Comment on page

Snyk GitHub Cloud App

The Snyk GitHub Cloud App is in Open Beta. This feature must be enabled using a feature flag on the Group or Organization level. Contact Snyk support if you are interested in getting access.
Feature availability
The GitHub Cloud App is available for all customers on GitHub Cloud, independent of plan type.
This feature is not yet supported for Snyk Broker.

Prerequisites for GitHub Cloud App

  • Snyk Organization Admin user role.
  • GitHub Admin permissions for the selected repository. If the Snyk GitHub Cloud App is installed in a repository that requires organization permissions, you must be a GitHub organization owner.
  • A public or private GitHub repository.

Known limitations of the GitHub Cloud App

Only one-to-one mapping between Snyk Organizations and GitHub organizations is supported.

GitHub Cloud App benefits

The Snyk GitHub Cloud App improves upon many features as compared to the current GitHub integration, including role-based, granular access control, increased API rate limits, and the creation of an entry point for expanded and enhanced developer experiences.
  • RBAC (Role-Based Access Control) Compliance: With the GitHub Cloud App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows for better management and enforcement of RBAC policies, as access control is handled at the application level rather than being tied to individual user accounts.
  • Granular access control: The GitHub Cloud App allows for fine-grained control over access permissions at the repository level.
  • Increased API rate limit: The GitHub Cloud App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit will assist in handling large-scale use cases, such as mono-repos with a large number of Projects, GitHub Organizations with a large number of repositories, and more.
  • Enabler for an enhanced developer experience:
    • Pull request checks: The GitHub Cloud App improves the PR Checks workflow by showing the test results directly on the Checks tab in GitHub.
    • Fix and upgrade pull requests: Pull requests initiated by Snyk would be performed on behalf of Snyk-bot rather than a service account individual user account.

How to set up the Snyk GitHub Cloud App

  1. 1.
    Log in to your Snyk account and navigate to the Integrations section in the Snyk Organization where you would like to set up the GitHub Cloud App.
  2. 2.
    Select the GitHub Cloud App tile.
    Selection of the GitHub Cloud App tile
  3. 3.
    In the confirmation modal, select Configure GitHub Cloud App.
    Configuration notice for the GitHub Cloud App
  4. 4.
    You are taken to GitHub, where you can select the organization where you wish to install the app.
    Selection of the GitHub Organization to install the app into
  5. 5.
    The next screen asks if you wish to install the app in all of the repositories belonging to the selected GitHub organization, or if you want to install the app in a select number of repositories belonging to a GitHub organization.
Install and Authorize settings for the GitHub organization you are installing the GitHub Cloud App into
Install and Authorize settings for the GitHub organization you are installing the GitHub Cloud App into
The GitHub Cloud App will lose access to Snyk if it is uninstalled from the GitHub organization or if the repositories to which the app instance has access are edited.

Feedback on the Snyk GitHub Cloud App

This feature is currently in Open Beta, so the functionality will likely evolve based on your feedback. If you would like to provide any feedback, contact your Account Manager or Snyk support.