Build your own IaC to cloud custom rules
Configure the CLI appropriately and set your default Organization:
snyk config set org=<org id>
If you work with multiple Snyk Organizations, you can add
--org=<your org id>to your commands to specify your desired Organization.
Snyk IaC includes a set of security rules that work out of the box, covering AWS, Azure, GCP, and Kubernetes. These rules are based on security research, best practices, recognized standards, and benchmarks. New rules are released regularly. Snyk’s security engineering team actively maintains them.
These rules are intended to meet most of your needs on your first scan, but you may need to enforce additional security rules for your system, such as tagging standards.
Complementing Snyk’s predefined rules, IaC to Cloud Custom Rules enables you to enforce your internal security controls across your SDLC (software development lifecycle). Using Cloud Custom Rules, you can identify and highlight the following:
- Issues on cloud configurations across the SDLC, including SCM, CLI, Terraform Cloud, and deployed cloud environments
- Issues on any Terraform IaC configurations using Terraform providers beyond cloud (AWS, Azure, Google Cloud) configurations, such as GitHub or Snowflake configurations.
The following are the steps in using Cloud Custom Rules: