Listing Thumbnail

    Trivy Security Scanner AMI | Support by cloudimg

     Info
    Sold by: cloudimg 
    Deployed on AWS
    Free Trial
    AWS Free Tier
    This product has charges associated with it for seller support. Pre-configured Trivy security scanner AMI with offline vulnerability database - scan containers, IaC, and repos instantly via SSH with no setup. 24/7 cloudimg support included.

    Overview

    Open image

    This is a repackaged open source software product wherein additional charges apply for cloudimg support services.

    Overview

    Trivy is the open source, Apache-2.0 licensed all-in-one security scanner from Aqua Security. It finds known vulnerabilities (CVEs) in operating system packages and language dependencies, detects infrastructure-as-code and Kubernetes misconfigurations, surfaces hard-coded secrets, and generates and scans software bills of materials (SBOMs). This AMI delivers Trivy fully installed and configured as a ready-to-use scanning workstation - SSH in and start scanning immediately with no setup required.

    Why Choose This AMI Over Self-Installation

    Deploying Trivy from scratch requires installing the binary, downloading the multi-gigabyte vulnerability database, configuring cache paths, and verifying checksums. This AMI eliminates that entire workflow:

    • Zero setup time - The trivy binary is pre-installed on the system path and verified against the official release checksum.
    • Offline-ready - The full vulnerability database and Java index database are pre-downloaded, so your first scan returns results immediately with no network fetch.
    • Dedicated data disk - The Trivy cache and database reside on an independently resizable EBS volume, keeping durable scan data separate from the OS disk.
    • Environment pre-configured - Cache paths are exported to every login shell, and a login banner describes the layout and how to get started.

    All-In-One Security Scanning

    • Scan container images and root filesystems for OS-package and language-dependency CVEs
    • Scan local directories, Git repositories, and SBOM files
    • Scan Terraform, CloudFormation, Kubernetes manifests, Helm charts, and Dockerfiles for misconfigurations
    • Detect leaked secrets and API keys
    • Generate CycloneDX and SPDX SBOMs
    • One binary, one cache, every scan type

    Getting Started

    1. Launch the AMI on your preferred EC2 instance type
    2. Connect over SSH using your key pair
    3. Run trivy image <your-image> or point Trivy at any supported target
    4. Review results immediately - the pre-loaded database means no download wait
    5. Refresh the database at any time with trivy image --download-db-only or let Trivy auto-update on its normal schedule

    Security Practices

    The Trivy binary is verified against the official release checksum during the AMI build process. The vulnerability database resides on a dedicated EBS data disk that supports AWS encryption at rest. SSH access uses key-based authentication. All scanning is performed locally on the instance - no scan data leaves your environment unless you explicitly configure external reporting.

    Use Cases

    • Managed scanning bastion - Audit container images and hosts from a central, always-ready workstation
    • CI runner image - Fail pull requests on critical CVEs or misconfigurations using Trivy exit codes
    • Air-gapped scanning - Ship with the vulnerability database pre-loaded for environments without internet access
    • Reproducible security tooling - Pinned, checksum-verified scanner in a consistent environment

    cloudimg Support

    24/7 technical support by email and live chat covers scan configuration, severity gating and exit codes, ignore policies, SBOM generation, IaC and Kubernetes misconfiguration scanning, database refresh and air-gapped operation, and CI integration. Critical issues receive a one-hour average response.

    Next Steps

    Contact support@cloudimg.co.uk  to request a sample scan report, schedule a CI integration walkthrough, or ask any pre-purchase questions about the product.

    All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

    Highlights

    • Pre-installed Trivy security scanner with offline vulnerability database eliminates all setup time. The binary is checksum-verified against the official Aqua Security release, and the full CVE database ships pre-loaded on a dedicated, independently resizable EBS data disk. Launch the instance, SSH in, and get scan results on your first command - no downloads, no configuration, no waiting.
    • Dedicated data disk architecture separates the vulnerability database from the OS disk, ensuring durable storage that persists independently and resizes without rebuilding the instance. Unlike self-managed Trivy installations where the cache lives on ephemeral storage, this design guarantees your database survives reboots and instance stops while enabling offline scanning in air-gapped environments.
    • Scan container images, filesystems, Git repos, Terraform, CloudFormation, Kubernetes manifests, Helm charts, Dockerfiles, and SBOMs from a single binary - with 24/7 technical support from cloudimg engineers. Get help with CI integration, severity gating, exit-code configuration, ignore policies, and air-gapped operation. Critical issues receive a one-hour average response.

    Details

    Sold by

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    Ubuntu 24.04

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product free for 7 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    Trivy Security Scanner AMI | Support by cloudimg

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.
    If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier  for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier  for more details.

    Usage costs (800)

     Info
    • ...
    Dimension
    Description
    Cost/hour
    t3.medium
    Recommended
    t3.medium
    $0.04
    t3.micro
    t3.micro instance type
    $0.04
    t2.micro
    t2.micro instance type
    $0.04
    r8in.16xlarge
    r8in.16xlarge instance type
    $0.24
    r8id.metal-48xl
    r8id.metal-48xl instance type
    $0.24
    m8i.large
    m8i.large instance type
    $0.08
    r8i.96xlarge
    r8i.96xlarge instance type
    $0.24
    m7i-flex.12xlarge
    m7i-flex.12xlarge instance type
    $0.24
    m8idn.24xlarge
    m8idn.24xlarge instance type
    $0.24
    m8ib.2xlarge
    m8ib.2xlarge instance type
    $0.24

    Vendor refund policy

    Refunds available on request.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    Initial release of Trivy 0.71.1, Aqua Security's open source all-in-one security scanner, as a ready-to-use CLI workstation with the vulnerability database pre-loaded.

    Additional details

    Usage instructions

    Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). This is a headless command-line security scanner: there is no web interface. Read the welcome notes with: sudo cat /root/trivy-info.txt. Run trivy version to confirm the toolchain and see the bundled vulnerability database metadata. The vulnerability database is PRE-DOWNLOADED so you can scan offline immediately: scan a filesystem with trivy fs /path, a container image with trivy image name:tag , a Git repository with trivy repo <url>, infrastructure-as-code with trivy config <dir>, and generate an SBOM with trivy image --format cyclonedx -o sbom.json name:tag . Add --skip-db-update to scan without touching the network. The cache and database are on a dedicated data disk at /var/lib/trivy and exported as TRIVY_CACHE_DIR for every login shell. Refresh the database any time with trivy image --download-db-only. Use --severity CRITICAL,HIGH and --exit-code 1 to gate CI pipelines on findings.

    Resources

    Vendor resources

    Support

    Vendor support

    cloudimg provides 24/7 technical support for this product by email and live chat.

    Contact: support@cloudimg.co.uk 

    Response Times: Critical issues receive a one-hour average response.

    Scope of Support:

    • Deployment and initial configuration assistance
    • Trivy scan configuration, severity gating, and exit-code setup
    • Ignore policies and false-positive management
    • SBOM generation (CycloneDX and SPDX formats)
    • Infrastructure-as-code and Kubernetes misconfiguration scanning
    • Vulnerability database refresh and air-gapped operation
    • CI/CD integration and pipeline configuration
    • Performance tuning and troubleshooting
    • Instance updates and maintenance guidance

    Refunds: For refund requests or billing inquiries, contact support@cloudimg.co.uk  with your AWS Marketplace order details.

    Getting Started: After launching the AMI, email support@cloudimg.co.uk  if you need help with your first scan, CI integration planning, or any configuration questions. Our engineers are available around the clock to ensure you get value from the product quickly.

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 reviews
    No customer reviews yet
    Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.