Snyk

This plugin is part of Pro and Enterprise plan only

The Snyk API is only available for Snyk Enterprise plans.

Overview

This guide details the integration between Rely.io and Snyk, a powerful platform aimed at scanning, managing and fixing vulnerabilities in code, open source dependencies, container images and IaC configurations.

Integrating Snyk with Rely.io unlocks valuable benefits for your development workflow:

  • Higher visibility on security metrics and standards across your organization by leveraging Rely.io's rich catalog views. This facilitates collaboration across teams and stakeholders through easier access to actionable data.

  • Promote engineering excellence by using scorecards to quickly and easily identify services or projects requiring security fixes. Make sure the software you deploy is safe to put out there.

Installation Guide

To configure the Snyk integration within your Rely.io instance, follow these steps:

  1. Navigate to the Plugins section within the Portal Builder section of the side panel.

  2. Click "Add Data Source" and select the Snyk plugin.

  3. Complete the following fields in the provided form:

    • Region: Select your Snyk hosting region. This depends on your Group setup and should be one of SNYK-US-01, SNYK-US-02, SNYK-EU-01, or SNYK-AU-01. See Snyk's page on Regional hosting and data residency.

    • API Token: In Snyk, create a group service account with the Group Viewer role to manage the plugin's data access.

      • Navigate to Group Settings > Service Accounts and click Create a service account.

      • Choose a name for the account, select the Group Viewer role, and click Create. This will generate the API token required - make sure to copy the shown token as it will not be visible again.

    • Group ID: Your Snyk Group ID. This can be found in Group Settings > General.

  4. Click "Save".

  5. After this, Rely.io will automatically perform the following tasks:

    • Extend your Data Model with Organization, Target, Project, and Issue blueprints.

    • Pull corresponding entities from your Snyk to backfill your catalog.

    • Add automation rules to feed your Services and CVEs with information from the corresponding Targets and Issues.

By following these steps, you can effectively leverage the Snyk integration and gain valuable insights into your code quality within your Rely.io environment.

Rely.io's support team is always available to assist you with any integration-related questions. Feel free to reach out through our support channels.

PreviousPagerDutyNextSonarQube

Last updated