Links

Managing Snyk Cloud rules

The name of the rule settings page differs based on the products enabled for your Organization. See Rule settings page name.
If Snyk Integrated IaC is enabled for your Organization, you can view a list of all Snyk Cloud and IaC rules on the Organization's Settings > Snyk Cloud & IaC page.
Each rule links to detailed fix advice on the Cloud Security Rules site.
A rule has a Cloud tag if it applies to Snyk Cloud and an IaC tag if it applies to Snyk IaC. Most rules apply to both products. Exceptions include Cloud-only rules that check for missing resources, such as SNYK-CC-00168, "CloudWatch log metric filter and alarm should be set for Config configuration changes."
The Snyk Cloud & IaC settings page

Set custom severity level

To set a custom severity level for a rule:
  1. 1.
    Navigate to Settings > Snyk Cloud & IaC.
  2. 2.
    In the Severity settings section, select the tab for the desired cloud provider.
  3. 3.
    Find the rule you want to update and select the new severity level from the drop-down menu:
Select the new rule severity level from the drop-down menu
Changes take effect for an environment after its next scan.
To reset all custom severities, select Reset Custom Settings.

Filter rules by product area

This section only applies to Organizations with both Snyk Cloud and Integrated IaC enabled, or only Integrated IaC.
By default, all rules are shown. Under the Product Area section, you can uncheck the Cloud box to hide Cloud-only rules, or the IaC box to hide IaC-only rules.
The Product Area section allows you to filter rules by product area

Rule settings page name

The name of the rule settings page differs based on the products you have enabled:
Enabled products
Settings page name
Snyk Cloud only
Snyk Cloud
Snyk Cloud and Integrated IaC
Snyk Cloud & IaC
Snyk Cloud and Current IaC
Separate pages: - Infrastructure as code - Snyk Cloud
Integrated IaC only
Snyk Cloud & IaC
Current IaC only
Infrastructure as code