SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Implementing Snyk in your teams
Getting started
Snyk Web UI
Snyk CLI
Snyk API
Snyk for IDEs
Snyk Apps
Snyk Integrations
SNYK PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
Getting started with Snyk Infrastructure as Code (IaC)
Using Snyk IaC via web
Scan Terraform files
Configure your integration to find security issues in your Terraform files
Scan and fix security issues in Terraform files
Terraform variables support
Terraform AWS Provider Support
Scan CloudFormation files
Scan Kubernetes configuration files
Scan ARM configuration files
Snyk Infrastructure as code for self-hosted git (with Broker)
Snyk CLI for Infrastructure as Code
Jira Integration
View Infrastructure as Code issue reports
Build your own custom rules
Detect drift and manually created resources
Share CLI results with the Snyk Web UI
Disable IaC Scans
USING SNYK
Snyk Broker
User and group management
Fixing and prioritizing issues
Reports
Snyk Tools
SNYK INFO
Disclosing vulnerabilities
How Snyk handles your data
Snyk Partner workshops
Powered By GitBook
Scan and fix security issues in Terraform files
Snyk scans your Terraform code for misconfigurations and security issues as well. For configuration files, once scanned, Snyk reports on any misconfigurations based on the settings your administrator has implemented, and makes recommendations for fixing accordingly.

Prerequisites

  • An administrator should integrate your organization with your preferred Git repository and enable detection of configuration files as described here.
  • You must have a Snyk account and your Terraform files should be in .tf format.
  • We currently detect AWS, Azure and GCP related security issues.

Scan and fix your configuration files

  • Log in to your account and navigate to the relevant group and organization that you want to manage.
  • If you already imported your repositories for testing before the infrastructure as code feature was enabled by your administrator, then you should re-import that repository in order to detect the Terraform code:
  • Every time a repository is scanned:
    • Every Terraform file is imported as a separate project, grouped together per repository, similar to this example: (If you re-imported the repository in order to import the Terraform files, then Snyk imports and re-tests the already imported application manifest files - displaying the test time as "now".)
  • Click the project link you're interested in, to view the scan results and to help correct your Terraform code:
Previous
Configure your integration to find security issues in your Terraform files
Next
Terraform variables support
Last modified 8d ago
Export as PDF
Copy link
Edit on GitHub
Contents
Prerequisites
Scan and fix your configuration files