Back to plugin list
Official
Premium
Snyk
The CloudQuery Snyk plugin pulls configuration out of Snyk resources and loads it into any supported CloudQuery destination
Publisher
cloudquery
Latest version
v6.7.1
Type
Source
Platforms
Date Published
Price per 1M rows
Starting from $15
monthly free quota
1M rows
Set up process #
brew install cloudquery/tap/cloudquery
1. Download CLI and login
2. Create source and destination configs
Plugin configurationOverview #
The CloudQuery Snyk plugin pulls configuration out of Snyk resources and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).
Authentication #
In order to fetch information from Snyk,
cloudquery
needs to be authenticated.
An API key is required for authentication.
See Authentication for API for more information.Snyk Source Plugin Configuration Reference
Example #
This example syncs from Snyk to a Postgres destination, using
api_key
authentication.
The (top level) source spec section is described in the Source Spec Reference.kind: source
# Common source-plugin configuration
spec:
name: snyk
path: cloudquery/snyk
registry: cloudquery
version: "v6.7.1"
tables:
- "snyk_audit_logs"
- "snyk_container_images"
- "snyk_custom_base_images"
- "snyk_issues"
- "snyk_organizations"
- "snyk_projects"
- "snyk_sbom"
destinations: ["postgresql"]
# Snyk specific configuration
# Learn more about the configuration options at https://cql.ink/snyk_source
spec:
# required
api_key: "${SNYK_API_KEY}"
# optional, default: all organizations accessible via `api_key`
organizations:
- "<YOUR_ORG_1>"
- "<YOUR_ORG_2>"
# optional, default: all projects accessible via `api_key`
projects:
- "<YOUR_PROJECT_1>"
- "<YOUR_PROJECT_2>"
Snyk Spec #
This is the (nested) spec used by the Snyk source plugin.
api_key
(string
) (required)An API key to access Snyk resources. See Authentication for API for more information.organizations
([]string
) (optional) (default: all organizations accessible viaapi_key
)You can choose to limit what organizations to sync information from.projects
([]string
) (optional) (default: all projects accessible viaapi_key
)You can choose to limit what projects to sync information from.endpoint_url
(string
) (optional) (default:api.snyk.io
)Endpoint URL to make the API requests to.table_options
(Table Options spec) (optional)Options to apply to specific tables. See [Table Options](#Table Options) for more information.concurrency
(integer
) (optional) (default:10000
)Amount of concurrent request that may be issued to Snyk API.
Snyk Table Options Spec #
audit_logs
from
(string
in the formatYYYY-MM-DD
) (optional)Sync audit logs created after this date.Examples:2022-01-01
.to
(string
in the formatYYYY-MM-DD
) (optional)Sync audit logs created before this date.Examples:2024-12-31
.
issues
created_after
(string
formatted as ISO 8601 timestamp) (optional)Sync issues created after this timestamp.Examples:2022-01-01T01:00:01.000Z
.created_before
(string
formatted as ISO 8601 timestamp) (optional)Sync issues created before this timestamp.Examples:2024-12-31T23:59:59.999Z
.
Full config example #
Below is an example of the full config file with all the optional fields.
kind: source
spec:
name: snyk
path: cloudquery/snyk
registry: cloudquery
version: "v6.7.1"
tables:
- "snyk_audit_logs"
- "snyk_container_images"
- "snyk_custom_base_images"
- "snyk_issues"
- "snyk_organizations"
- "snyk_projects"
- "snyk_sbom"
destinations: ["postgresql"]
spec:
# required fields:
api_key: "${SNYK_API_KEY}"
# optional fields:
organizations:
- "<YOUR_ORG_1>"
- "<YOUR_ORG_2>"
projects:
- "<YOUR_PROJECT_1>"
- "<YOUR_PROJECT_2>"
endpoint_url: "api.snyk.io"
table_options:
audit_logs:
from: "2022-01-01"
to: "2024-12-31"
issues:
created_after: "2022-01-01T01:00:01.000Z"
created_before: "2024-12-31T23:59:59.999Z"
concurrency: 10000