gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-06 04:41:18 -08:00
Code Issues Packages Projects Releases Wiki Activity

docs: correcting the trivy k8s tutorial (#4815)

Browse Source 
* correcting the trivy k8s tutorial

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>

* docs: fix

---------

Signed-off-by: AnaisUrlichs <urlichsanais@gmail.com>
Co-authored-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
Anais Urlichs
2023-07-16 10:06:28 +01:00
committed by GitHub
parent 3c7d988d71
commit 88243a0ad6
1 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
docs/tutorials/kubernetes/cluster-scanning.md
View File

@@ -10,19 +10,18 @@ Pro tip: The output of the commands will be even more interesting if you have so
Trivy K8s is great to get an overview of all the vulnerabilities and misconfiguration issues or to scan specific workloads that are running in your cluster. You would want to use the Trivy K8s command either on your own local cluster or in your CI/CD pipeline post deployments.
The Trivy K8s command is part of the Trivy CLI:
The `trivy k8s` command is part of the Trivy CLI.
With the following command, we can scan our entire Kubernetes cluster for vulnerabilities and get a summary of the scan:
```
trivy k8s --report=summary
trivy k8s --report=summary cluster
```
To get detailed information for all your resources, just replace summary with all:
```
trivy k8s --report=all
trivy k8s --report=all cluster
```
However, we recommend displaying all information only in case you scan a specific namespace or resource since you can get overwhelmed with additional details.
@@ -30,19 +29,19 @@ However, we recommend displaying all information only in case you scan a specifi
Furthermore, we can specify the namespace that Trivy is supposed to scan to focus on specific resources in the scan result:
```
trivy k8s -n kube-system --report=summary
trivy k8s -n kube-system --report=summary cluster
```
Again, if youd like to receive additional details, use the --report=all flag:
```
trivy k8s -n kube-system --report=all
trivy k8s -n kube-system --report=all cluster
```
Like with scanning for vulnerabilities, we can also filter in-cluster security issues by severity of the vulnerabilities:
```
trivy k8s --severity=CRITICAL --report=summary
trivy k8s --severity=CRITICAL --report=summary cluster
```
Note that you can use any of the Trivy flags on the Trivy K8s command.
@@ -50,7 +49,7 @@ Note that you can use any of the Trivy flags on the Trivy K8s command.
With the Trivy K8s command, you can also scan specific workloads that are running within your cluster, such as our deployment:
```
trivy k8s n app --report=summary deployments/react-application
trivy k8s --namespace app --report=summary deployments/react-application
```
## Trivy Operator