Trivy Operator
Definition
Trivy Operator is a Kubernetes-native security tool that integrates with the Kubernetes cluster to provide continuous vulnerability scanning and configuration auditing. It leverages the Trivy scanner to detect vulnerabilities in container images, file systems, and Git repositories, and it can also audit Kubernetes manifests for misconfigurations. The operator runs as a Kubernetes controller, automatically scanning resources and generating reports that can be accessed via Kubernetes Custom Resource Definitions (CRDs).
Secure Settings Example
apiVersion: trivy-operator.aquasecurity.github.io/v1alpha1
kind: ConfigAuditReport
metadata:
name: secure-config-audit
spec:
scanJob:
template:
spec:
containers:
- name: trivy
image: aquasec/trivy:latest
args:
- "--severity=HIGH,CRITICAL"
- "--ignore-unfixed"
- "--exit-code=1"
Insecure Settings Example
apiVersion: trivy-operator.aquasecurity.github.io/v1alpha1
kind: ConfigAuditReport
metadata:
name: insecure-config-audit
spec:
scanJob:
template:
spec:
containers:
- name: trivy
image: aquasec/trivy:latest
args:
- "--severity=LOW,MEDIUM"
- "--exit-code=0"