How to suppress findings whose type is AwsAccount #38
Description
Thank you for a useful tool.
I want to suppress findings (ex: IAM.6) whose type is AwsAccount.
I tried the following setting but it didn't work with error Error: arn: invalid prefix.
standards:
aws-foundational-security-best-practices/v/1.0.0:
enable: true
controls:
enable: [APIGateway.5, APIGateway.8, APIGateway.9, Account.1, AutoScaling.1, AutoScaling.2, AutoScaling.3, AutoScaling.4, AutoScaling.6, AutoScaling.9, CloudTrail.1, CloudTrail.2, CloudTrail.4, CloudTrail.5, Config.1, DynamoDB.1, EC2.19, EC2.2, EC2.21, EC2.25, EC2.6, ECR.3, ECS.5, EFS.3, EFS.4, ELB.10, ELB.12, ELB.13, ELB.14, ELB.5, ELB.7, ES.4, ES.5, ES.6, ES.7, ES.8, IAM.1, IAM.2, IAM.3, IAM.5, IAM.7, IAM.8, NetworkFirewall.3, NetworkFirewall.4, NetworkFirewall.5, NetworkFirewall.6, RDS.11, RDS.17, RDS.18, RDS.19, RDS.2, RDS.20, RDS.21, RDS.22, RDS.23, RDS.25, RDS.3, RDS.5, Redshift.4, Redshift.6, Redshift.8, Redshift.9, S3.1, S3.10, S3.11, S3.12, S3.13, S3.2, S3.3, S3.4, S3.5, S3.6, S3.9, SNS.2, SQS.1, SSM.1, SSM.4, SageMaker.2, SageMaker.3, WAF.2, WAF.4]
disable:
IAM.6: '(snip)'
findings:
IAM.6:
AWS::::Account:${account_id}:
status: SUPPRESSED
note: '(snip)'Does control-contorls support this?