Skip to content

aquasecurity/trivy-aws

Repository files navigation

trivy-aws

Installing Trivy AWS Plugin

$ trivy plugin install github.com/aquasecurity/trivy-aws

Usage

Scan an AWS account for misconfigurations. Trivy uses the same authentication methods as the AWS CLI. See https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html

The following services are supported:

  • accessanalyzer
  • api-gateway
  • athena
  • cloudfront
  • cloudtrail
  • cloudwatch
  • codebuild
  • documentdb
  • dynamodb
  • ec2
  • ecr
  • ecs
  • efs
  • eks
  • elasticache
  • elasticsearch
  • elb
  • emr
  • iam
  • kinesis
  • kms
  • lambda
  • mq
  • msk
  • neptune
  • rds
  • redshift
  • s3
  • sns
  • sqs
  • ssm
  • workspaces
Usage:
  trivy aws [flags]

Examples:
  # basic scanning
  $ trivy aws --region us-east-1

  # limit scan to a single service:
  $ trivy aws --region us-east-1 --service s3

  # limit scan to multiple services:
  $ trivy aws --region us-east-1 --service s3 --service ec2

  # force refresh of cache for fresh results
  $ trivy aws --region us-east-1 --update-cache

Please see ARCHITECTURE.md for more information.

trivy-aws is an Aqua Security open source project. Learn about our open source work and portfolio here. Join the community, and talk to us about any matter in GitHub Discussion.

About

No description, website, or topics provided.

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages