Difference between revisions of "K8s security scanner"
Jump to navigation
Jump to search
(Created page with "https://github.com/aquasecurity/trivy") |
|||
| Line 1: | Line 1: | ||
https://github.com/aquasecurity/trivy | https://github.com/aquasecurity/trivy | ||
| + | |||
| + | # Trivy on Microk8s | ||
| + | ``` | ||
| + | microk8s enable community | ||
| + | microk8s enable trivy | ||
| + | kubectl get all -n trivy-system | ||
| + | ``` | ||
| + | |||
| + | Get reports | ||
| + | ``` | ||
| + | Inspect created VulnerabilityReports by: | ||
| + | |||
| + | kubectl get vulnerabilityreports --all-namespaces -o wide | ||
| + | |||
| + | Inspect created ConfigAuditReports by: | ||
| + | |||
| + | kubectl get configauditreports --all-namespaces -o wide | ||
| + | |||
| + | Inspect the work log of trivy-operator by: | ||
| + | |||
| + | kubectl logs -n trivy-system deployment/trivy-operator | ||
| + | ``` | ||
Revision as of 16:32, 4 April 2023
https://github.com/aquasecurity/trivy
Trivy on Microk8s
microk8s enable community microk8s enable trivy kubectl get all -n trivy-system
Get reports
Inspect created VulnerabilityReports by:
kubectl get vulnerabilityreports --all-namespaces -o wide
Inspect created ConfigAuditReports by:
kubectl get configauditreports --all-namespaces -o wide
Inspect the work log of trivy-operator by:
kubectl logs -n trivy-system deployment/trivy-operator