Synopsis
cloudburn config --init [--path <path>]
cloudburn config --print [--path <path>]
cloudburn config --print-template
Description
Manages CloudBurn configuration files. You must pass exactly one of --init, --print, or --print-template.
--initcreates a starter.cloudburn.ymlat your git root (or at--pathif specified). If a config file already exists, the command exits with an error.--printoutputs the current config file to stdout. Without--path, it walks up the directory tree toward the git root looking for.cloudburn.ymlor.cloudburn.yaml.--print-templateoutputs the built-in starter template to stdout without touching the filesystem.
Flags
| Flag | Type | Default | Description |
|---|---|---|---|
--init | boolean | false | Create a starter config file |
--print | boolean | false | Print the current config file to stdout |
--print-template | boolean | false | Print the built-in starter template to stdout |
--path <path> | string | Explicit file path for --init or --print. Not valid with --print-template. |
Starter template
Running cloudburn config --init creates the following file:
# Static IaC scan configuration.
# enabled-rules restricts scans to only the listed rule IDs.
# disabled-rules removes specific rule IDs from the active set.
# services restricts scans to rules for the listed services.
# format sets the default output format when --format is not passed.
iac:
enabled-rules:
- CLDBRN-AWS-EBS-1
disabled-rules:
- CLDBRN-AWS-EC2-2
services:
- ebs
- ec2
format: table
# Live AWS discovery configuration.
# Use the same rule controls here to tune discover runs separately from IaC scans.
discovery:
enabled-rules:
- CLDBRN-AWS-EBS-1
disabled-rules:
- CLDBRN-AWS-S3-1
services:
- ebs
- s3
format: json
Examples
Create a config file at your git root:
cloudburn config --init
Create a config file at a specific path:
cloudburn config --init --path ./my-project/.cloudburn.yml
Print the current config:
cloudburn config --print
Preview the starter template without writing a file:
cloudburn config --print-template
What's next
| Configuration | Full reference for all config keys |
| cloudburn rules list | Find rule IDs to use in enabled-rules |
| Quickstart: Scan IaC Files | Run your first scan with the config |