Closed jeffqumata closed 1 year ago
hello, @jeffqumata in most recent version it is working as expected.
trivy aws --region us-west-1 --update-cache
Scan Overview for AWS Account xxxxxxx
┌────────────────┬──────────────────────────────────────────────────┬──────────────┐
│ │ Misconfigurations │ │
│ ├──────────┬──────────────┬────────┬─────┬─────────┤ │
│ Service │ Critical │ High │ Medium │ Low │ Unknown │ Last Scanned │
├────────────────┼──────────┼──────────────┼────────┼─────┼─────────┼──────────────┤
│ accessanalyzer │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ api-gateway │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ athena │ 0 │ 2 │ 0 │ 0 │ 0 │ just now │
│ cloudfront │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ cloudtrail │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ cloudwatch │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ codebuild │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ documentdb │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ dynamodb │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ ec2 │ 3 │ 1 │ 1 │ 0 │ 0 │ just now │
│ ecr │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ ecs │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ efs │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ eks │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ elasticache │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ elasticsearch │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ elb │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ emr │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ iam │ 0 │ 0 │ 0 │ 1 │ 0 │ just now │
│ kinesis │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ kms │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ lambda │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ mq │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ msk │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ neptune │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ rds │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ redshift │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ s3 │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ sns │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ sqs │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ ssm │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
│ workspaces │ 0 │ 0 │ 0 │ 0 │ 0 │ just now │
└────────────────┴──────────┴──────────────┴────────┴─────┴─────────┴──────────────┘
trivy --version
Version: 0.37.1
Vulnerability DB:
Version: 2
UpdatedAt: 2023-01-25 12:08:59.350553048 +0000 UTC
NextUpdate: 2023-01-25 18:08:59.350552848 +0000 UTC
DownloadedAt: 2023-01-25 13:05:59.839508854 +0000 UTC
cf. https://docs.aws.amazon.com/workspaces/latest/adminguide/azs-workspaces.html
perfect, thanks
Description
Related to #3419 and possibly #3420, the
workspaces
service is not available in all regions (which is fine) but this can cause trivy to behave strangely - for example it will always output zero issues when running a full service scan, for example..What did you expect to happen?
Trivy to output something like "workspaces not available in current region" and continue to output the results of the scan.
What happened instead?
Trivy reported zero issues on all aws services. This is dangerous.
Output of
trivy -v
: