.bucket | Object storage bucket | AWS S3, Azure Blob, GCP Cloud Storage |
storage.filesystem | File system / file share | AWS EFS, Azure Files, NFS |
storage.array | Storage array | NetApp, Pure Storage, Dell PowerStore |
storage.disk | Physical disk | SSD, HDD |
C.4 Application resources
| Type | Description | Common providers |
|---|---|---|
application.database | Database instance | AWS RDS, Azure SQL, PostgreSQL, MySQL |
application.cache | Cache service | Redis, Memcached, AWS ElastiCache |
application.queue | Message queue | AWS SQS, RabbitMQ, Kafka |
application.repository | Code/artifact repository | GitHub, GitLab, Artifactory |
application.service | Application service | Custom apps, microservices |
C.5 Container and organization resources
| Type | Description | Common providers |
|---|---|---|
container.resourcegroup | Resource group / organizational container | Azure Resource Groups |
container.project | Project / billing container | GCP Projects |
container.account | Account / subscription | AWS Accounts, Azure Subscriptions |
C.6 Operational Technology (OT) resources
| Type | Description | Common providers |
|---|---|---|
ot.sensor.environmental | Environmental sensor (temp, humidity) | Emerson, Vaisala, IFM |
ot.sensor.industrial | Industrial sensor (pressure, flow, vibration) | Endress+Hauser, Siemens, ABB |
ot.camera | IP camera / video surveillance | Axis, Hikvision, Dahua |
ot.controller.plc | Programmable Logic Controller | Siemens, Rockwell, Schneider |
ot.controller.dcs | Distributed Control System | Honeywell, Emerson, ABB |
ot.printer | Industrial printer (label, thermal) | Zebra, Datamax, SATO |
ot.access.controller | Access control panel | HID, Lenel, Genetec |
ot.access.reader | RFID/card reader | HID, Suprema |
ot.access.lock | Electronic lock | Assa Abloy, Allegion |
ot.hvac | HVAC system controller | Trane, Carrier, Johnson Controls |
ot.power | Power distribution unit | APC, Eaton, Schneider |
ot.ups | Uninterruptible Power Supply | APC, Eaton, Vertiv |
C.7 Type evolution
New types MAY be added in MINOR version updates (e.g. v1.1.0).
To propose a new standard type:
- Open an issue in the OSIRIS GitHub repository
- Provide use case justification and examples
- Demonstrate that existing types are insufficient
- Propose type name following naming conventions (lowercase, dot notation)
Appendix D: Comparison with related standards
This appendix compares OSIRIS with related standards and formats for infrastructure topology and configuration.
D.1 OSIRIS vs TOSCA (Topology and Orchestration Specification for Cloud Applications)
| Aspect | OSIRIS | TOSCA |
|---|---|---|
| Purpose | Infrastructure description and interchange | Application orchestration and lifecycle management |
| Focus | What exists and how it’s connected | How to provision, configure and manage |
| Format | JSON | YAML (primarily) |
| Complexity | Simple, flat resource/connection/group model | Complex node templates, relationships, policies, workflows |
| Scope | IT and OT infrastructure designed for On-Premise, cloud and hyperscalers | Cloud applications and services |
| Orchestration | Not included | Core feature (workflows, policies) |
| Vendor neutrality | Strong (pure interchange) | Moderate (templates often vendor-specific) |
| Adoption | New (2025) | Mature (OASIS standard since 2013) |
When to use OSIRIS:
- Documenting existing infrastructure
- Exporting topology snapshots for visualization
- Cross-platform inventory and CMDB integration
- Lightweight interchange between tools
When to use TOSCA:
- Application provisioning and orchestration
- Infrastructure-as-code with lifecycle management
- Complex dependency modeling with workflows
Interoperability: OSIRIS documents MAY be generated from TOSCA topologies by extracting instantiated resources and relationships.
D.2 OSIRIS vs Terraform / AWS CloudFormation / Azure ARM Templates
| Aspect | OSIRIS | Terraform/CloudFormation/ARM |
|---|---|---|
| Purpose | Infrastructure description | Infrastructure provisioning (IaC) |
| Direction | Read-only export/snapshot | Write (create/update/delete) |
| State | Describes current state | Describes desired state |
| Provider | Vendor-neutral (multi-provider in one doc) | Provider-specific (AWS, Azure, GCP) or multi (Terraform) |
| Format | JSON | HCL (Terraform), JSON/YAML (CloudFormation, ARM) |
| Dependencies | Explicit connections and groups | Implicit and explicit dependencies |
| Use case | Documentation, audit, visualization | Provisioning, automation, GitOps |
When to use OSIRIS:
- Documenting infrastructure that already exists
- Exporting topology from multiple providers in a single document
- Creating provider-agnostic documentation
When to use IaC tools:
- Provisioning new infrastructure
- Managing infrastructure lifecycle
- Implementing GitOps workflows
Interoperability: OSIRIS documents MAY be generated from Terraform state or CloudFormation stacks to document provisioned infrastructure.
D.4 OSIRIS vs OpenAPI Specification
| Aspect | OSIRIS | OpenAPI |
|---|---|---|
| Domain | Infrastructure topology and description | API definitions |
| Purpose | Describe infrastructure resources | Describe API endpoints and schemas |
| Format | JSON | JSON/YAML |
| Schemas | JSON Schema for validation | JSON Schema for request/response validation |
| Evolution | SemVer for specification | SemVer for specification |
Relationship:
Both OSIRIS and OpenAPI define JSON-based interchange formats with JSON Schema validation. OSIRIS focuses on infrastructure, OpenAPI focuses on APIs.
OSIRIS documents MAY include references to OpenAPI specifications in resource properties (e.g. an application.service resource with api_spec_url: "https://api.example.com/openapi.json").
D.5 OSIRIS vs NETCONF/YANG
| Aspect | OSIRIS | NETCONF/YANG |
|---|---|---|
| Domain | Infrastructure topology (IT and OT) | Network configuration |
| Purpose | Interchange and documentation | Configuration management and state retrieval |
| Format | JSON | XML (NETCONF), data modeling language (YANG) |
| Scope | Multi-domain (cloud, on-prem, OT) | Network devices primarily |
| Operations | Read-only topology export | Read/write configuration |
When to use OSIRIS:
- Documenting heterogeneous infrastructure (not just network)
- Multi-vendor topology snapshots
- Lightweight JSON interchange
When to use NETCONF/YANG:
- Network device configuration management
- Standardized network state retrieval
- Network automation requiring write operations
Interoperability: OSIRIS documents MAY be generated from NETCONF data by transforming YANG-modeled state into OSIRIS resources and connections.
D.6 OSIRIS vs CMDB schemas (ServiceNow, BMC, etc.)
| Aspect | OSIRIS | CMDB Schemas |
|---|---|---|
| Purpose | Portable interchange format | Internal CMDB data model |
| Vendor neutrality | High (designed for multi-tool) | Low (vendor-specific) |
| Format | JSON | Vendor-specific (SQL, proprietary) |
| Scope | Topology snapshot | Full asset lifecycle, incidents, changes |
| Relationships | Explicit connections | CMDB relationship tables |
Relationship: OSIRIS can serve as an export format from CMDBs and as an import format into CMDBs.
Workflow:
- Export infrastructure from sources (cloud APIs, network devices, OT systems)
- Generate OSIRIS document
- Import OSIRIS document into CMDB (ServiceNow, BMC, etc.)
- CMDB enriches with additional lifecycle data (ownership, contracts, incidents)