⭐Snyk
This plugin is part of Pro and Enterprise plan only
The Snyk API is only available for Snyk Enterprise plans.
Overview
This guide details the integration between Rely.io and Snyk, a powerful platform aimed at scanning, managing and fixing vulnerabilities in code, open source dependencies, container images and IaC configurations.
Integrating Snyk with Rely.io unlocks valuable benefits for your development workflow:
Higher visibility on security metrics and standards across your organization by leveraging Rely.io's rich catalog views. This facilitates collaboration across teams and stakeholders through easier access to actionable data.
Promote engineering excellence by using scorecards to quickly and easily identify services or projects requiring security fixes. Make sure the software you deploy is safe to put out there.
Installation Guide
To configure the Snyk integration within your Rely.io instance, follow these steps:
Navigate to the Plugins section within the Portal Builder section of the side panel.
Click "Add Data Source" and select the Snyk plugin.
Complete the following fields in the provided form:
Region: Select your Snyk hosting region. This depends on your Group setup and should be one of
SNYK-US-01
,SNYK-US-02
,SNYK-EU-01
, orSNYK-AU-01
. See Snyk's page on Regional hosting and data residency.API Token: In Snyk, create a group service account with the desired permissions to manage the plugin's data access. Both Group and Organization-scoped service accounts will work - the recommended pre-defined roles for these accounts are Group Viewer and Org Collaborator. See Snyk's page on setting up service accounts.
On service account creation the required API token will be generated - make sure to copy the shown token as it will not be visible again.
Click "Save".
After this, Rely.io will automatically perform the following tasks:
Extend your Data Model with Organization, Target, Project, and Issue blueprints.
Pull corresponding entities from your Snyk to backfill your catalog.
Add automation rules to feed your Services and CVEs with information from the corresponding Targets and Issues.
Self-hosted Galaxy instructions
When installing and running the plugin using the self-hosted offering, the same form fields are required to be passed as environment variables:
RELY_INTEGRATION_SNYK_REGION
- the Snyk hosting regionRELY_INTEGRATION_SNYK_TOKEN
- the service account API token
See the Galaxy - OSS repository for general instructions.
By following these steps, you can effectively leverage the Snyk integration and gain valuable insights into your code quality within your Rely.io environment.
Rely.io's support team is always available to assist you with any integration-related questions. Feel free to reach out through our support channels.
Last updated