Snyk Cloud issues
When Snyk Cloud scans an environment, it tests infrastructure configurations in the associated cloud provider against a comprehensive set of security rules. These rules identify misconfigurations that can lead to security problems. For example, Snyk can scan the configuration of an Amazon Web Services (AWS) S3 bucket to see if it is publicly readable, and so vulnerable to a data breach.
Any cloud misconfiguration Snyk finds is reported as an issue. The cloud issues page in the Snyk Web UI and the /cloud/issues API endpoint provide details about each issue, including status, severity, impact, associated resources, and other information.
Snyk Cloud issues page in the Web UI

Issues have the following components:
  • Resource: The cloud resource that is tested, such as an AWS S3 bucket
  • Rule: The rule that is used to test the resource, such as "S3 bucket is publicly readable"
See Snyk Cloud concepts for more details.
The first time a misconfiguration is detected, Snyk opens an issue for that rule and resource. The issue remains open across scans as long as the misconfiguration is present.
In a later scan, if the misconfiguration is resolved, Snyk closes the issue.

If your environment contains an AWS S3 bucket named prod-backups-bucket that is publicly readable, the issue lifecycle could look as follows:
First scan:
  1. 1.
    During an environment scan, Snyk tests prod-backups-bucket against the rule "S3 bucket is publicly readable."
  2. 2.
    Snyk opens an issue.
Second scan:
  1. 1.
    You do not fix the bucket.
  2. 2.
    On the next scan, Snyk tests prod-backups-bucket against the rule again.
  3. 3.
    The issue stays open, with the same unique identifier.
Third scan:
  1. 1.
    In AWS, you configure prod-backups-bucket to be private.
  2. 2.
    On the next scan, Snyk tests prod-backups-bucket against the rule again.
  3. 3.
    Snyk closes the issue because the bucket is not publicly readable, and no longer fails the rule.
Export as PDF
Copy link
Edit on GitHub
On this page
Understanding issues
Example issue lifecycle