Use the postgres_ident_conf Chef InSpec audit resource to test the client authentication data defined in the pg_ident.conf file.
This resource is distributed along with Chef InSpec itself. You can use it automatically.
This resource first became available in v1.31.0 of InSpec.
An postgres_ident_conf Chef InSpec audit resource block declares client authentication data that should be tested:
describe postgres_ident_conf.where { pg_username == 'filter_value' } do
its('attribute') { should eq ['value'] }
end
where
'attribute' is a attribute in the pg ident configuration file'filter_value' is the value that is to be filtered for'value' is the value that is to be matched expectedmap_name returns a an array of strings that matches the where condition of the filter table
describe postgres_ident_conf.where { pg_username == 'name' } do
its('map_name') { should eq ['value'] }
end
pg_username returns a an array of strings that matches the where condition of the filter table
describe postgres_ident_conf.where { pg_username == 'name' } do
its('pg_username') { should eq ['value'] }
end
system_username returns a an array of strings that matches the where condition of the filter table
describe postgres_ident_conf.where { pg_username == 'name' } do
its('system_username') { should eq ['value'] }
end
For a full list of available matchers, please visit our matchers page.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/postgres_ident_conf/