Snyk Infrastructure as Code

Sign up and get started with Snyk Infrastructure as Code for free

Snyk Infrastructure as Code (Snyk IaC) helps developers write secure configurations, well before anything reaches production. Snyk’s developer-first approach meets developers where they work, providing fixes that can be directly merged into code.

Snyk IaC integrates security checks for misconfigurations into your development lifecycle:
  • The Snyk CLI provides immediate local feedback as you write configurations, so you can fix issues before you commit
  • Integrate Snyk into your CI/CD processes to automate security checks
  • And import your source repositories into Snyk for ongoing monitoring and analysis

Snyk IaC has a comprehensive set of security rules across AWS, Azure, GCP & Kubernetes with support for Terraform, Kubernetes, and Helm configuration formats. The details of these issues, their impact, and how to fix them are all built-in to Snyk IaC, so developers get feedback directly in their own tools. For reference, we have also documented the security rules that we support for each provider below, along with relevant benchmarks and authoritative third-party references.

Additional resources: