Some people do not have the goal of reaching a 100% IAC coverage with their infrastructure. And for them, driftctl can be annoying to continuously deliver drift notifications on resources they don't care. For this use case, there's a solution.
You can start using driftctl with a clean state, by ignoring all the current resources that are not yet under control. driftctl provides a command to automatically generate a .driftignore file from a previous scan given the type of resources you want to exclude (e.g. unmanaged, missing or changed resources). This command parses a JSON input from a given file and sends output to stdout.
You can filter which kind of resource you want to ignore using these flags:
--exclude-unmanaged: Exclude resources not managed by IaC
--exclude-missing: Exclude resources missing on cloud provider
--exclude-changed: Exclude resources that changed from IaC
Run a scan with JSON output enabled:
Finally, generate the
.driftignore file from the JSON: