pethers
commented
2 years ago So how do you run it ?
Part of your pipeline or how have you set it up ?
Closed PeterBengtson closed 2 years ago
pethers
commented
2 years ago So how do you run it ?
Part of your pipeline or how have you set it up ?
PeterBengtson
commented
2 years ago Ah. As part of CfCT - I just realized that I might have opened this issue in the wrong place
tis 2 aug. 2022 kl. 17:24 skrev James Pether Sörling < @.***>:
So how do you run it ? Part of your pipeline or how have you set it up ?
— Reply to this email directly, view it on GitHub https://github.com/stelligent/cfn_nag/issues/607#issuecomment-1202816666, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAA6OIDKGCXYJFSTQVDRPLVXE4UFANCNFSM55LO53TA . You are receiving this because you authored the thread.Message ID: @.***>
cfn_nag is misconfigured: it protests about things that are best practice, and it's cumbersome to configure per resource using metadata to suppress the wholly unwanted "errors" and "warnings".
As a matter of fact, I don't understand why you run cfn_nag at all, given that no such scanning is done when using the CloudFormation console.
I know what I'm doing, have been working with bank security in the AWS cloud for years, and know how to write permission boundary policies inside out. That suddenly cfn_nag should be nagging me about things that are perfectly okay is just irritating.
So. How can I disable cfn_nag altogether? I don't want it to offer its useless opinions on code already following best practices. As you know, "best practices" are context-dependent things.