Sha256: 417accde399640e6dd2fa4bbe37db2b86b5be0e7295eed437981c23fd13a3594
Contents?: true
Size: 1.2 KB
Versions: 2
Compression:
Stored size: 1.2 KB
Contents
---
title: About the security_policy Resource
---
# security_policy
Use the `security_policy` InSpec audit resource to test security policies on the Windows platform.
# Syntax
A `security_policy` resource block declares the name of a security policy and the value to be tested:
describe security_policy do
its('policy_name') { should eq 'value' }
end
where
* `'policy_name'` must specify a security policy
* `{ should eq 'value' }` tests the value of `policy_name` against the value declared in the test
# Matchers
This InSpec audit resource has the following matchers:
## be
<%= partial "/shared/matcher_be" %>
## cmp
<%= partial "/shared/matcher_cmp" %>
## eq
<%= partial "/shared/matcher_eq" %>
## include
<%= partial "/shared/matcher_include" %>
## match
<%= partial "/shared/matcher_match" %>
## policy_name
The `policy_name` matcher must be the name of a security policy:
its('SeNetworkLogonRight') { should eq '*S-1-5-11' }
# Examples
The following examples show how to use this InSpec audit resource.
## Verify that only the Administrators group has remote access
describe security_policy do
its('SeRemoteInteractiveLogonRight') { should eq '*S-1-5-32-544' }
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| inspec-1.0.0 | docs/resources/security_policy.md.erb |
| inspec-1.0.0.beta3 | docs/resources/security_policy.md.erb |