Comment on page



snyk iac <COMMAND> [<OPTIONS>] [<PATH>]


The snyk iac commands find and report security issues in Infrastructure as Code files; detect, track, and alert on infrastructure drift and unmanaged resources; and create a .driftigore file.
For more information see Snyk CLI for Infrastructure as Code

snyk iac commands and the help docs

All the snyk iac commands are listed here with the help options:
  • iac test; iac test --help: tests for any known security issue
  • iac capture; iac capture --help: generates mapping artifacts by accessing Terraform state configurations
  • iac describe; iac describe --help: detects infrastructure drift and unmanaged cloud resources Example: snyk iac describe --only-unmanaged
  • iac update-exclude-policy; iac update-exclude-policy --help: auto-generates .snyk exclusions for cloud resources
  • iac rules init; iac rules init --help: initializes a new custom rules project structure, a new rule in an existing custom rules project, or a new spec in an existing custom rules project, or a new relation in an existing custom rules project
  • iac rules test; iac rules test --help: runs all the tests written in Rego
  • iac rules push; iac rules push --help: bundles rules written in Rego and uploads changes to the Snyk platform