Getting started with Snyk Infrastructure as Code (IaC)
Get started with Snyk IaC to inspect, find, and fix issues in configuration files for Terraform, AWS CloudFormation, Kubernetes (including Helm), or Azure Resource Manager (ARM) environments.
This article describes a process using the Snyk Web UI. For details of using IaC with the Snyk CLI, see Snyk CLI for Infrastructure as Code. Note that ARM configuration files can only be scanned via the CLI.
Ensure you have:
- An existing Terraform, CloudFormation, Kubernetes, or ARM environment to work in.
- Integrated your Git repository as for other Snyk products - see Git repository (SCM) integrations for more details.
For more details, see:
- 1.Select Projects from the Snyk Web UI.
- 2.In the Add projects drop-down menu, select the tool to add the Project from (for example, GitHub).
- 3.In Personal and Organization repositories, select the repositories to use.
- 4.Click Add selected repositories to import the selected repositories into your projects.
- 5.Select View import Log to see import log results (you can scan multiple types of configuration files simultaneously).
- 6.Project import completes.
Snyk Infrastructure as Code Projects have a recurring test interval of 1 week. Recurring tests can be disabled on the Settings tab of the Project's page by setting Test & Automated Pull Request Frequency to Test never.
View results for configuration files in imported Projects by selecting Projects from the menu on the left.
Each Project entry shows information for a scanned configuration file, including the number of critical, high, medium, and low severity issues found. For example:

A list of Snyk IaC Projects
Select a Project to see more information, including details of the issues in the configuration file:

An example Snyk IaC Project with a list of issues
Act on the recommendations produced by Snyk IaC. IaC results appear as issues in each Project.
- 1.From a Project page, select an issue to see the details for that issue and specific recommendations from Snyk IaC.
- 2.Edit the configuration file to fix the issue identified, based on the recommendations, then commit the change.
- 3.Snyk automatically rescans the changed file, and you can see the change reflected in the issue display.

An example IaC issue within a Project
Last modified 4d ago