gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 15:37:50 -08:00
Code Issues Packages Projects Releases Wiki Activity

docs: restructure docs for new hosting (#9799)

Browse Source
This commit is contained in:
Owen Rumney
2025-11-18 15:45:49 +00:00
committed by GitHub
parent f64e0daf25
commit 9da33b5aed
188 changed files with 178 additions and 3576 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
docs/guide/coverage/kubernetes.md Normal file
View File

@@ -0,0 +1,24 @@
# Kubernetes
When scanning a Kubernetes cluster, Trivy differentiates between the following:
1. Cluster infrastructure (e.g api-server, kubelet, addons)
1. Cluster configuration (e.g Roles, ClusterRoles).
1. Application workloads (e.g nginx, postgresql).
Whenever Trivy scans either of these Kubernetes resources, the container image is scanned separately to the Kubernetes resource definition (the YAML manifest) that defines the resource.
When scanning any of the above, the container image is scanned separately to the Kubernetes resource definition (the YAML manifest) that defines the resource.
Container image is scanned for:
- Vulnerabilities
- Misconfigurations
- Exposed secrets
Kubernetes resource definition is scanned for:
- Vulnerabilities - partially supported through [KBOM scanning](../target/kubernetes.md#kbom)
- Misconfigurations
- Exposed secrets
To learn more, please see the [documentation for Kubernetes scanning](../target/kubernetes.md).