biscuit
IAM-LIKE pattern matching with bitmap indexing
Repository
CrystallineCore/pg_biscuit
https://github.com/CrystallineCore/pg_biscuit
Source
Biscuit-2.2.2.tar.gz
Biscuit-2.2.2.tar.gz
Overview
| Package | Version | Category | License | Language |
|---|---|---|---|---|
pg_biscuit | 2.2.2 | FTS | MIT | C |
| ID | Extension | Bin | Lib | Load | Create | Trust | Reloc | Schema |
|---|---|---|---|---|---|---|---|---|
| 2170 | biscuit | No | Yes | No | Yes | No | No | public |
| Related | plpgsql hll rum pg_textsearch |
|---|
Version
| Type | Repo | Version | PG Ver | Package | Deps |
|---|---|---|---|---|---|
| EXT | PIGSTY | 2.2.2 | 1817161514 | pg_biscuit | plpgsql |
| RPM | PIGSTY | 2.2.2 | 1817161514 | pg_biscuit_$v | - |
| DEB | PIGSTY | 2.2.2 | 1817161514 | postgresql-$v-biscuit | - |
| OS / PG | PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|---|
| el8.x86_64 | PIGSTY 2.2.2 el8.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el8.x86_64.rpm
| PIGSTY 2.2.2 el8.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el8.x86_64.rpm
| PIGSTY 2.2.2 el8.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el8.x86_64.rpm
| PIGSTY MISS | PIGSTY MISS |
| el8.aarch64 | PIGSTY 2.2.2 el8.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el8.aarch64.rpm
| PIGSTY 2.2.2 el8.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el8.aarch64.rpm
| PIGSTY 2.2.2 el8.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el8.aarch64.rpm
| PIGSTY MISS | PIGSTY MISS |
| el9.x86_64 | PIGSTY 2.2.2 el9.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el9.x86_64.rpm
| PIGSTY 2.2.2 el9.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el9.x86_64.rpm
| PIGSTY 2.2.2 el9.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el9.x86_64.rpm
| PIGSTY MISS | PIGSTY MISS |
| el9.aarch64 | PIGSTY 2.2.2 el9.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el9.aarch64.rpm
| PIGSTY 2.2.2 el9.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el9.aarch64.rpm
| PIGSTY 2.2.2 el9.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el9.aarch64.rpm
| PIGSTY MISS | PIGSTY MISS |
| el10.x86_64 | PIGSTY 2.2.2 el10.x86_64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el10.x86_64.rpm
| PIGSTY 2.2.2 el10.x86_64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el10.x86_64.rpm
| PIGSTY 2.2.2 el10.x86_64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el10.x86_64.rpm
| PIGSTY MISS | PIGSTY MISS |
| el10.aarch64 | PIGSTY 2.2.2 el10.aarch64.pg18 : pg_biscuit_18 pg_biscuit_18-2.2.2-1PIGSTY.el10.aarch64.rpm
| PIGSTY 2.2.2 el10.aarch64.pg17 : pg_biscuit_17 pg_biscuit_17-2.2.2-1PIGSTY.el10.aarch64.rpm
| PIGSTY 2.2.2 el10.aarch64.pg16 : pg_biscuit_16 pg_biscuit_16-2.2.2-1PIGSTY.el10.aarch64.rpm
| PIGSTY MISS | PIGSTY MISS |
| d12.x86_64 | PIGSTY 2.2.2 d12.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb
| PIGSTY 2.2.2 d12.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb
| PIGSTY 2.2.2 d12.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~bookworm_amd64.deb
| PIGSTY MISS | PIGSTY MISS |
| d12.aarch64 | PIGSTY 2.2.2 d12.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb
| PIGSTY 2.2.2 d12.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb
| PIGSTY 2.2.2 d12.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~bookworm_arm64.deb
| PIGSTY MISS | PIGSTY MISS |
| d13.x86_64 | PIGSTY 2.2.2 d13.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb
| PIGSTY 2.2.2 d13.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb
| PIGSTY 2.2.2 d13.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~trixie_amd64.deb
| PIGSTY MISS | PIGSTY MISS |
| d13.aarch64 | PIGSTY 2.2.2 d13.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb
| PIGSTY 2.2.2 d13.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb
| PIGSTY 2.2.2 d13.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~trixie_arm64.deb
| PIGSTY MISS | PIGSTY MISS |
| u22.x86_64 | PIGSTY 2.2.2 u22.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb
| PIGSTY 2.2.2 u22.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb
| PIGSTY 2.2.2 u22.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~jammy_amd64.deb
| PIGSTY MISS | PIGSTY MISS |
| u22.aarch64 | PIGSTY 2.2.2 u22.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb
| PIGSTY 2.2.2 u22.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb
| PIGSTY 2.2.2 u22.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~jammy_arm64.deb
| PIGSTY MISS | PIGSTY MISS |
| u24.x86_64 | PIGSTY 2.2.2 u24.x86_64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~noble_amd64.deb
| PIGSTY 2.2.2 u24.x86_64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~noble_amd64.deb
| PIGSTY 2.2.2 u24.x86_64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~noble_amd64.deb
| PIGSTY MISS | PIGSTY MISS |
| u24.aarch64 | PIGSTY 2.2.2 u24.aarch64.pg18 : postgresql-18-biscuit postgresql-18-biscuit_2.2.2-1PIGSTY~noble_arm64.deb
| PIGSTY 2.2.2 u24.aarch64.pg17 : postgresql-17-biscuit postgresql-17-biscuit_2.2.2-1PIGSTY~noble_arm64.deb
| PIGSTY 2.2.2 u24.aarch64.pg16 : postgresql-16-biscuit postgresql-16-biscuit_2.2.2-1PIGSTY~noble_arm64.deb
| PIGSTY MISS | PIGSTY MISS |
Build
You can build the RPM / DEB packages for pg_biscuit using pig build:
pig build pkg pg_biscuit # build RPM / DEB packages
Install
You can install pg_biscuit directly. First, make sure the PGDG and PIGSTY repositories are added and enabled:
pig repo add pgsql -u # Add repo and update cache
Install the extension using pig or apt/yum/dnf:
pig install pg_biscuit; # Install for current active PG version
pig ext install -y pg_biscuit -v 18 # PG 18
pig ext install -y pg_biscuit -v 17 # PG 17
pig ext install -y pg_biscuit -v 16 # PG 16
dnf install -y pg_biscuit_18 # PG 18
dnf install -y pg_biscuit_17 # PG 17
dnf install -y pg_biscuit_16 # PG 16
apt install -y postgresql-18-biscuit # PG 18
apt install -y postgresql-17-biscuit # PG 17
apt install -y postgresql-16-biscuit # PG 16
Create Extension:
CREATE EXTENSION biscuit CASCADE; -- requires: plpgsql
Usage
biscuit (pg_biscuit) is a PostgreSQL extension that provides IAM-like pattern matching with bitmap indexing. It enables efficient matching of permission-style patterns against text values using a specialized bitmap index.
Features
- IAM-like pattern matching: Supports wildcard pattern matching similar to AWS IAM policy patterns
- Bitmap indexing: Uses bitmap indexes for fast pattern matching queries
- Permission evaluation: Evaluate whether a given action matches a set of permission patterns
Quick Start
CREATE EXTENSION biscuit CASCADE; -- requires plpgsql
-- Create a table with permission patterns
CREATE TABLE permissions (
id serial PRIMARY KEY,
pattern text NOT NULL
);
-- Insert IAM-like patterns
INSERT INTO permissions (pattern) VALUES
('s3:GetObject'),
('s3:*'),
('ec2:Describe*'),
('iam:Create*');
Pattern Syntax
Biscuit supports IAM-style wildcard patterns:
*matches any sequence of characters?matches any single character- Exact strings match literally
Notes
- Requires the
plpgsqlextension (installed automatically withCASCADE) - Available for PostgreSQL 16, 17, and 18
- Licensed under MIT
Feedback
Was this page helpful?
Thanks for the feedback! Please let us know how we can improve.
Sorry to hear that. Please let us know how we can improve.