The Plan resources exclusion feature enables you to exclude specific resources from actions or changes initiated by plan items.
The contents of your jit-config.yml file will vary depending on your enabled features and integrations. Other features that may impact your jit-config.yml file are discussed in Security as Code Configuration.
To exclude a resource
Open the jit-config.yml file located in the .jit directory of the repository selected for GitHub integration.
Add the following section to the end of the file:
<plan item slug>:
- name: <resource identifier>
type: <type [OPTIONAL]>
- : In the jit/jit-plan file (located in the repository selected for GitHub integration), copy the slug (located in the uses section of jit/jit-plan of the plan item that contains the resources you want to exclude and add it to your jit-config.yml file.
Example: item-cloud-security-posture-management(AWS Security Hub plan item slug).
- : Replace this with the name of the resource you wish to exclude. Copy the resource identifier to from Settings -> Manage Resources in the Jit platform.
|Location of resource identifier in UI
|AWS Account, GCP, Azure
|Under the Account column of your resource.
|Under the Repository column of your resource.
|The organization's name.
- (Optional) Type: This field is used to distinguish between two resources that are of different types but share the same identifier, like a GitHub repository named Jit under an organization named Jit. Enter one of the following values into the Type field:
|A GitHub repository.
|Google Cloud Platform account.
|Microsoft Azure account.
|Web application resource.
- Save your changes to the jit-config.yml file.
Updated about 2 months ago