Snyk Infrastructure as Code allows you to find and fix vulnerabilities in your Kubernetes, Helm, Terraform and CloudFormation configuration files
Developer-focused infrastructure as code security with Snyk allows you to test and monitor Terraform modules and Kubernetes YAML, JSON, and Helm charts to detect configuration issues that could open your deployments to attack and malicious behavior.
In this hands-on workshop we will achieve the follow
- Step 1 Fork a GitHub IaC repository
- Step 2 Configure GitHub Integration
- Step 3 Add project to find vulnerabilities
- Step 4 Test using the Snyk CLI - Terraform Files
- Step 5 Test using the Snyk CLI - AWS CloudFormation files
- Step 6 Test using the Snyk CLI - Kubernetes YAML files
- Step 7 View Snyk IaC Rules
- public GitHub account - http://github.com
- git CLI - https://git-scm.com/downloads
- snyk CLI - https://support.snyk.io/hc/en-us/articles/360003812538-Install-the-Snyk-CLI
- Registered account on Snyk App - http://app.snyk.io
Note: It is assumed your using a mac for these steps but it should also work on windows or linux with some modifications to the scripts potentially
First we need to connect Snyk to GitHub so we can import our Repository. Do so by:
- Login to http://app.snyk.io Sign up if you haven't already.
- Navigating to Integrations -> Source Control -> GitHub
- Fill in your Account Credentials to Connect your GitHub Account.
Thanks for attending and completing this workshop
Pas Apicella [pas at snyk.io] is an Solution Engineer at Snyk APJ