Exclusions

In this topic:

     

    You can exclude specific findings from appearing in the results of assessments, for both manually triggered compliance assessments, and continuous compliance assessments.

    Using exclusions, you can declutter the findings lists by removing findings that are not interesting to you. The excluded findings will also not be included in the calculation of the overall assessment results, or the results for a specific rule. Excluded findings will also not be sent as notification messages (by email, SNS, etc) to external systems.

    Some typical cases to use exclusions include:

    • exclude findings from irrelevant rules, for a specific cloud account or for all cloud accounts
    • replace a rule that requires customization
    • stop generating findings for a specific entity, if a rule is irrelevant for the entity

    Create an Alert Exclusion

    You can exclude alerts from specific rules and bundles from generating findings. These are exclusions. Use them to declutter the findings lists for both manually triggered assessments and continuous compliance assessments.

    1. Navigate to the Exclusions page in the Compliance & Governance menu.
    2. Click Create New Exclusion, in the upper right.
      Exclusions-create-new-exclusion.png
    3. Select the Bundle to exclude, from the list.
    4. Click Exclude by Rule, and/or Exclude by Cloud Account, to exclude a specific rule and/or account. Select the item from the list. If these options not checked, all rules, accounts are excluded.
    5. Click Exclude by Entity, to exclude specific entities. Enter the entity name or ID. You can include the wildcard '%' in the entity name, to include a group of entities. For example, '%s3% matches all entities with 's3' in their name, all of which would be included in the exclusion.
    6. Click Exclude. 

    Delete Exclusions

    1. Navigate to the Exclusions page in the Compliance & Governance menu.
    2. Hover over the exclusion that you wish to delete, and then click .

    See also

    Alert Findings