Quick Start

    For example:

    For more details, see here.

    Scan directory for misconfigurations

    1. $ trivy config [YOUR_IAC_DIR]

    For example:

    1. 2021-07-09T10:06:29.188+0300    INFO    Need to update the built-in policies
    2. 2021-07-09T10:06:29.188+0300    INFO    Downloading the built-in policies...
    5. =======================
    6. Tests: 23 (SUCCESSES: 22, FAILURES: 1, EXCEPTIONS: 0)
    7. Failures: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
    10. +---------------------------+------------+----------------------+----------+------------------------------------------+
    11. | Dockerfile Security Check |   DS002    | Image user is 'root' |   HIGH   | Last USER command in                     |
    12. |                           |            |                      |          | Dockerfile should not be 'root'          |
    13. |                           |            |                      |          | -->avd.aquasec.com/appshield/ds002       |
    14. +---------------------------+------------+----------------------+----------+------------------------------------------+

    For more details, see here.