File tree Expand file tree Collapse file tree 3 files changed +17
-33
lines changed
audit-specs/baselines/ami-build Expand file tree Collapse file tree 3 files changed +17
-33
lines changed Original file line number Diff line number Diff line change 88 filetype : directory
99 owner : postgres
1010 group : postgres
11- mode : ' 0755 '
11+ mode : ' 0775 '
1212 /etc/postgresql/postgresql.conf :
1313 exists : true
1414 filetype : file
4040 filetype : directory
4141 owner : postgres
4242 group : postgres
43- mode : ' 0755'
44- /etc/postgresql-custom/platform-defaults.conf :
45- exists : true
46- filetype : file
47- owner : postgres
48- group : postgres
49- mode : ' 0644'
43+ mode : ' 0775'
44+ # Note: platform-defaults.conf and pgsodium_root.key are created at deploy time
5045 /etc/postgresql-custom/custom-overrides.conf :
5146 exists : true
5247 filetype : file
@@ -77,20 +72,14 @@ file:
7772 owner : postgres
7873 group : postgres
7974 mode : ' 0664'
80- /etc/postgresql-custom/pgsodium_root.key :
81- exists : true
82- filetype : file
83- owner : postgres
84- group : postgres
85- mode : ' 0600'
8675
8776 # Extension custom scripts directory
8877 /etc/postgresql-custom/extension-custom-scripts :
8978 exists : true
9079 filetype : directory
9180 owner : postgres
9281 group : postgres
93- mode : ' 0755 '
82+ mode : ' 0775 '
9483 /etc/postgresql-custom/extension-custom-scripts/before-create.sql :
9584 exists : true
9685 filetype : file
@@ -104,10 +93,10 @@ file:
10493 filetype : directory
10594 owner : postgrest
10695 group : postgrest
107- mode : ' 0755 '
96+ mode : ' 0775 '
10897 /etc/postgrest/base.conf :
10998 exists : true
11099 filetype : file
111- owner : root
112- group : root
113- mode : ' 0664 '
100+ owner : postgrest
101+ group : postgrest
102+ mode : ' 0644 '
Original file line number Diff line number Diff line change 99 owner : postgres
1010 group : postgres
1111 mode : ' 0755'
12+ # Note: /var/lib/postgresql/data is a symlink during AMI build (points to /data/...)
13+ # The actual data directory is created at deploy time
1214 /var/lib/postgresql/data :
1315 exists : true
14- filetype : directory
15- owner : postgres
16- group : postgres
17- mode : ' 0700 '
16+ filetype : symlink
17+ owner : root
18+ group : root
19+ mode : ' 0777 '
Original file line number Diff line number Diff line change @@ -19,19 +19,12 @@ file:
1919 exists : true
2020 filetype : directory
2121 owner : root
22- group : ssl-cert
23- mode : ' 0710 '
22+ group : postgres
23+ mode : ' 0750 '
2424 /etc/ssl/openssl.cnf :
2525 exists : true
2626 filetype : file
2727 owner : root
2828 group : root
2929 mode : ' 0644'
30-
31- # AdminAPI SSL directory (created during AMI build)
32- /etc/ssl/adminapi :
33- exists : true
34- filetype : directory
35- owner : adminapi
36- group : root
37- mode : ' 0700'
30+ # Note: /etc/ssl/adminapi is created at deploy time, not during AMI build
You can’t perform that action at this time.
0 commit comments