Scan cloud configurations

With Snyk, you can secure cloud infrastructure configurations before and after it is deployed. Snyk Infrastructure as Code (IaC) enables you to develop secure cloud infrastructure, and Snyk Cloud helps you keep your cloud environment secure.
Feature availability Integrated Infrastructure as Code (IaC) is a new version of Snyk IaC that secures cloud configurations across the entire SDLC, from code to deployed cloud environments. Integrated IaC is currently in closed beta. Please reach out to your account team with any questions.
  • Scan IaC and cloud resources for misconfigurations using a comprehensive set of security rules.
  • Fix Cloud issues directly in the IaC source code that was used to deploy the misconfigured Cloud resources, by linking a Cloud issue to the underlying IaC template via a SCM source code link.
  • Receive fix advice so you can make changes directly to code, before applications reach production.
  • Suppress false positives in IaC tests by applying context from deployed infrastructure.
  • Detect drift and manually created resources in your cloud.
  • Inspect every cloud resource's configuration at a given moment in time, and see the attributes that caused an issue.
  • Filter issues to target the most mission-critical resources.
  • Review a report of issues for an entire organization, organized by compliance standard.
For a list of supported IaC environments and cloud providers, see Supported providers - IaC and Cloud.