Snyk Infrastructure as Code is a security scanning tool that identifies and helps remediate misconfigurations in infrastructure as code files before they reach production environments. The tool supports multiple IaC formats including Terraform, CloudFormation, Kubernetes, Helm charts, and ARM templates. The scanner integrates into developer workflows through IDE, CLI, source code management (SCM), and CI/CD pipeline integrations. It provides automated testing and gating capabilities to prevent misconfigurations from being deployed. The tool offers in-line fix suggestions within code to help developers remediate issues quickly. Snyk IaC includes built-in rulesets for various IaC formats and cloud providers (AWS, Azure, GCP) based on industry best practices, CIS benchmarks, and threat modeling research. Users can extend these rulesets with custom policies powered by Open Policy Agent (OPA). The platform provides reporting capabilities for tracking configuration issues over time and exporting compliance data. Enterprise features include custom user roles, security policy management, custom rules, compliance rules and issue reporting, and the ability to fix cloud issues directly in IaC. The tool is designed to integrate into existing developer workflows to minimize disruption while providing security feedback during the development process.