Configuration File

Create .cloud-audit.yml in your project root. Auto-detected from the current directory.

```yaml provider: aws

regions: - eu-central-1 - eu-west-1

min_severity: medium

exclude_checks: - aws-eip-001 - aws-ec2-003

suppressions: - check_id: aws-vpc-001 resource_id: vpc-abc123 reason: "Legacy VPC, migration planned for Q3" accepted_by: "jane@example.com" expires: "2026-09-30" ```

Override the config file path: cloud-audit scan --config path/to/.cloud-audit.yml

Precedence

CLI flags > environment variables > config file > defaults.

See also: Environment Variables, Suppressions.