🗂️ Navigation
📁 Infrastructure as Code
📋 Pre-Commit IaC Scanning
🔧 Check-jsonschema

Check-jsonschema

A CLI for checking JSON and YAML files against a JSON Schema.

Visit Website →

Overview

check-jsonschema is a command-line tool for validating JSON or YAML files against a given JSON Schema. While not an IaC scanner itself, it can be used as a pre-commit hook to enforce custom structures and rules for any configuration file, including custom IaC formats, Kubernetes CRDs, or application configurations. If you can define a valid structure in JSON Schema, you can enforce it with this tool.

✨ Key Features

  • Validates JSON and YAML files
  • Uses the standard JSON Schema specification
  • Simple command-line interface
  • Can be used as a pre-commit hook
  • Supports fetching schemas from files or URLs

🎯 Key Differentiators

  • Uses the powerful and standard JSON Schema specification
  • Validates not just style but the data types and structure
  • Works for both JSON and YAML

Unique Value: Provides a simple, standard-based way to enforce the correctness of any custom JSON or YAML configuration files.

🎯 Use Cases (3)

Enforcing a specific structure for custom YAML/JSON configuration files Validating Kubernetes Custom Resource definitions against a schema Creating basic linting checks for any JSON- or YAML-based IaC

✅ Best For

  • Validating custom YAML configuration files in a pre-commit hook.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Complex security scanning of standard IaC like Terraform (use a dedicated tool).

🏆 Alternatives

yamllint custom scripts

While a simple linter might check for syntax and style, check-jsonschema validates the entire data model of the file, preventing a different class of errors.

💻 Platforms

Desktop

✅ Offline Mode Available

🔌 Integrations

pre-commit CI/CD pipelines

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: Fully open-source and free.

Visit Check-jsonschema Website →

🔄 Similar Tools in Pre-Commit IaC Scanning

Checkov

Open-source IaC scanner that finds misconfigurations in Terraform, CloudFormation, Kubernetes, and m...

Contact

Terrascan

Open-source static code analyzer for IaC that helps detect security issues and compliance violations...

Contact

KICS

Open-source IaC scanner from Checkmarx that supports a wide range of platforms and offers extensive ...

Contact

Trivy

Versatile open-source security scanner from Aqua Security that finds vulnerabilities, IaC misconfigu...

Contact

tfsec

A fast, open-source static analysis scanner for Terraform code to find security misconfigurations....

Contact

Prisma Cloud

A comprehensive Cloud Native Application Protection Platform (CNAPP)....

Contact