trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 4 months ago verified publisher icon aquasecurity

List of Google Cloud Platform (GCP) Permissions required to run Trivy for kubernetes security scanning

Open chen-keinan opened this issue 1 year ago • 1 comments

Discussed in https://github.com/aquasecurity/trivy/discussions/7017

Originally posted by fernandogont June 25, 2024

Question

Hi,

I'm trying to run Trivy for kubernetes security scanning. Is there official documentation of the GCP privileges/permissions that would be required for that?

Any clues?

Thanks! Fernando

Target

Kubernetes

Scanner

Vulnerability

Output Format

None

Mode

None

Operating System

MacOS Sonoma

Version

Version: 0.52.2
Vulnerability DB:
  Version: 2
  UpdatedAt: 2024-06-24 18:11:15.08361159 +0000 UTC
  NextUpdate: 2024-06-25 00:11:15.083611369 +0000 UTC
  DownloadedAt: 2024-06-24 19:09:48.966879 +0000 UTC
Java DB:
  Version: 1
  UpdatedAt: 2024-06-24 01:05:28.435237398 +0000 UTC
  NextUpdate: 2024-06-27 01:05:28.435237228 +0000 UTC
  DownloadedAt: 2024-06-24 15:13:53.758019 +0000 UTC
Check Bundle:
  Digest: sha256:cfb65621a1f55d9d099c4c28931b252716fcda8bba5081eb43f1001668e79d85
  DownloadedAt: 2024-06-24 15:11:21.684638 +0000 UTC

chen-keinan avatar Jul 01 '24 12:07 chen-keinan

Update docs for minimal permission require to run trivy k8s ...

chen-keinan avatar Jul 01 '24 12:07 chen-keinan

There was added a new block Required roles in the docs: https://trivy.dev/latest/docs/target/kubernetes/#required-roles

afdesk avatar Feb 11 '25 12:02 afdesk