diff --git a/docs/tutorials/kubernetes/cluster-scanning.md b/docs/tutorials/kubernetes/cluster-scanning.md index d8f3e40ef95a..a0d097cd78a4 100644 --- a/docs/tutorials/kubernetes/cluster-scanning.md +++ b/docs/tutorials/kubernetes/cluster-scanning.md @@ -10,19 +10,18 @@ Pro tip: The output of the commands will be even more interesting if you have so Trivy K8s is great to get an overview of all the vulnerabilities and misconfiguration issues or to scan specific workloads that are running in your cluster. You would want to use the Trivy K8s command either on your own local cluster or in your CI/CD pipeline post deployments. -The Trivy K8s command is part of the Trivy CLI: - +The `trivy k8s` command is part of the Trivy CLI. With the following command, we can scan our entire Kubernetes cluster for vulnerabilities and get a summary of the scan: ``` -trivy k8s --report=summary +trivy k8s --report=summary cluster ``` To get detailed information for all your resources, just replace ‘summary’ with ‘all’: ``` -trivy k8s --report=all +trivy k8s --report=all cluster ``` However, we recommend displaying all information only in case you scan a specific namespace or resource since you can get overwhelmed with additional details. @@ -30,19 +29,19 @@ However, we recommend displaying all information only in case you scan a specifi Furthermore, we can specify the namespace that Trivy is supposed to scan to focus on specific resources in the scan result: ``` -trivy k8s -n kube-system --report=summary +trivy k8s -n kube-system --report=summary cluster ``` Again, if you’d like to receive additional details, use the ‘--report=all’ flag: ``` -trivy k8s -n kube-system --report=all +trivy k8s -n kube-system --report=all cluster ``` Like with scanning for vulnerabilities, we can also filter in-cluster security issues by severity of the vulnerabilities: ``` -trivy k8s --severity=CRITICAL --report=summary +trivy k8s --severity=CRITICAL --report=summary cluster ``` Note that you can use any of the Trivy flags on the Trivy K8s command. @@ -50,7 +49,7 @@ Note that you can use any of the Trivy flags on the Trivy K8s command. With the Trivy K8s command, you can also scan specific workloads that are running within your cluster, such as our deployment: ``` -trivy k8s –n app --report=summary deployments/react-application +trivy k8s --namespace app --report=summary deployments/react-application ``` ## Trivy Operator