Back to plugin list
snyk
Official
Premium

Snyk

The CloudQuery Snyk plugin pulls configuration out of Snyk resources and loads it into any supported CloudQuery destination

Publisher

cloudquery

Latest version

v6.7.1

Type

Source

Platforms
Date Published

Price per 1M rows

Starting from $15

monthly free quota

1M rows

Set up process #


brew install cloudquery/tap/cloudquery

1. Download CLI and login

See installation options

2. Create source and destination configs

Plugin configuration

cloudquery sync snyk.yml postgresql.yml

3. Run the sync

CloudQuery sync

Overview #

The CloudQuery Snyk plugin pulls configuration out of Snyk resources and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).

Authentication #

In order to fetch information from Snyk, cloudquery needs to be authenticated. An API key is required for authentication. See Authentication for API for more information.

Snyk Source Plugin Configuration Reference

Example #

This example syncs from Snyk to a Postgres destination, using api_key authentication. The (top level) source spec section is described in the Source Spec Reference.
kind: source
# Common source-plugin configuration
spec:
  name: snyk
  path: cloudquery/snyk
  registry: cloudquery
  version: "v6.7.1"
  tables:
    - "snyk_audit_logs"
    - "snyk_container_images"
    - "snyk_custom_base_images"
    - "snyk_issues"
    - "snyk_organizations"
    - "snyk_projects"
    - "snyk_sbom"
  destinations: ["postgresql"]
  # Snyk specific configuration
  # Learn more about the configuration options at https://cql.ink/snyk_source
  spec:
    # required
    api_key: "${SNYK_API_KEY}"
    # optional, default: all organizations accessible via `api_key`
    organizations:
      - "<YOUR_ORG_1>"
      - "<YOUR_ORG_2>"
    # optional, default: all projects accessible via `api_key`
    projects:
      - "<YOUR_PROJECT_1>"
      - "<YOUR_PROJECT_2>"

Snyk Spec #

This is the (nested) spec used by the Snyk source plugin.
  • api_key (string) (required)
    An API key to access Snyk resources. See Authentication for API for more information.
  • organizations ([]string) (optional) (default: all organizations accessible via api_key)
    You can choose to limit what organizations to sync information from.
  • projects ([]string) (optional) (default: all projects accessible via api_key)
    You can choose to limit what projects to sync information from.
  • endpoint_url (string) (optional) (default: api.snyk.io)
    Endpoint URL to make the API requests to.
  • table_options (Table Options spec) (optional)
    Options to apply to specific tables. See [Table Options](#Table Options) for more information.
  • concurrency (integer) (optional) (default: 10000)
    Amount of concurrent request that may be issued to Snyk API.

Snyk Table Options Spec #

  • audit_logs
    • from (string in the format YYYY-MM-DD) (optional)
      Sync audit logs created after this date.
      Examples: 2022-01-01.
    • to (string in the format YYYY-MM-DD) (optional)
      Sync audit logs created before this date.
      Examples: 2024-12-31.
  • issues
    • created_after (string formatted as ISO 8601 timestamp) (optional)
      Sync issues created after this timestamp.
      Examples: 2022-01-01T01:00:01.000Z.
    • created_before (string formatted as ISO 8601 timestamp) (optional)
      Sync issues created before this timestamp.
      Examples: 2024-12-31T23:59:59.999Z.

Full config example #

Below is an example of the full config file with all the optional fields.
kind: source
spec:
  name: snyk
  path: cloudquery/snyk
  registry: cloudquery
  version: "v6.7.1"
  tables:
    - "snyk_audit_logs"
    - "snyk_container_images"
    - "snyk_custom_base_images"
    - "snyk_issues"
    - "snyk_organizations"
    - "snyk_projects"
    - "snyk_sbom"
  destinations: ["postgresql"]

  spec:
    # required fields:
    api_key: "${SNYK_API_KEY}"
    
    # optional fields:
    organizations:
      - "<YOUR_ORG_1>"
      - "<YOUR_ORG_2>"
    projects:
      - "<YOUR_PROJECT_1>"
      - "<YOUR_PROJECT_2>"
    endpoint_url: "api.snyk.io"
    table_options:
      audit_logs:
        from: "2022-01-01"
        to: "2024-12-31"
      issues:
        created_after: "2022-01-01T01:00:01.000Z"
        created_before: "2024-12-31T23:59:59.999Z"
    concurrency: 10000