The plan resources exclusion feature enables you to exclude specific resources from actions or changes initiated by plan items.
The contents of your
jit-config.ymlfile will vary depending on your enabled features and integrations. Other features that may impact your
jit-config.ymlfile are discussed in Security as Code Configuration.
To exclude a resource—
jit-config.ymlfile located in the
.jitdirectory of the repository selected for GitHub integration.
Add the following section to the end of the file:
resource_management: exclude: plan_items: <plan item slug>: resources: - name: <resource identifier> type: <type [OPTIONAL]>
<plan item slug>: In the
.jit/jit-planfile (located in the repository selected for GitHub integration), copy the slug (located in the
jit/jit-plan) of the plan item that contains the resources you want to exclude and add it to your
item-cloud-security-posture-management(AWS Security Hub plan item slug)
<resource identifier>: Replace this with the name of the resource you wish to exclude. Copy the
resource identifierfrom Settings -> Manage Resources in the Jit platform.
|Resource type||Location of resource identifier in UI|
|AWS Account, GCP, Azure||Under the |
|Github repository||Under the |
|Github organization||The organization name.|
type: This field is used to distinguish between two resources that are of different types but share the same identifier— such as a GitHub repository named "Jit" under an organization named "Jit." Enter one of the following values into the
|A GitHub repository.|
|Google Cloud Platform account.|
|Microsoft Azure account.|
|Web application resource.|
- Save your changes to the
Updated about 2 months ago