# Copilot Content Exclusion Example

# Copilot Content Exclusion

Copilot has been great for our org, but it's a good idea to use a Content Exclusion policy to your GitHub repository settings to specify content that Copilot should ignore. With the increased use of the GitHub Copilot agent comes the need to keep things more secure. Read more from [GitHub Docs](https://docs.github.com/en/copilot/how-tos/configure-content-exclusion/exclude-content-from-copilot)

# Example Content Exclusion config file

The first lines ensures that this is applied to all repos in your GitHub org. I like this method as well because it clearly defines line by line what should be excluded.

```plaintext
"*":
  - "**/.env"
  - "**/.env.*"
  - "**/.aws/credentials"
  - "**/.github/secrets/"
  - "**/secrets.json"
  - "**/*_history" # Shell history files
  # --- Terraform files ---
  - "**/.terraform/"
  - "**/*.tfvars"
  # --- Cetificate files ---
  - "**/*.pem"
  - "**/*.key"
  - "**/*.p12"
  - "**/*.crt"
  # --- .NET files ---
  - "**/secrets.json"
  - "**/appsettings.*.json"
  - "**/*.pubxml"
  - "**/*.pubxml.user"
  - "**/*.user"
  - "**/*.suo"
  # --- Kubernetes files ---
  - "**/secrets/*.yaml"
  - "**/sealed-secrets/*.yaml"
  - "**/.kube/config"
```
