Automatic import/deletion of Kubernetes workloads projects
This feature is still in beta. Auto import and deletion are not guaranteed and can depend on the network.
If you don't find your workload in Snyk, please import the workload through manual import.
If your workload persists in Snyk after deletion from your cluster, please delete the workload through manual deletion.
Prerequisites
You must have an account with Snyk and be onboarded to your organization by an administrator.
In addition the integration must be configured between Snyk and your Kubernetes environment per organization. To verify the integration is configured, ensure you have an Integration ID****
You can configure the Snyk controller to automatically import and update scanned workloads directly in Snyk to test and monitor for vulnerabilities. You can also automatically delete imported projects once workloads are deleted from the cluster.
Enabling workload auto-import and auto-delete
The Helm chart of the Snyk controller is already provisioned with a default policy to process events for any workload except Jobs and Pods. To enable this feature, provide your Snyk Organization public ID in the Helm chart installation.
helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
--namespace snyk-monitor \
--set clusterName="Production cluster" \
--set policyOrgs={19982df2-0ed5-4a16-b355-e6535cfc41ef}Note that policyOrgs is a list of organization public IDs. You can add more than one organization to use the auto-import and auto-delete capabilities. You can locate this public ID under your organization's settings page.
Last updated
Was this helpful?