Skip to main content

postgres_hba_conf resource

Use the postgres_hba_conf Chef InSpec audit resource to test the client authentication data defined in the pg_hba.conf file.

Availability

Install

This resource is distributed with Chef InSpec and is automatically available for use.

Version

This resource first became available in v1.31.0 of InSpec.

Syntax

An postgres_hba_conf Chef InSpec audit resource block declares client authentication data that should be tested:

describe postgres_hba_conf.where { type == 'local' } do
 its('auth_method') { should eq ['peer'] }
end

where

  • 'attribute' is a attribute in the pg hba configuration file
  • 'filter_value' is the value that is to be filtered for
  • 'value' is the value that is to be matched expected

Properties

address([String])

address returns a an array of strings that matches the where condition of the filter table

describe postgres_hba_conf.where { type == 'local' } do
  its('address') { should cmp 'value' }
end

auth_method([String])

auth_method returns a an array of strings that matches the where condition of the filter table

describe postgres_hba_conf.where { type == 'local' } do
  its('auth_method') { should cmp 'value' }
end

database([String])

database returns a an array of strings that matches the where condition of the filter table

describe postgres_hba_conf.where { type == 'local' } do
  its('database') { should cmp 'value' }
end

type([String])

type returns a an array of strings that matches the where condition of the filter table

describe postgres_hba_conf.where { database == 'acme_test_db' } do
  its('type') { should cmp 'value' }
end

user([String])

user returns a an array of strings that matches the where condition of the filter table

describe postgres_hba_conf.where { database == 'acme_test_db' } do
  its('user') { should cmp 'value' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.
Edit this page on GitHub

Thank you for your feedback!

×