Andrew Huynh 512188b66c
Run Link Checker for Cron Job / markdown-link-check (push) Has been cancelled
Run CI Pipeline for ScubaGoggles / Pylint (push) Has been cancelled
Run CI Pipeline for ScubaGoggles / Run OPA Tests (push) Has been cancelled
Run CI Pipeline for ScubaGoggles / Run Markdown Link Check (push) Has been cancelled
Run CI Pipeline for ScubaGoggles / Run Python Tests (push) Has been cancelled
Run Smoke Test / configuration (push) Has been cancelled
Run Smoke Test / smoke-test (push) Has been cancelled
Run Smoke Test / lhci (push) Has been cancelled
Add in BOD 25-01 Requirement indicator to applicable policies (#1061)
* add in indicators

* update unit tests to include new bod 25-01 badge

* update to pass pylint

* update smoke tests

* updated drivedocs.1.9 indicators

* update commoncontrols.10.1 to be required by the bod and automated

* Update meet.5.1 and meet.5.2 to be required by the bod and automated
2026-07-10 15:46:12 -04:00
2023-12-06 11:47:19 -08:00
2024-12-19 16:23:24 -08:00
2024-12-19 16:23:24 -08:00
2023-07-24 10:07:23 -04:00
2026-04-06 11:12:45 -07:00
2026-07-06 12:41:09 -04:00
2026-04-21 13:07:13 -04:00
2024-12-19 16:23:24 -08:00

ScubaGoggles Logo

GitHub Release PyPI - Version GitHub Downloads PyPI Downloads GitHub License

Developed by CISA, ScubaGoggles is an assessment tool that verifies a Google Workspace (GWS) organization's configuration conforms to the policies described in the Secure Cloud Business Applications (SCuBA) Secure Configuration Baseline documents.

For the Microsoft 365 (M365) rendition of this tool, see ScubaGear.

Overview

We use a three-step process:

  1. Export. In this step, we primarily use the Google Admin SDK API to export and serialize all the relevant logs and settings into json. ScubaGoggles also uses various other Google APIs to grab organization metadata, user privileges etc.
  2. Verify. Compare the exported settings from the previous step with the configuration prescribed in the baselines. We do this using OPA Rego, a declarative query language for defining policy.
  3. Report. Package the results as HTML and JSON.

Table of Contents

Installation

Prerequisites

Authentication

Usage

Troubleshooting

Misc

Project License

Unless otherwise noted, this project is distributed under the Creative Commons Zero license. With developer approval, contributions may be submitted with an alternate compatible license. If accepted, those contributions will be listed herein with the appropriate license.

S
Description
No description provided
Readme CC0-1.0 19 MiB
Languages
Python 49%
Open Policy Agent 32.3%
HTML 17.3%
JavaScript 0.5%
CSS 0.5%
Other 0.4%