The Snyk IaC security features provide automatic source locations for rule violations using Rego, a declarative programming language. The `snyk iac test` command now displays accurate file, line, and column information for each rule violation in CloudFormation files. This feature is part of the unified policy as code engine, which allows developers to define security policies in a human-readable format and easily enforce them across their infrastructure as code. The Snyk IaC security features also support custom rules written in Rego, making it possible for teams to extend the security capabilities of the platform. Additionally, the feature provides a way to automatically infer source locations of rules used in policies, which can help reduce false positives and improve the efficiency of policy enforcement.