[Question] Errors for vulnerability scanning when using kubernetes scanning #5310
Labels
target/kubernetes
Issues relating to kubernetes cluster scanning
triage/support
Indicates an issue that is a support question.
Discussed in #5284
Originally posted by Mo0rBy October 1, 2023
Question
When using
trivy kubernetes
scanning, I am unable to see any vulnerabilities detection and I can see a bunch of errors (1 for each microservice deployment). I'm not sure why I'm getting this error, so any help to point me in the right directorion would be appreciated.Here is an example of 1 of the errors:
It looks like Trivy is attempting to send a request to pull images, but the images are stored inside a private AWS ECR and are not publicly available. Am I missing something?
It looks like I can get vulnerability scanning results for publicly available images that we have deployed, so I think this is just Trivy trying to reach out to the internet to get information about the deployed images, and it obviously can't as they are created by my team and stored in private registries.
Is there any way to get Trivy to ignore vulnerability scanning on these images so that I don't see the errors for these, but still scan for vulnerabilities so I can get results for the publicly available images that we use?
Target
Kubernetes
Scanner
Vulnerability
Output Format
Table
Mode
Standalone
Operating System
macOS Ventura 13.6
Version
The text was updated successfully, but these errors were encountered: