inspec/docs/resources/security_policy.md.erb
Clinton Wolfe 2de06bdeb5 Clean injection of Availability section (#3206)
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-08-09 08:34:49 -04:00

57 lines
1.3 KiB
Text

---
title: About the security_policy Resource
platform: windows
---
# security_policy
Use the `security_policy` InSpec audit resource to test security policies on the Windows platform.
<br>
## Availability
### Installation
This resource is distributed along with InSpec itself. You can use it automatically.
### Version
This resource first became available in v1.0.0 of InSpec.
## Syntax
A `security_policy` resource block declares the name of a security policy and the value to be tested:
describe security_policy do
its('policy_name') { should eq 'value' }
end
where
* `'policy_name'` must specify a security policy
* `{ should eq 'value' }` tests the value of `policy_name` against the value declared in the test
<br>
## Examples
The following examples show how to use this InSpec audit resource.
### Verify that only the Administrators group has remote access
describe security_policy do
its('SeRemoteInteractiveLogonRight') { should eq '*S-1-5-32-544' }
end
<br>
## Matchers
For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
### policy_name
The `policy_name` matcher must be the name of a security policy:
its('SeNetworkLogonRight') { should eq '*S-1-5-11' }