Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BREAKING(aws): Deprecating trivy aws subcommand #6884

Closed
simar7 opened this issue Jun 8, 2024 · 1 comment
Closed

BREAKING(aws): Deprecating trivy aws subcommand #6884

simar7 opened this issue Jun 8, 2024 · 1 comment
Assignees
@simar7
Labels
kind/breaking Categorizes issue or PR as related to breaking compatibility. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.53.0

Comments

@simar7
Copy link
Member

simar7 commented Jun 8, 2024
edited
Loading

Related PR: #6819

Summary

Trivy (v0.53+ onwards) will no longer include live cloud scanning as part of the core Trivy experience. Users are advised to install the Trivy AWS plugin, if this functionality is still desired. A migration guide can be found here

Scanning AWS Cloud resources for misconfigurations in IaC code scanning (Terraform, CloudFormation, etc.) remains unchanged.

Motivation

Currently the Trivy AWS cloud scanning functionality within the Trivy project is offered in an "experimental" state and we feel we have had many learnings to improve on this experience.

Since the plugin system of Trivy has been enhanced recently and trivy aws itself has found its place within its own repo, we can refactor the functionality of cloud scanning into a plugin.

Benefits

This change has several benefits:

  1. Users can now install AWS live cloud scanning, on a per-need basis, if need be.
  2. It reduces dependency bloat from Trivy as we no longer have to import several dependencies.
  3. This change also allows us to define the architectural changes needed to write a new cloud plugin in the future. We foresee each cloud provider live scanner to be its own plugin (e.g. trivy azure, trivy gcp, etc.)
@simar7 simar7 added kind/breaking Categorizes issue or PR as related to breaking compatibility. scan/misconfiguration Issues relating to misconfiguration scanning labels Jun 8, 2024
@simar7 simar7 added this to the v0.53.0 milestone Jun 8, 2024
@simar7 simar7 self-assigned this Jun 8, 2024
@simar7
Copy link
Member Author

simar7 commented Jun 25, 2024

Closed via #6819

@simar7 simar7 closed this as completed Jun 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/breaking Categorizes issue or PR as related to breaking compatibility. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Status: No status
Milestone
v0.53.0
Development

No branches or pull requests
1 participant
@simar7