Snyk GitHub Cloud App

Release status and feature availability

The Snyk GitHub Cloud App is in Early Access. This feature must be enabled using a feature flag on the Group or Organization level. Contact Snyk support if you are interested in getting access.

This feature is not yet supported for Snyk Broker.

Prerequisites for GitHub Cloud App

  • Snyk Organization Admin user role.

  • GitHub Admin permissions for the selected repository. If the Snyk GitHub Cloud App is installed in a repository that requires organization permissions, you must be a GitHub organization owner.

  • A public or private GitHub repository.

GitHub Cloud App benefits

The Snyk GitHub Cloud App improves on many features as compared to the current GitHub integration, including role-based, granular access control, increased API rate limits, and creation of an entry point for expanded and enhanced developer experiences.

  • RBAC (Role-Based Access Control) Compliance: With the GitHub Cloud App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows for better management and enforcement of RBAC policies, as access control is handled at the application level rather than being tied to individual user accounts.

  • Granular access control: The GitHub Cloud App allows for fine-grained control over access permissions at the repository level.

  • Increased API rate limit: The GitHub Cloud App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit will assist in handling large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more.

  • Enabler for an enhanced developer experience:

    • Pull request checks: The GitHub Cloud App improves the PR Checks workflow by showing the test results directly on the Checks tab in GitHub.

    • Fix and upgrade pull requests: Pull requests initiated by Snyk are performed on behalf of Snyk-bot rather than a service account as the user.

How to set up the Snyk GitHub Cloud App

Log in to your Snyk account and navigate to the Integrations section in the Snyk Organization where you would like to set up the GitHub Cloud App.

Select the GitHub Cloud App tile.

In the confirmation modal, select Configure GitHub Cloud App.

When the install screen in GitHub opens, you can select the GitHub organization where you wish to install the app.

If the GitHub Cloud App is already installed in a GitHub organization, you can select that same GitHub organization during the integration process for a different Snyk Organization.

Specify whether you wish to install the app in all of the repositories belonging to the selected GitHub organization, or you want to install the app in a select number of repositories belonging to a GitHub organization; then click Install & Authorize.

The GitHub Cloud App will lose access to Snyk if it is uninstalled from the GitHub organization or if the repositories to which the app instance has access are edited.

How to migrate to the Snyk GitHub Cloud App

If you are an Enterprise plan customer, you can migrate Snyk Targets to the Snyk GitHub Cloud App using the snyk-migrate-to-github-app tool in the tool repository.

Feedback on the Snyk GitHub Cloud App

Because this feature is in Early Access, the functionality will likely evolve based on your feedback. If you would like to provide any feedback, contact your Account Manager or Snyk support.

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.