https://pulumi.com logo
#getting-started
Title
# getting-started
s

swift-piano-94997

12/07/2023, 4:26 PM
Hello, I was trying to get started with Pulumi CrossGuard and the AWS ruleset. How do I exclude certain objects from certain rules? (equivalent of https://github.com/stelligent/cfn_nag#per-resource-rule-suppression ) eg I can create a simple bucket and get a "Bucket logging must be defined." advisory. So then I add another bucket and make it be the logbucket. And now I get the advisory on the logbucket. How do I add an ignore/exception rule to the template (not to the rules) to say "This IS the logbucket" ??
Copy code
const logBucket = new aws.s3.Bucket("logBucket", {acl: "log-delivery-write"});
const bucket = new aws.s3.Bucket("my-bucket", {
    acl: "public-read",
    loggings: [{
        targetBucket: logBucket.id,
        targetPrefix: "log/",
}],});
(In this case, I could probably adjust the rules to say "if acl=log-delivery-write : ignore". I'm after the generic method to exclude an object from a rule. )