Configuration File

Create .cloud-audit.yml in your project root. Auto-detected from the current directory.

provider: aws

regions:
  - eu-central-1
  - eu-west-1

min_severity: medium

exclude_checks:
  - aws-eip-001
  - aws-ec2-003

suppressions:
  - check_id: aws-vpc-001
    resource_id: vpc-abc123
    reason: "Legacy VPC, migration planned for Q3"
    accepted_by: "jane@example.com"
    expires: "2026-09-30"

Override the config file path: cloud-audit scan --config path/to/.cloud-audit.yml

Precedence

CLI flags > environment variables > config file > defaults.

See also: Environment Variables, Suppressions.