tking/fastapi-gsap
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
fastapi-gsap/ROADMAP.md
Tyler J King d62974f1b7 docs: add Bastion product roadmap 
Feature matrix, release plan v0.4 through v1.0, reference
deployment, architecture principles, and contribution guide.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-14 10:35:07 -04:00

21 KiB
Raw Blame History

Bastion — Product Roadmap

Unified Device & Workspace Governance for the Enterprise

Last updated: April 2026

Vision

One governance authority, every endpoint type, every management mode, unified by identity. Bastion is the open-source MDM control plane that governs physical endpoints and virtual workspaces under a single identity-aware, cryptographically attestable policy framework.

Feature Matrix

Legend

Status Meaning
Shipped Implemented, tested, in bastion-v0.3
🔨 In Progress Partially implemented or stubbed
📐 Designed Architecture defined, not yet coded
🗺️ Planned Scoped and prioritized, design pending
💡 Future Identified need, not yet scoped

Identity & Authentication

Feature Status Version Notes
Entra ID identity driver (JWKS-verified) Shipped v0.1 Native JWT validation, device_id extraction, MFA detection
Keycloak identity driver (JWKS-verified) Shipped v0.3 Shared JWKSVerifier, realm_access roles, DID construction
Shared JWKS verification framework Shipped v0.3 Reusable across all identity drivers, kid-miss refresh
on_behalf_of impersonation gating Shipped v0.3 Requires gsap:impersonate role
Okta identity driver 🗺️ Planned v0.6 OIDC JWT verification, Okta-specific claims
SPIFFE/SPIRE workload identity 🗺️ Planned v0.7 Service-to-service identity within governance infra
FIDO2/WebAuthn integration 💡 Future Hardware key attestation for operator authentication
Shared bearer auth middleware 🔨 In Progress v0.4 FastAPI Depends(verify_bearer) for all protected endpoints

Device Management — Traditional Mode

Feature Status Version Notes
Intune connector (7 operations) Shipped v0.1 list, get, compliance, sync, lock, retire, wipe
Intune compliance cache Shipped v0.1 In-memory with configurable TTL
Compliance-gated AC issuance Shipped v0.1 Per-accord and global configuration
Entra device_id in AC metadata Shipped v0.1 Extracted from JWT deviceid claim
device_id UUID validation Shipped v0.3 Path traversal prevention for Graph API
Intune MCP tools Shipped v0.1 4 tools via governed connector invocation
Capability-enforced operations Shipped v0.3 READ/PROPOSE/MUTATE per-operation
Keylime connector (TPM attestation) 📐 Designed v0.5 Measured boot + IMA runtime integrity
Fleet/osquery connector 🗺️ Planned v0.5 Cross-platform posture collection for Linux/macOS/Windows
Jamf connector (macOS) 🗺️ Planned v0.6 macOS endpoint compliance and management
SNMP/API network device connector 💡 Future Switch/router/firewall posture assessment
Windows Device Health Attestation 📐 Designed v0.5 TPM attestation via Intune DHA Graph API

Device Management — VDI Mode

Feature Status Version Notes
VDI mode architecture 📐 Designed v0.6 Workspace provisioning, profile governance, session binding
Apache Guacamole adapter 🗺️ Planned v0.6 REST API integration for session lifecycle
Governed shell integration (Bascule) 🔨 In Progress v0.4 Stubbed connector, needs Shellstream transport
FSLogix / profile governance 📐 Designed v0.7 Content-addressed profiles as governed artifacts
Citrix CVAD adapter 🗺️ Planned v0.7 Broker Service API for session lifecycle
VMware Horizon adapter 🗺️ Planned v0.8 REST API integration
Session-device binding 📐 Designed v0.5 Correlate Bascule session with originating device posture
Mid-session compliance re-evaluation 📐 Designed v0.6 Revoke/restrict session when device posture degrades

Hardware Security

Feature Status Version Notes
TPM attestation (Linux via Keylime) 📐 Designed v0.5 Measured boot, PCR verification, IMA integration
TPM attestation (Windows via DHA) 📐 Designed v0.5 Intune Device Health Attestation Graph API
HBOM collection (Linux) 📐 Designed v0.5 dmidecode, sysfs, lspci, lsusb, TPM PCR values
HBOM collection (Windows) 📐 Designed v0.5 WMI hardware classes, TPM WMI
HBOM drift detection 📐 Designed v0.5 Content-hash comparison, unexpected component alerting
Firmware version verification 📐 Designed v0.5 HBOM declared version vs TPM-measured version
HardwareIntegrity posture condition 📐 Designed v0.5 Composite: TPM + HBOM + firmware all valid
Barcode/QR enrollment scanning 🗺️ Planned v0.6 USB/camera barcode scan for device onboarding, serial/model/SKU auto-population
Scan-to-HBOM verification 🗺️ Planned v0.6 Compare scanned vendor declaration against TPM/OS-reported hardware at first boot
Supply chain provenance tracking 🗺️ Planned v0.7 Full hardware lifecycle: procurement scan → provisioning → production → decommission

Connector Framework

Feature Status Version Notes
ConnectorPlugin ABC Shipped v0.1 API-mediated connector pattern
ConnectorRuntime with Chronicle audit Shipped v0.1 Intent-before-execution, result-after
SessionTransport / SessionConnector Shipped v0.2 Session-based connector pattern with lifecycle
OrchestratorConnector Shipped v0.2 Multi-step workflow pattern with partial-completion
Bascule connector (stubbed) 🔨 In Progress v0.4 AC-as-credential, needs Shellstream transport
PowerShell connector (stubbed) 🔨 In Progress v0.5 Kerberos credential, needs pypsrp transport
Ansible connector (stubbed) 🔨 In Progress v0.5 Orchestrator pattern, needs ansible-runner
Keylime connector 📐 Designed v0.5 TPM attestation API integration
Connector plugin SDK 🗺️ Planned v0.7 Guild-facing SDK for third-party connectors

Credential Management

Feature Status Version Notes
CredentialResolver abstraction Shipped v0.2 Type routing, expiry enforcement, zero-storage
Entra credential backend (OAuth) Shipped v0.2 MSAL on-behalf-of token acquisition
Bascule credential passthrough Shipped v0.2 AC is the credential
Stub credential backend Shipped v0.2 Dev/testing only, requires explicit opt-in (v0.3)
Credential repr safety Shipped v0.3 field(repr=False) on all sensitive fields
Kerberos credential resolution 🔨 In Progress v0.5 Entra Kerberos proxy or hybrid AD
SSH certificate credential 📐 Designed v0.5 Short-lived certs from Bascule CA
HashiCorp Vault backend 🗺️ Planned v0.6 Dynamic secrets for all credential types
CyberArk backend 🗺️ Planned v0.7 Enterprise PAM integration
Azure Key Vault backend 🗺️ Planned v0.6 Cloud-native secrets for Azure environments

Authorization & Governance

Feature Status Version Notes
AC issuance (GSAP spec) Shipped v0.1 Full lifecycle: issue, poll, consume
Completion receipts Shipped v0.1 Outcome recording with behavioral attestation
Capability mask enforcement Shipped v0.3 READ/PROPOSE/MUTATE per-operation check
AC validation in ConnectorRuntime Shipped v0.3 Exists, active, not expired
Session mode ACs Shipped v0.1 Multi-operation sessions with session_end
Delegation lifecycle Shipped v0.1 Create, revoke, query, list, TTL, command limits
Bounded delegation capability Shipped v0.3 Cannot exceed delegator's capability mask
Atomic command counter Shipped v0.3 SQL-level increment with limit check
DeviceRouter Shipped v0.2 Automatic connector selection by device OS/channel
Declarative compliance policies 🗺️ Planned v0.5 Cross-platform policy definitions
Accord template externalization 🗺️ Planned v0.5 From hardcoded dict to CRD/file-based
Ceremony-gated operations 📐 Designed v0.6 Multi-party approval for destructive operations
Delegation depth enforcement 🔨 In Progress v0.4 Chain traversal and depth limit

AI Agent Integration

Feature Status Version Notes
MCP tool surface Shipped v0.1 JSON-RPC 2.0, 11 core + 4 Intune tools
Agent delegation system Shipped v0.1 Ephemeral IdP registrations, scoped ACs
Delegation with Entra registrar Shipped v0.1 App registration + service principal + client credential
Delegation with Keycloak registrar Shipped v0.1 Ephemeral service-account clients
MCP authentication 🔨 In Progress v0.4 Bearer token required for all MCP operations
MCP AC validation Shipped v0.3 Governed tools require real AC (no synthetic bypass)
Harness specification 📐 Designed v0.6 Delegation scope, escalation boundary, observation/action mode
Harness enforcement in gsh 📐 Designed v0.7 gsh reads harness.toml, enforces scope
Agent telemetry classification 📐 Designed v0.6 Distinguish agent ops from human ops in Chronicle
Automated remediation harness 📐 Designed v0.7 Compliance violation → agent remediation within scope

Compliance & Attestation

Feature Status Version Notes
Compliance-gated authorization Shipped v0.1 Non-compliant devices denied ACs
PostureLevel (Lockdown..Normal) Shipped witness-sprint1 Wire-compatible with Shellstream
WitnessLevel (L1-L4) Shipped witness-sprint1 Telemetry granularity per SAT-SPEC-ZONE-001
PostureCondition framework Shipped witness-sprint1 9 condition kinds including Custom
WitnessConfig on AccordSpec Shipped witness-sprint1 Conditions + delegates + interval + breach response
PostureTransitionArtifact Shipped witness-sprint1 Merkle-anchored posture change evidence
Posture condition evaluator Shipped witness-sprint2 6 checkers implemented, 2 stubbed
Witness event classification Shipped witness-sprint2 Operational/Witness/Forensic at ingestion bridge
TpmAttestationValid condition 📐 Designed v0.5 Keylime-backed posture condition
HbomNoDrift condition 📐 Designed v0.5 HBOM integrity-backed posture condition
HostPostureSnapshot generation 📐 Designed v0.6 Selective merkle proofs for external observers
Witness delegation forwarding 📐 Designed v0.6 Pulsar subscription → filtered CloudEvents to delegates
Insurance observability API 🗺️ Planned v0.7 Read-only posture history for insurers
Dynamic premium integration 💡 Future Insurer-side premium calculation from posture stream
CMMC compliance mapping 🗺️ Planned v0.7 Map Bastion posture conditions to CMMC practices
SOC 2 evidence generation 🗺️ Planned v0.7 Automated evidence collection for SOC 2 controls
SLSA build provenance integration 📐 Designed v0.8 Build attestation feeding into device posture

Audit & Telemetry

Feature Status Version Notes
Chronicle event emission Shipped v0.1 CloudEvents to ingestion bridge
Intent-before-execution audit Shipped v0.3 INTENT event before, RESULT event after
GovernanceEnvelope Shipped cid-phase3 Binds git ref + actor + accord + timestamp
ChronicleGitEvent Shipped cid-phase3 Git-originated events in Chronicle chain
Witness event types (0x2801-0x2805) Shipped witness-sprint1 Posture verified/breached, delegate lifecycle
Chronicle migration to CloudEvents Shipped boundary-cleanup All emitters use CloudEvents 1.0
DEVICE_COMPLIANCE_CHECKED event Shipped v0.1 Compliance gate decisions audited
CONNECTOR_INVOCATION_INTENT event Shipped v0.3 Pre-execution audit record
Broker Chronicle → CloudEvents gRPC 🗺️ Planned v0.5 Replace Forgejo webhook format (M6.2 TODO)
Forensic telemetry classification 📐 Designed v0.6 Full Chronicle stream for incident investigation

Multi-Tenancy & Fleet Management

Feature Status Version Notes
Device inventory (Intune-sourced) Shipped v0.1 Windows managed devices via Graph API
Device inventory (Linux) 🔨 In Progress v0.5 Via Bascule connector collect operation
Cross-tenant MSP dashboard 🗺️ Planned v0.6 Dioxus frontend with per-client views
Tenant isolation in broker 🗺️ Planned v0.6 Per-tenant Accord scope, data isolation
Vertical policy templates 🗺️ Planned v0.7 Healthcare, legal, manufacturing, tribal presets
Fleet-wide posture aggregation 🗺️ Planned v0.7 Cross-device posture summary per tenant
Billing/usage metering 💡 Future Per-tenant usage for MSP billing

Platform & Infrastructure

Feature Status Version Notes
FastAPI + SQLite (prototype) Shipped v0.1 Single-container deployment
PostgreSQL migration 🗺️ Planned v0.5 asyncpg, same SQLModel layer
SQLite file permissions (0o600) 🔨 In Progress v0.4 Security hardening
Pydantic SecretStr for secrets Shipped v0.3 Settings safety
Helm chart 🗺️ Planned v0.6 K8s deployment
Rust port — AC issuance 🗺️ Planned v1.0 Axum/Tonic, governance-types crate
Rust port — connectors 🗺️ Planned v1.0 reqwest + azure_identity
Rust port — credential resolver 🗺️ Planned v1.0 Same zero-storage pattern
OpenAPI spec generation 🗺️ Planned v0.6 Auto-generate from FastAPI routes

Release Plan

v0.4 — Authentication Hardening (Q2 2026)

Theme: Close the remaining security gaps and establish shared auth middleware.

  • Shared Depends(verify_bearer) FastAPI middleware (closes C-4, C-8)
  • MCP endpoint full bearer authentication
  • Delegation endpoint bearer authentication with DID from token
  • Delegation depth enforcement (H-7)
  • SQLite file permissions (H-6)
  • Bascule connector: real Shellstream transport integration (first real session connector)

Exit criteria: All 10 critical findings fully closed. Zero unauthenticated endpoints.

v0.5 — Hardware Trust & Real Transports (Q3 2026)

Theme: TPM attestation, HBOM, and the first real management transports.

  • Keylime connector for TPM-based measured boot attestation
  • Windows Device Health Attestation via Intune DHA Graph API
  • HBOM collection (Linux via Bascule, Windows via PowerShell)
  • HBOM drift detection with content-hash comparison
  • HardwareIntegrity composite posture condition
  • PowerShell connector: real pypsrp transport
  • Ansible connector: real ansible-runner integration
  • Fleet/osquery connector for cross-platform posture collection
  • PostgreSQL migration (asyncpg)
  • Declarative compliance policy engine (cross-platform evaluation)
  • Accord template externalization (file/CRD-based)
  • Broker Chronicle client migration to CloudEvents (not Forgejo format)
  • Device inventory for Linux endpoints (via Bascule collect)
  • Session-device binding (correlate Bascule session to originating device)

Exit criteria: TPM attestation operational on Linux. At least two real transports (Bascule + PowerShell) executing against live targets. HBOM collected and verified.

v0.6 — VDI Mode & Multi-Tenancy (Q4 2026)

Theme: Virtual workspace governance and MSP fleet management.

  • Apache Guacamole VDI adapter
  • Governed shell (Bascule) as a VDI mode workspace
  • Workspace provisioning lifecycle (auth → provision → monitor → terminate)
  • Mid-session compliance re-evaluation
  • Session-device correlation in unified audit trail
  • HostPostureSnapshot generation (Notarization Boundary)
  • Witness delegation forwarding (Pulsar → filtered CloudEvents)
  • Tenant isolation in broker (per-client Accord scope)
  • Cross-tenant MSP dashboard (Dioxus)
  • Harness specification for AI agents
  • Agent telemetry classification (agent vs human ops)
  • Ceremony-gated destructive operations
  • Barcode/QR device enrollment (USB scanner + camera/mobile support)
  • Scan-to-HBOM verification (vendor declaration vs actual hardware at first boot)
  • Helm chart for K8s deployment
  • OpenAPI spec auto-generation
  • Okta identity driver

Exit criteria: VDI mode operational with at least one platform adapter. MSP can manage multiple clients with tenant isolation. Witness delegation producing snapshots.

v0.7 — Insurance & Compliance Frameworks (Q1 2027)

Theme: Compliance automation and the insurance observability product.

  • Insurance observability API (read-only posture history)
  • CMMC compliance mapping (posture conditions → CMMC practices)
  • SOC 2 evidence generation (automated control evidence)
  • Vertical policy templates (healthcare, legal, manufacturing, tribal)
  • Fleet-wide posture aggregation (cross-device summary)
  • FSLogix / profile governance (content-addressed VDI profiles)
  • Harness enforcement in gsh (harness.toml → scope enforcement)
  • Automated remediation harness (compliance violation → agent action)
  • Citrix CVAD adapter
  • Jamf connector (macOS)
  • SPIFFE/SPIRE workload identity
  • HashiCorp Vault credential backend
  • CyberArk credential backend
  • Connector plugin SDK for guild/third-party development
  • Supply chain provenance tracking (procurement scan → provisioning → production → decommission)

Exit criteria: Insurance observability API operational. At least one compliance framework (CMMC or SOC 2) mapped. Harness-governed AI agents performing automated remediation.

v0.8 — Ecosystem & Scale (Q2 2027)

Theme: Scale, ecosystem growth, and advanced attestation.

  • VMware Horizon VDI adapter
  • SLSA build provenance integration
  • Supply chain provenance tracking (HBOM lifecycle)
  • Distributed cache for multi-worker deployments
  • Advanced posture analytics (trend analysis, predictive degradation)
  • Guild marketplace integration (connector/policy template distribution)
  • Forensic telemetry mode (full Chronicle stream for incident investigation)

v1.0 — Rust Port & Production Hardening (Q3 2027)

Theme: Production-grade Rust implementation for performance and safety.

  • Rust port: AC issuance and CR ingestion (Axum/Tonic)
  • Rust port: connector framework (reqwest + azure_identity)
  • Rust port: credential resolver (same zero-storage architecture)
  • Rust port: identity drivers (JWKS verification)
  • Python broker archived as reference implementation
  • Full conformance test suite (Python and Rust implementations must pass)
  • Performance benchmarking and load testing
  • Security audit of Rust implementation

Reference Deployment

Tribal Nation NOC (2026-2027)

The primary reference deployment validating all Bastion capabilities:

  • Sovereignty: Self-hosted control plane, local governance authority
  • Mixed fleet: Windows workstations (Entra/Intune) + Linux terminals (Bascule/GSH)
  • Dual-mode: Physical NOC terminals + VDI remote access for off-site operators
  • Hardware trust: TPM attestation on all NOC endpoints, HBOM verification
  • Compliance: Continuous posture attestation for tribal cybersecurity requirements
  • Insurance: Witness delegation to cyber insurer for dynamic premium model
  • AI agents: Harness-governed automated monitoring and remediation

Architecture Principles

  1. Zero credential storage. The broker holds authorization decisions (ACs), never credentials. Short-lived credentials acquired at invocation time, discarded after use.

  2. Governance by identity, not device. The identity (who) determines the policy (what they can do). The device (where they are) is a posture signal, not the access decision.

  3. Delegate enforcement, own decisions. Bastion makes governance decisions. Platform-specific tools (Intune, Keylime, Ansible, Bascule) enforce them. The control plane is durable; backends evolve.

  4. Attest, don't assert. Every governance claim is backed by cryptographic evidence — TPM measurements, merkle-anchored posture records, signed attestation snapshots. Software assertions are corroborated by hardware proofs.

  5. Pluggable everything. Identity drivers, credential backends, connectors, VDI adapters, compliance policies. The framework ships; the ecosystem grows.

  6. Audit before execute. Chronicle INTENT event before every operation, RESULT event after. The audit trail survives execution failures.

Contributing

Bastion follows the guild-based contribution model:

  • License: Apache 2.0
  • Contributions: Developer Certificate of Origin (DCO), not CLA
  • Connector development: Implement the ConnectorPlugin ABC; the framework provides Chronicle audit, GSAP validation, and credential resolution
  • Identity drivers: Implement the IdentityDriver ABC with JWKSVerifier for JWT validation
  • Credential backends: Implement the CredentialBackend ABC with enforced TTL on all credentials
  • Policy templates: Submit compliance policy definitions for specific verticals or frameworks

See bastion-security-audit.md for the current security posture and known limitations.