Integrated Infrastructure as Code
Integrated Infrastructure as Code (IaC) continues to help developers to write secure application configurations. Integrated IaC provides improved accuracy of issue detection with line numbers in the CLI and UI with detailed remediation advice, so you can make changes directly to your code, before applications reach production.
Integrated IaC helps developers write secure configurations for HashiCorp Terraform (variables and module support), AWS CloudFormation, Kubernetes, and Azure Resource Manager (ARM).
Integrated IaC uses the same unified policy engine that powers Snyk Cloud, rather than the Current IaC policy engine. This means you can apply the same security rules to both IaC files and runtime cloud resources.
Integrated IaC has focused on providing visibility into an Organization's issues across all its configuration templates. As a result, traditional Projects are currently not supported in Integrated IaC. Instead, issues can be found using the new Cloud tab and Cloud Issues API which will provide a snapshot into the resources that are misconfigured. This allows security teams to easily identify and investigate issues. Users can view all of their infrastructure as code resources in a single, centralized interface.
You can filter issues based on parameters including rule severity and resource type, allowing you to target the most mission-critical resources. You can also group issues by rule or by resource, to more easily view relevant misconfigurations.
Integrated IaC records the configuration attributes of every resource it scans for a user's configuration file compared to the Current IaC Projects view. This lets users review a resource’s configuration at a given moment in time and see the attributes that have caused a specific issue.
Snyk Integrated IaC is in Limited Availability, and our product and engineering teams are working hard to add additional features. Please reach out to your Snyk account team if you have questions on our near-term roadmap.