SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Getting started
Snyk Web UI
Snyk CLI
Snyk API
Snyk for IDEs
Snyk Apps
Snyk Integrations
SNYK PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
Getting started with Snyk Infrastructure as Code (IaC)
Using Snyk IaC with the Web UI
Scan Terraform files
Scan CloudFormation files
Scan Kubernetes configuration files
Scan ARM configuration files
Snyk Infrastructure as code for self-hosted git (with Broker)
Snyk CLI for Infrastructure as Code
Jira Integration
View Infrastructure as Code issue reports
Build your own custom rules
Detect drift and manually created resources
Share CLI results with the Snyk Web UI
Disable IaC Scans
Snyk Cloud
USING SNYK
Snyk Broker
User and group management
Fixing and prioritizing issues
Snyk reports
Snyk Tools
SNYK INFO
Disclosing vulnerabilities
How Snyk handles your data
Snyk Partner workshops
Powered By GitBook
Snyk Infrastructure as Code
Snyk Infrastructure as Code (IaC) helps developers to write secure application configurations. Snyk IaC provides fix advice so you can make changes directly to code, before applications reach production.
Snyk IaC helps developers write secure configurations for HashiCorp Terraform, AWS CloudFormation, Kubernetes, and Azure Resource Manager (ARM).

Find and fix misconfigurations

Knowing how to securely deploy to Kubernetes, or how to securely provision infrastructure with Terraform, can be easy to get wrong, causing configuration errors (misconfigurations). These misconfigurations can cause security problems; for example, studies show that misconfigurations such as insecure cloud storage are the second most common error leading to breaches in the finance and insurance sector.

Snyk IaC and misconfigurations

Snyk IaC integrates security checks for misconfigurations into your development lifecycle:
  • The Snyk CLI for Infrastructure as Code provides immediate local feedback as you write configurations, so you can fix issues before you commit.
  • Integrate Snyk into your CI/CD processes to automate security checks.
  • Import your source repositories into Snyk for ongoing monitoring and analysis.
  • Integrate with Hashicorp Terraform Cloud to scan as part of your deployment pipeline

Snyk IaC security rules

Snyk IaC has a comprehensive set of predefined security rules, based on industry benchmarks, cloud-provider best practices, and threat model research from Snyk’s security intelligence team.
You can also build your own custom rules, leveraging Open Policy Agent (OPA).
Previous
Scan container images from Quay in Snyk
Next
Getting started with Snyk Infrastructure as Code (IaC)
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub
Outline
Find and fix misconfigurations
Snyk IaC security rules