How can I disable cfn_nag ENTIRELY?
PeterBengtson opened this issue · 2 comments
cfn_nag is misconfigured: it protests about things that are best practice, and it's cumbersome to configure per resource using metadata to suppress the wholly unwanted "errors" and "warnings".
As a matter of fact, I don't understand why you run cfn_nag at all, given that no such scanning is done when using the CloudFormation console.
I know what I'm doing, have been working with bank security in the AWS cloud for years, and know how to write permission boundary policies inside out. That suddenly cfn_nag should be nagging me about things that are perfectly okay is just irritating.
So. How can I disable cfn_nag altogether? I don't want it to offer its useless opinions on code already following best practices. As you know, "best practices" are context-dependent things.
So how do you run it ?
Part of your pipeline or how have you set it up ?