Snyk CLI for Infrastructure as Code
With Snyk Infrastructure as Code, you can test your configuration files directly from the CLI. See the following pages for details:
You can also test the following types of files:
Snyk Infrastructure as Code has no equivalent command to
snyk monitorbecause the CLI does not send IaC source files back to the platform for periodic testing.
For IaC CLI results to appear in the Snyk Web UI, use
snyk iac test --reportto capture a one-time snapshot. Optionally, run the command on a recurring schedule to regularly test your IaC files.
Alternatively, you can add an SCM integration, and Snyk will monitor and test a given Git repository on a recurring basis.
For IaC scans specifically, you must also whitelist the *.snyk.io address, as explained on the page How can we whitelist Snyk IP addresses?