Authentication #

Snyk Source Plugin Configuration Reference

Example #

kind: source
# Common source-plugin configuration
spec:
  name: snyk
  path: cloudquery/snyk
  registry: cloudquery
  version: "v7.3.11"
  tables:
    - "snyk_audit_logs"
    - "snyk_container_images"
    - "snyk_custom_base_images"
    - "snyk_issues"
    - "snyk_organizations"
    - "snyk_projects"
    - "snyk_sbom"
  destinations: ["postgresql"]
  # Snyk specific configuration
  # Learn more about the configuration options at https://cql.ink/snyk_source
  spec:
    # required
    api_key: "${SNYK_API_KEY}"
    # optional, default: all organizations accessible via `api_key`
    organizations:
      - "<YOUR_ORG_1>"
      - "<YOUR_ORG_2>"
    # optional, default: all projects accessible via `api_key`
    projects:
      - "<YOUR_PROJECT_1>"
      - "<YOUR_PROJECT_2>"

Snyk Spec #

• api_key (string) (required)

  An API key to access Snyk resources. See Authentication for API for more information.
• organizations ([]string) (optional) (default: all organizations accessible via api_key)

  You can choose to limit what organizations to sync information from.
• projects ([]string) (optional) (default: all projects accessible via api_key)

  You can choose to limit what projects to sync information from.
• endpoint_url (string) (optional) (default: https://api.snyk.io/rest)

  Endpoint URL to make the API requests to.
• table_options (Table Options spec) (optional)

  Options to apply to specific tables. See [Table Options](#Table Options) for more information.
• concurrency (integer) (optional) (default: 10000)

  Amount of concurrent request that may be issued to Snyk API.
• scheduler (string) (optional) (default: dfs) The scheduler to use when determining the priority of resources to sync. Supported values are dfs (depth-first search), round-robin, shuffle and shuffle-queue.

  For more information about this, see performance tuning.

Snyk Table Options Spec #

• audit_logs

  • from (string in the format YYYY-MM-DD) (optional)

    Sync audit logs created after this date.

    Examples: 2022-01-01.
  • to (string in the format YYYY-MM-DD) (optional)

    Sync audit logs created before this date.

    Examples: 2024-12-31.
• issues

  • created_after (string formatted as ISO 8601 timestamp) (optional)

    Sync issues created after this timestamp.

    Examples: 2022-01-01T01:00:01.000Z.
  • created_before (string formatted as ISO 8601 timestamp) (optional)

    Sync issues created before this timestamp.

    Examples: 2024-12-31T23:59:59.999Z.
  • updated_after (string formatted as ISO 8601 timestamp) (optional)

    Sync issues updated after this timestamp.

    Examples: 2022-01-01T01:00:01.000Z.
  • updated_before (string formatted as ISO 8601 timestamp) (optional)

    Sync issues updated before this timestamp.

    Examples: 2024-12-31T23:59:59.999Z.

Full config example #

kind: source
spec:
  name: snyk
  path: cloudquery/snyk
  registry: cloudquery
  version: "v7.3.11"
  tables:
    - "snyk_audit_logs"
    - "snyk_container_images"
    - "snyk_custom_base_images"
    - "snyk_issues"
    - "snyk_organizations"
    - "snyk_projects"
    - "snyk_sbom"
  destinations: ["postgresql"]

  spec:
    # required fields:
    api_key: "${SNYK_API_KEY}"
    
    # optional fields:
    organizations:
      - "<YOUR_ORG_1>"
      - "<YOUR_ORG_2>"
    projects:
      - "<YOUR_PROJECT_1>"
      - "<YOUR_PROJECT_2>"
    endpoint_url: "api.snyk.io"
    table_options:
      audit_logs:
        from: "2022-01-01"
        to: "2024-12-31"
      issues:
        created_after: "2022-01-01T01:00:01.000Z"
        created_before: "2024-12-31T23:59:59.999Z"
    concurrency: 10000