Bitbucket Configuration

Create an app password

You will need to create an app password in order to authorize Snyk to access your repository and enable Snyk's Bitbucket Cloud integration.

To create an app password:

  1. From your avatar in the bottom left, click Personal settings.

  2. Click App passwords under Access management.

  3. Click Create app password.

  4. Give the app password a name related to the application that will use the password.

  5. Select the specific access and permissions you want this application password to have.

  6. Copy the generated password and either record or paste it into the application you want to give access. The password is only displayed this one time.

You will need the following permissions:

  • Account: read

  • Team membership: read

  • Projects: read

  • Repositories: read and write

  • Pull requests: read and write

  • Webhooks: read and write

Repository variables

You will need to define repository variables at the repository level which will later be referenced in your pipeline.

These will consist of the following:

  1. Amazon EKS name of your cluster: AWS_EKS_CLUSTER

  2. Snyk API token for authenticating with your Snyk account: SNYK_TOKEN

  3. AWS Identity & Access Management User key and secret for secure authenticated interactions with the AWS API: AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY

  4. AWS region you will be deploying to: AWS_DEFAULT_REGION

  5. Amazon ECR URL for your repository: AWS_ECR_URI

  6. Container image name: IMAGE

It is recommended that you use Snyk Service accounts and AWS IAM best practices when creating accounts.