Suppression rules improvements ✋

We’ve expanded suppression rule functionality and made several improvements to make managing suppression rules easier across the Bridgecrew platform.

Time-bounded suppressions

When creating any type of suppression, you can now (optionally) set the date for which it will expire.

Time-bounded suppressionsTime-bounded suppressions

Time-bounded suppressions

When viewing time-bound suppressions from the Policies screen, you’ll be able to see their expiry dates, as well as for suppressed errors in Projects screen.

Affected resources calculator

When creating or editing suppression rules, you can now calculate the number of resources that would be affected.

Affected resources calculatorAffected resources calculator

Affected resources calculator

Developer suppressions

Developer Suppressions allow you to add suppressions directly to your IaC resource blocks in code. Now you can control whether to enable or disable those suppressions.

Developer Suppressions settings in Repository Configuration SettingsDeveloper Suppressions settings in Repository Configuration Settings

Developer Suppressions settings in Repository Configuration Settings

Enabling Developer Suppressions—which is the default setting—will acknowledge in-code suppression rules and will surface them in the platform. Disabling Developer Suppressions will ignore in-code suppression rules and related resources will be regularly scanned.

Manage suppression rules from Projects and Policies screens

We have expanded the ability to create, edit and delete suppression rules based on source, tags, and policy from both screens. Available for owners, admins and members.

We’ve improved the UI for viewing grouped resource-based rules and in-code suppressions within the Policies screen. Available to all roles.

Draft mode before submissionDraft mode before submission

Draft mode before submission

Policy suppression managementPolicy suppression management

Policy suppression management

Suppressed error viewSuppressed error view

Suppressed error view

In-code suppression visibilityIn-code suppression visibility

In-code suppression visibility