biscuit

使用IAM的高性能文本模式匹配

概览

扩展包名	版本	分类	许可证	语言
`pg_biscuit`	`2.2.2`	FTS	MIT	C

ID	扩展名	Bin	Lib	Load	Create	Trust	Reloc	模式
2170	`biscuit`	否	是	否	是	否	否	`public`

相关扩展	`plpgsql` `hll` `rum` `pg_textsearch`

版本

类型	仓库	版本	PG 大版本	包名	依赖
EXT	PIGSTY	`2.2.2`	1817161514	`pg_biscuit`	`plpgsql`
RPM	PIGSTY	`2.2.2`	1817161514	`pg_biscuit_$v`	-
DEB	PIGSTY	`2.2.2`	1817161514	`postgresql-$v-biscuit`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 2.2.2 el8.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el8.x86_64.rpm PIGSTY · 2.2.2 · 65.4KiB	PIGSTY 2.2.2 el8.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el8.x86_64.rpm PIGSTY · 2.2.2 · 65.3KiB	PIGSTY 2.2.2 el8.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el8.x86_64.rpm PIGSTY · 2.2.2 · 65.4KiB	PIGSTY MISS	PIGSTY MISS
el8.aarch64	PIGSTY 2.2.2 el8.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el8.aarch64.rpm PIGSTY · 2.2.2 · 61.0KiB	PIGSTY 2.2.2 el8.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el8.aarch64.rpm PIGSTY · 2.2.2 · 60.9KiB	PIGSTY 2.2.2 el8.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el8.aarch64.rpm PIGSTY · 2.2.2 · 61.0KiB	PIGSTY MISS	PIGSTY MISS
el9.x86_64	PIGSTY 2.2.2 el9.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el9.x86_64.rpm PIGSTY · 2.2.2 · 65.8KiB	PIGSTY 2.2.2 el9.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el9.x86_64.rpm PIGSTY · 2.2.2 · 65.5KiB	PIGSTY 2.2.2 el9.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el9.x86_64.rpm PIGSTY · 2.2.2 · 65.6KiB	PIGSTY MISS	PIGSTY MISS
el9.aarch64	PIGSTY 2.2.2 el9.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el9.aarch64.rpm PIGSTY · 2.2.2 · 63.6KiB	PIGSTY 2.2.2 el9.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el9.aarch64.rpm PIGSTY · 2.2.2 · 63.4KiB	PIGSTY 2.2.2 el9.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el9.aarch64.rpm PIGSTY · 2.2.2 · 63.5KiB	PIGSTY MISS	PIGSTY MISS
el10.x86_64	PIGSTY 2.2.2 el10.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el10.x86_64.rpm PIGSTY · 2.2.2 · 68.5KiB	PIGSTY 2.2.2 el10.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el10.x86_64.rpm PIGSTY · 2.2.2 · 68.5KiB	PIGSTY 2.2.2 el10.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el10.x86_64.rpm PIGSTY · 2.2.2 · 68.6KiB	PIGSTY MISS	PIGSTY MISS
el10.aarch64	PIGSTY 2.2.2 el10.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el10.aarch64.rpm PIGSTY · 2.2.2 · 65.6KiB	PIGSTY 2.2.2 el10.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el10.aarch64.rpm PIGSTY · 2.2.2 · 65.6KiB	PIGSTY 2.2.2 el10.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el10.aarch64.rpm PIGSTY · 2.2.2 · 65.6KiB	PIGSTY MISS	PIGSTY MISS
d12.x86_64	PIGSTY 2.2.2 d12.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb PIGSTY · 2.2.2 · 154.0KiB	PIGSTY 2.2.2 d12.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb PIGSTY · 2.2.2 · 154.0KiB	PIGSTY 2.2.2 d12.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb PIGSTY · 2.2.2 · 154.0KiB	PIGSTY MISS	PIGSTY MISS
d12.aarch64	PIGSTY 2.2.2 d12.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb PIGSTY · 2.2.2 · 149.3KiB	PIGSTY 2.2.2 d12.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb PIGSTY · 2.2.2 · 149.0KiB	PIGSTY 2.2.2 d12.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb PIGSTY · 2.2.2 · 149.0KiB	PIGSTY MISS	PIGSTY MISS
d13.x86_64	PIGSTY 2.2.2 d13.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb PIGSTY · 2.2.2 · 155.3KiB	PIGSTY 2.2.2 d13.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb PIGSTY · 2.2.2 · 155.1KiB	PIGSTY 2.2.2 d13.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb PIGSTY · 2.2.2 · 155.1KiB	PIGSTY MISS	PIGSTY MISS
d13.aarch64	PIGSTY 2.2.2 d13.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb PIGSTY · 2.2.2 · 150.4KiB	PIGSTY 2.2.2 d13.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb PIGSTY · 2.2.2 · 150.0KiB	PIGSTY 2.2.2 d13.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb PIGSTY · 2.2.2 · 150.0KiB	PIGSTY MISS	PIGSTY MISS
u22.x86_64	PIGSTY 2.2.2 u22.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb PIGSTY · 2.2.2 · 157.5KiB	PIGSTY 2.2.2 u22.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb PIGSTY · 2.2.2 · 168.2KiB	PIGSTY 2.2.2 u22.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb PIGSTY · 2.2.2 · 168.1KiB	PIGSTY MISS	PIGSTY MISS
u22.aarch64	PIGSTY 2.2.2 u22.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb PIGSTY · 2.2.2 · 155.2KiB	PIGSTY 2.2.2 u22.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb PIGSTY · 2.2.2 · 165.2KiB	PIGSTY 2.2.2 u22.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb PIGSTY · 2.2.2 · 165.0KiB	PIGSTY MISS	PIGSTY MISS
u24.x86_64	PIGSTY 2.2.2 u24.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~noble_amd64.deb PIGSTY · 2.2.2 · 157.1KiB	PIGSTY 2.2.2 u24.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~noble_amd64.deb PIGSTY · 2.2.2 · 157.2KiB	PIGSTY 2.2.2 u24.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~noble_amd64.deb PIGSTY · 2.2.2 · 157.2KiB	PIGSTY MISS	PIGSTY MISS
u24.aarch64	PIGSTY 2.2.2 u24.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~noble_arm64.deb PIGSTY · 2.2.2 · 153.6KiB	PIGSTY 2.2.2 u24.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~noble_arm64.deb PIGSTY · 2.2.2 · 153.2KiB	PIGSTY 2.2.2 u24.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~noble_arm64.deb PIGSTY · 2.2.2 · 153.3KiB	PIGSTY MISS	PIGSTY MISS

构建

您可以使用 pig build 命令构建 pg_biscuit 扩展的 RPM / DEB 包：

pig build pkg pg_biscuit         # 构建 RPM / DEB 包

安装

您可以直接安装 pg_biscuit 扩展包的预置二进制包，首先确保 PGDG 和 PIGSTY 仓库已经添加并启用：

pig repo add pgsql -u          # 添加仓库并更新缓存

使用 pig 或者是 apt/yum/dnf 安装扩展：

pig install pg_biscuit;          # 当前活跃 PG 版本安装

pig ext install -y pg_biscuit -v 18  # PG 18
pig ext install -y pg_biscuit -v 17  # PG 17
pig ext install -y pg_biscuit -v 16  # PG 16

dnf install -y pg_biscuit_18       # PG 18
dnf install -y pg_biscuit_17       # PG 17
dnf install -y pg_biscuit_16       # PG 16

apt install -y postgresql-18-biscuit   # PG 18
apt install -y postgresql-17-biscuit   # PG 17
apt install -y postgresql-16-biscuit   # PG 16

创建扩展：

CREATE EXTENSION biscuit CASCADE;  -- 依赖: plpgsql

用法

GitHub: CrystallineCore/pg_biscuit

biscuit（pg_biscuit）是一个 PostgreSQL 扩展，提供类似 IAM 的模式匹配和位图索引。它使用专用位图索引实现权限风格模式与文本值的高效匹配。

功能特性

类 IAM 模式匹配：支持类似 AWS IAM 策略模式的通配符匹配
位图索引：使用位图索引加速模式匹配查询
权限评估：评估给定操作是否与权限模式集合匹配

快速开始

CREATE EXTENSION biscuit CASCADE;  -- 需要 plpgsql

-- 创建含权限模式的表
CREATE TABLE permissions (
  id serial PRIMARY KEY,
  pattern text NOT NULL
);

-- 插入类 IAM 模式
INSERT INTO permissions (pattern) VALUES
  ('s3:GetObject'),
  ('s3:*'),
  ('ec2:Describe*'),
  ('iam:Create*');

模式语法

Biscuit 支持 IAM 风格的通配符模式：

* 匹配任意字符序列
? 匹配任意单个字符
精确字符串按字面匹配

说明

需要 plpgsql 扩展（使用 CASCADE 自动安装）
可用于 PostgreSQL 16、17 和 18
MIT 许可证

意见反馈

这个页面对您有帮助吗？

感谢反馈！请告诉我们如何改进。

抱歉给您带来不便。请告诉我们如何改进。

最后修改 2026-03-14: update extension metadata (953cbd0)