Current IaC custom rules
Last updated
Last updated
More information
Snyk privacy policy© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.
Feature availability
IaC custom rules are available only with Enterprise plans. For more information, see plans and pricing.
Snyk IaC includes a comprehensive list of security rules, covering AWS, Azure, GCP, and Kubernetes. These rules are based on security research, best practices, recognized standards. and benchmarks. They are actively maintained by Snyk’s security engineering team, and new rules are released on a regular basis.
These rules are intended to meet most of your needs on your first scan, but you may need to enforce additional security rules for your system, such as tagging standards.
The IaC SDK helps security teams define their own rules, to be run by the Snyk CLI, providing feedback to developers.
Using this SDK, you can add your own custom rules to Snyk IaC to run alongside the standard provided rules, giving comprehensive security feedback to your development teams in one place.
This section provides initial instructions to help you use the Snyk Infrastructure as Code (IaC) SDK:
Summary:
Snyk platform policies: manage issues
Snyk IaC custom rules: generate issues
The Snyk platform allows you to create your own policies to manage how you prioritize and triage the issues Snyk identifies during scanning. For example, you can define policies to change the priority of an issue from medium to high if it has specific attributes, or to bulk ignore issues if they meet certain criteria.
The Snyk IaC custom rules functionality enables you to define your own rules for misconfiguration checks that you would like to enforce. The result of a custom rule failing on a configuration file is generating an issue.