How to exclude resources from AWS Trusted Advisor reports using Trusted Advisor API
Are you looking for ways to exclude few of your non-critical resources from AWS Trusted Advisor (TA) report? Check out the new TA API to programmatically exclude resources!
AWS Trusted Advisor (TA) inspects your AWS environment, and then makes recommendations when opportunities exist to save money, improve system availability and performance, or help close security gaps. On April 29, AWS Trusted Advisor launched new API capability to enable AWS customers to programmatically exclude resources from recommendations associated with Trusted Advisor best practice checks. These Trusted Advisor new APIs are available to Business, Enterprise On-Ramp, or Enterprise Support customers.
Note: TA API is only available to Business, Enterprise On-Ramp, or Enterprise Support customers via AWS Trusted Advisor APIs. It is not available through AWS Support API.
Request Syntax
Use The BatchUpdateRecommendationResourceExclusion API operation to include or exclude one or more resources from your Trusted Advisor results.
PUT /v1/batch-update-recommendation-resource-exclusion HTTP/1.1
Content-type: application/json
{
"recommendationResourceExclusions": [
{
"arn": "string",
"isExcluded": boolean
}
]
}
Review details on the Exclude API review it here: BatchUpdateRecommendationResourceExclusion.
Command Line Syntax
batch-update-recommendation-resource-exclusion
--recommendation-resource-exclusions <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>
Sample Command Line syntax
Use the ListChecks, ListRecommendations, GetRecommendation, and ListRecommendationResources API operations to get the list of recommendations resources for a given recommendation identifier. E.g.
$ aws trustedadvisor list-recommendation-resources \
--recommendation-identifier arn:aws:trustedadvisor::000000000:recommendation/7755f5ba-9448-45eb-9df7-e54c454b4ec9
{
"recommendationResourceSummaries": [
{
"arn": "arn:aws:trustedadvisor::000000000:recommendation-resource/7755f5ba-9448-45eb-9df7-e54c454b4ec9/32b12ed750de5a098eec725fdc6daed226bacbf069e68822e25fcdb877c5e460",
"awsResourceId": "arn:aws:ecr:us-east-1:000000000:repository/ecs-test",
"exclusionStatus": "excluded",
"id": "32b12ed750de5a098eec725fdc6daed226bacbf069e68822e25fcdb877c5e460",
"lastUpdatedAt": "2024-05-13T21:38:48.684000+00:00",
"metadata": {
"0": "error",
"1": "us-east-1",
"2": "arn:aws:ecr:us-east-1:000000000:repository/ecs-test",
"3": "2024-05-13T21:38:48.684Z"
},
"recommendationArn": "arn:aws:trustedadvisor::000000000:recommendation/7755f5ba-9448-45eb-9df7-e54c454b4ec9",
"regionCode": "us-east-1",
"status": "error"
},
[.................]
$ aws trustedadvisor batch-update-recommendation-resource-exclusion \
--recommendation-resource-exclusions arn=arn:aws:trustedadvisor::000000000:recommendation-resource/7755f5ba-9448-45eb-9df7-e54c454b4ec9/32b12ed750de5a098eec725fdc6daed226bacbf069e68822e25fcdb877c5e460,isExcluded=true
{
"batchUpdateRecommendationResourceExclusionErrors": []
Sample Code using Python API
# Exclude the list of Recommendations Identifer ARNs
if recomm_identifier_exclusion_status == 'included':
ta_client.batch_update_recommendation_resource_exclusion(
recommendationResourceExclusions=[
{
'arn': recomm_identifier_arn,
'isExcluded': True
},
]
)
To review Customer friendly samples for other TA APIs, visit Sample Code and Commands for AWS Trusted Advisor API to get AWS recommendations.
Relevant content
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 16 days ago
- AWS OFFICIALUpdated 4 years ago
