Managing cloud and Integrated IaC rules

The name of the rule settings page differs based on the products enabled for your Organization.

If Snyk Integrated IaC is enabled for your Organization, you can view a list of all Snyk Cloud and IaC rules on the Organization Settings > Snyk Cloud & IaC page.

Each rule links to detailed fix advice on the Cloud Security Rules site.

A rule has a Cloud tag if it applies to Snyk cloud context and an IaC tag if it applies to Snyk IaC. Most rules apply to both. Exceptions include cloud-only rules that check for missing resources, such as SNYK-CC-00168, "CloudWatch log metric filter and alarm should be set for Config configuration changes."

Set custom severity level

To set a custom severity level for a rule:

Navigate to Settings > Snyk Cloud & IaC.
In the Severity settings section, select the tab for the desired cloud provider.
Find the rule you want to update and select the new severity level from the drop-down menu:

Select the new rule severity level from the drop-down menu

Changes take effect for an environment after its next scan.

To reset all custom severities, select Reset Custom Settings.

Filter rules by cloud or Integrated IaC area

This section applies to Organizations with both cloud and Integrated IaC enabled, or Integrated IaC only.

By default, all rules are shown. Under the Product Area section, you can uncheck the Cloud box to hide Cloud-only rules, or the IaC box to hide IaC-only rules.

The Product Area section allows you to filter rules by product area

PreviousSupported Google resources for Snyk cloud context NextCloud and Integrated IaC issues

Last updated 2 years ago

Was this helpful?