inspec/docs/resources/postgres_ident_conf.md.erb

---
title: About the postgres_ident_conf Resource
platform: linux
---

# postgres\_ident\_conf

Use the `postgres_ident_conf` InSpec audit resource to test the client authentication data defined in the pg_hba.conf file.

<br>

## Syntax

An `postgres_ident_conf` InSpec audit resource block declares client authentication data that should be tested:

    describe postgres_ident_conf.where { pg_username == 'filter_value' } do
      its('attribute') { should eq ['value'] }
    end

where

* `'attribute'` is a attribute in the  pg ident configuration file
* `'filter_value'` is the value that is to be filtered for
* `'value'` is the value that is to be matched expected

<br>

## Properties

    'conf_file', 'map_name', 'params', 'pg_username', 'system_username'

<br>

## Property Examples

### map_name([String])

`address` returns a an array of strings that matches the where condition of the filter table

    describe pg_hba_conf.where { pg_username == 'name' } do
      its('map_name') { should eq ['value'] }
    end
### pg_username([String])

`pg_username` returns a an array of strings that matches the where condition of the filter table

    describe pg_hba_conf.where { pg_username == 'name' } do
      its('pg_username') { should eq ['value'] }
    end

### system_username([String])

`system_username` returns a an array of strings that matches the where condition of the filter table

    describe pg_hba_conf.where { pg_username == 'name' } do
      its('system_username') { should eq ['value'] }
    end

<br>

## Matchers

This InSpec audit resource matches any service that is listed in the pg ident configuration file. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).

    its('pg_username') { should_not eq ['peer'] }

or:

    its('map_name') { should eq ['value'] }

For example:

    describe postgres_ident_conf.where { pg_username == 'name' } do
      its('system_username') { should eq ['value'] }
      its('map_name') { should eq ['value'] }
    end
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00			`---`
			`title: About the postgres_ident_conf Resource`
Add `platform` tags and remove trailing whitespace (#2654) Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com> 2018-02-16 00:28:15 +00:00			`platform: linux`
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00			`---`

Markdown titles sometimes need `_`s escaped (#2451) When a header includes two `_`s, they must be escaped, otherwise, the text between the two `_`s is rendered with emphasis. E.g., `<h1 id="etchostsallow">etc<em>hosts</em>allow</h1>` Escaping the `_`s fixes this and the header is rendered properly. This is a fix for: * etc_hosts_allow * etc_hosts_deny * postgres_hba_conf * postgres_ident_conf This change also adds the `h1` title to the windows_hotfix resource page. Signed-off-by: Nathen Harvey <nharvey@chef.io> 2018-01-08 18:09:13 +00:00			`# postgres\_ident\_conf`
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00
			Use the `postgres_ident_conf` InSpec audit resource to test the client authentication data defined in the pg_hba.conf file.
Resource documentation update (#2207) Light formatting changes, change order of example and matchers, slight color changes Signed-off-by: hannah-radish <hmaddy@chef.io> 2017-10-03 21:35:10 +00:00
			`<br>`

New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00			`## Syntax`

			An `postgres_ident_conf` InSpec audit resource block declares client authentication data that should be tested:

			`describe postgres_ident_conf.where { pg_username == 'filter_value' } do`
			`its('attribute') { should eq ['value'] }`
			`end`

			`where`

			* `'attribute'` is a attribute in the pg ident configuration file
			* `'filter_value'` is the value that is to be filtered for
			* `'value'` is the value that is to be matched expected

Resource documentation update (#2207) Light formatting changes, change order of example and matchers, slight color changes Signed-off-by: hannah-radish <hmaddy@chef.io> 2017-10-03 21:35:10 +00:00			`<br>`
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00
Normalizes terms accross resources (#2649) Signed-off-by: kagarmoe <kgarmoe@chef.io> 2018-02-15 14:33:22 +00:00			`## Properties`
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00
			`'conf_file', 'map_name', 'params', 'pg_username', 'system_username'`

Resource documentation update (#2207) Light formatting changes, change order of example and matchers, slight color changes Signed-off-by: hannah-radish <hmaddy@chef.io> 2017-10-03 21:35:10 +00:00			`<br>`

Normalizes terms accross resources (#2649) Signed-off-by: kagarmoe <kgarmoe@chef.io> 2018-02-15 14:33:22 +00:00			`## Property Examples`
New postgres_ident_conf resource (#1963) * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Initial commit of pg_ident_conf resource Signed-off-by: Rony Xavier <rx294@nyu.edu> * Small updates to organization of code Signed-off-by: Aaron Lippold <lippold@gmail.com> Signed-off-by: Rony Xaiver <rx294@nyu.edu> * updated `conf_path` instance var to `conf_file` since we are returning a file. Signed-off-by: Aaron Lippold <lippold@gmail.com> * Updated few bugs on pg_ident_conf added test files and docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Updated docs Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * Added OS check Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock file Signed-off-by: Rony Xavier <rx294@nyu.edu> * Added mock folders Signed-off-by: Rony Xavier <rx294@nyu.edu> Signed-off-by: Aaron Lippold <lippold@gmail.com> * added windows mock file Signed-off-by: Aaron Lippold <lippold@gmail.com> * Changed resource name from pg_ident_conf to postgres_ident_conf Signed-off-by: Rony Xavier <rx294@nyu.edu> * Completed corrections reccomended on PR Signed-off-by: Rony Xavier <rx294@nyu.edu> * removed copyright information Signed-off-by: Aaron Lippold <lippold@gmail.com> 2017-07-03 18:01:40 +00:00
			`### map_name([String])`

			`address` returns a an array of strings that matches the where condition of the filter table

			`describe pg_hba_conf.where { pg_username == 'name' } do`
			`its('map_name') { should eq ['value'] }`
			`end`
			`### pg_username([String])`

			`pg_username` returns a an array of strings that matches the where condition of the filter table

			`describe pg_hba_conf.where { pg_username == 'name' } do`
			`its('pg_username') { should eq ['value'] }`
			`end`

			`### system_username([String])`

			`system_username` returns a an array of strings that matches the where condition of the filter table

			`describe pg_hba_conf.where { pg_username == 'name' } do`
			`its('system_username') { should eq ['value'] }`
			`end`
Resource documentation update (#2207) Light formatting changes, change order of example and matchers, slight color changes Signed-off-by: hannah-radish <hmaddy@chef.io> 2017-10-03 21:35:10 +00:00
			`<br>`

			`## Matchers`

Add one comma in all docs & deletes two repeated sentences. (#2658) Signed-off-by: kagarmoe <kgarmoe@chef.io> 2018-02-16 03:07:18 +00:00			`This InSpec audit resource matches any service that is listed in the pg ident configuration file. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).`
Resource documentation update (#2207) Light formatting changes, change order of example and matchers, slight color changes Signed-off-by: hannah-radish <hmaddy@chef.io> 2017-10-03 21:35:10 +00:00
			`its('pg_username') { should_not eq ['peer'] }`

			`or:`

			`its('map_name') { should eq ['value'] }`

			`For example:`

			`describe postgres_ident_conf.where { pg_username == 'name' } do`
			`its('system_username') { should eq ['value'] }`
			`its('map_name') { should eq ['value'] }`
			`end`