Plan Resources Exclusion

Overview

The Plan resources exclusion feature enables you to exclude specific resources from actions or changes initiated by plan items.

Excluding resources

Finding the plan resource data

you will need the following plan item data:

• : In the jit/jit-plan file (located in the repository selected for the integration), copy the slug (located in the uses section of jit/jit-plan of the plan item that contains the resources you want to exclude and add it to your jit-config.yml file.
  Example: item-cloud-security-posture-management(AWS Security Hub plan item slug).

• : Replace this with the name of the resource you wish to exclude. Copy the resource identifier to from Settings -> Manage Resources in the Jit platform.

• (Optional) Type: This field is used to distinguish between two resources that are of different types but share the same identifier, like a GitHub repository named Jit under an organization named Jit. Enter one of the following values into the Type field:

Excluding resources in GitHub

🚧

The contents of your jit-config.yml file will vary depending on your enabled features and integrations. Other features that may impact your jit-config.yml file are discussed in Security as Code Configuration.

1. Open the jit-config.yml file located in the .jit directory of the repository selected for GitHub integration.

2. Add the following section to the end of the file:

resource_management:
  exclude:
    plan_items:
      <plan item slug>:
        resources:
          - name: <resource identifier>
            type: <type [OPTIONAL]>

3. Save your changes to the jit-config.yml file.

Excluding resources in other SCMs

Use Jit's 'Update configuration file' API endpoint. For more information, please see API: Update configuration file.