Snyk Infrastructure as Code
Snyk Infrastructure as Code (IaC) helps developers to write secure application configurations. Snyk IaC provides fix advice so you can make changes directly to code, before applications reach production.
Snyk IaC helps developers write secure configurations for HashiCorp Terraform, AWS CloudFormation, Kubernetes, and Azure Resource Manager (ARM).
Knowing how to securely deploy to Kubernetes, or how to securely provision infrastructure with Terraform, can be easy to get wrong, causing configuration errors (misconfigurations). These misconfigurations can cause security problems; for example, studies show that misconfigurations such as insecure cloud storage are the second most common error leading to breaches in the finance and insurance sector.
Snyk IaC integrates security checks for misconfigurations into your development lifecycle:
- Use the Snyk CLI for Infrastructure as Code to get immediate local feedback as you write configurations, so you can fix issues before you commit.
- Integrate Snyk into your CI/CD processes to automate security checks.
- Import your source repositories into Snyk for ongoing monitoring and analysis.
- Integrate with HashiCorp Terraform Cloud to scan as part of your deployment pipeline.
Snyk IaC has a comprehensive set of predefined security rules based on industry benchmarks, cloud provider best practices, and threat model research from Snyk’s security intelligence team.