Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-09-20 14:31:58 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/docs/resources/postgres_hba_conf.md.erb
Clinton Wolfe 2de06bdeb5 Clean injection of Availability section (#3206) 
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-08-09 08:34:49 -04:00

103 lines
2.6 KiB
Text
Raw Blame History

---
title: About the postgres_hba_conf Resource
platform: linux
---
# postgres\_hba\_conf
Use the `postgres_hba_conf` InSpec audit resource to test the client authentication data defined in the pg_hba.conf file.
<br>
## Availability
### Installation
This resource is distributed along with InSpec itself. You can use it automatically.
### Version
This resource first became available in v1.31.0 of InSpec.
## Syntax
An `postgres_hba_conf` InSpec audit resource block declares client authentication data that should be tested:
describe postgres_hba_conf.where { type == 'local' } do
its('auth_method') { should eq ['peer'] }
end
where
* `'attribute'` is a attribute in the pg hba configuration file
* `'filter_value'` is the value that is to be filtered for
* `'value'` is the value that is to be matched expected
<br>
## Properties
'address', 'auth_method', 'auth_params', 'conf_dir' , 'conf_file' , 'database', 'params' ,'type', 'user'
<br>
## Property Examples
### address([String])
`address` returns a an array of strings that matches the where condition of the filter table
describe postgres_hba_conf.where { type == 'local' } do
its('address') { should cmp 'value' }
end
### auth_method([String])
`auth_method` returns a an array of strings that matches the where condition of the filter table
describe postgres_hba_conf.where { type == 'local' } do
its('auth_method') { should cmp 'value' }
end
### database([String])
`database` returns a an array of strings that matches the where condition of the filter table
describe postgres_hba_conf.where { type == 'local' } do
its('database') { should cmp 'value' }
end
### type([String])
`type` returns a an array of strings that matches the where condition of the filter table
describe postgres_hba_conf.where { database == 'acme_test_db' } do
its('type') { should cmp 'value' }
end
### user([String])
`user` returns a an array of strings that matches the where condition of the filter table
describe postgres_hba_conf.where { database == 'acme_test_db' } do
its('user') { should cmp 'value' }
end
<br>
## Matchers
This InSpec audit resource matches any service that is listed in the HBA configuration file. For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
its('auth_method') { should_not cmp 'peer' }
or:
its('auth_method') { should cmp 'peer' }
For example:
describe postgres_hba_conf.where { type == 'type' } do
its('auth_method') { should cmp 'value' }
its('user') { should cmp 'value' }
end
Reference in a new issue View git blame Copy permalink