Giter Site home page Giter Site logo

snyk-iac-arm's Introduction

Snyk Infrastructure as Code - Azure Resource Manager (ARM)

The Snyk Infrastructure as Code product can scan ARM templates for configuration issues.

ARM files can be a mix of JSON or Bicep formats.

Demo

This repository contains a mix of valid configuration files, which contain a range of configuration issues.

You can see the results by running snyk iac test .

A snippet of the output looks as follows

-------------------------------------------------------

Testing wordpress.json...


Infrastructure as code issues:
  ✗ SAS token can be used over insecure HTTP [Medium Severity] [SNYK-CC-TF-244] in Storage
    introduced by resources[2] > properties > supportsHttpsTrafficOnly


Organization:      yair.zohar
Type:              ARM
Target file:       wordpress.json
Project name:      snyk-iac-arm
Open source:       no
Project path:      snyk/snyk-iac-arm

Tested wordpress.json for known issues, found 1 issues


Tested 7 projects, 5 contained issues.

Testing Bicep files

In addition to the JSON ARM template files, this repository contains a directory with the same ARM configurations but in Bicep format.

You can easily test Bicep files by following the next steps:

  1. Make sure you have the Bicep CLI installed
  2. Using the Bicep CLI, convert the file format from Bicep to JSON by running the command az bicep build -f {file_name}.bicep
  3. Test the converted file by running snyk iac test {file_name}
yairzohar@Yairs-MBP bicep % az bicep build -f wordpress.bicep
yairzohar@Yairs-MBP bicep % snyk iac test wordpress.json

Testing wordpress.json...


Infrastructure as code issues:
  ✗ SAS token can be used over insecure HTTP [Medium Severity] [SNYK-CC-TF-244] in Storage
    introduced by resources[2] > properties > supportsHttpsTrafficOnly


Organization:      yair.zohar
Type:              ARM
Target file:       wordpress.json
Project name:      bicep
Open source:       no
Project path:      wordpress.json

Tested wordpress.json for known issues, found 1 issues

snyk-iac-arm's People

Contributors

yairz101 avatar karniwl avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.