- Newest
- Most votes
- Most comments
We are really sorry but excluding resources is currently not possible. I suggest that you reach out to your AWS contact person and raise this demand so that it gets properly tracked.
Depending on your development appetite you may want to have a look at the AWS Rules Development Kit for creating a custom config rule based on the examples in the awslabs github repository: https://github.com/awslabs/aws-config-rules
As you can pass own parameters to your custom config rule you could specify a specific tag name. You can protect this tag via Service Control Policies in AWS Organizations to make sure that not everyone can put their resources on the exclude list.
This is now possible https://aws.amazon.com/about-aws/whats-new/2023/06/aws-config-recording-exclusions-resource-type/
This is not what the OP is asking for. The desire is to be able to exclude individual resources, not entire resource types.
Relevant content
- asked a year ago
Duplicating a managed rule and having to maintain and keep it in sync with upstream changes/improvements is not a workable solution. Is AWS Config another AWS product that's going to be on the chopping block, because I can't see how anyone can seriously use this without being able to selectively exclude individual resources by ARN in AWS managed rules and rules from conformance packs.