Configure integration to find security issues in Kubernetes configuration files (current IaC)
Last updated
Last updated
More information
Snyk privacy policy© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.
This page applies to current IaC only.
Snyk tests and monitors Kubernetes configurations stored in your source code repositories and provides information, tips, and tricks to better secure a Kubernetes environment. This helps to catch misconfigurations before they are pushed to production, as well as provide fixes for vulnerabilities.
Snyk scans your Kubernetes configuration files in JSON and YAML format when they are imported from your integrated Git repository.
Administrator access for the Organization
Git repository access and authorization For details, see Git repository (SCM) integrations.
Log in to the Snyk Web UI (app.snyk.io), and navigate to the relevant Group and Organization that you want to manage. Integrations are managed per Organization.
To enable Snyk to detect Kubernetes configuration files, in the Infrastructure as Code settings, toggle the setting to enable Snyk to detect Infrastructure as code files.
If needed, review and adjust the Infrastructure as code Severity settings on the Kubernetes tab in the example. Check to select the file types to scan, CloudFormation, Terraform, or both, and from the pulldown selection, choose the severity level for each Deployment.
The number of tests you can run per product is based on your account plan. For details, see the plans and pricing page,