Overview
trivy version
The preinstalled trivy command line reporting the pinned Trivy release and the bundled vulnerability database metadata on the cloudimg security-scanning workstation image.
trivy version
trivy filesystem scan
trivy IaC misconfiguration scan
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
Overview
Trivy is the open source, Apache-2.0 licensed all-in-one security scanner from Aqua Security. It finds known vulnerabilities (CVEs) in operating system packages and language dependencies, detects infrastructure-as-code and Kubernetes misconfigurations, surfaces hard-coded secrets, and generates and scans software bills of materials (SBOMs). This AMI delivers Trivy fully installed and configured as a ready-to-use scanning workstation - SSH in and start scanning immediately with no setup required.
Why Choose This AMI Over Self-Installation
Deploying Trivy from scratch requires installing the binary, downloading the multi-gigabyte vulnerability database, configuring cache paths, and verifying checksums. This AMI eliminates that entire workflow:
- Zero setup time - The trivy binary is pre-installed on the system path and verified against the official release checksum.
- Offline-ready - The full vulnerability database and Java index database are pre-downloaded, so your first scan returns results immediately with no network fetch.
- Dedicated data disk - The Trivy cache and database reside on an independently resizable EBS volume, keeping durable scan data separate from the OS disk.
- Environment pre-configured - Cache paths are exported to every login shell, and a login banner describes the layout and how to get started.
All-In-One Security Scanning
- Scan container images and root filesystems for OS-package and language-dependency CVEs
- Scan local directories, Git repositories, and SBOM files
- Scan Terraform, CloudFormation, Kubernetes manifests, Helm charts, and Dockerfiles for misconfigurations
- Detect leaked secrets and API keys
- Generate CycloneDX and SPDX SBOMs
- One binary, one cache, every scan type
Getting Started
- Launch the AMI on your preferred EC2 instance type
- Connect over SSH using your key pair
- Run trivy image <your-image> or point Trivy at any supported target
- Review results immediately - the pre-loaded database means no download wait
- Refresh the database at any time with trivy image --download-db-only or let Trivy auto-update on its normal schedule
Security Practices
The Trivy binary is verified against the official release checksum during the AMI build process. The vulnerability database resides on a dedicated EBS data disk that supports AWS encryption at rest. SSH access uses key-based authentication. All scanning is performed locally on the instance - no scan data leaves your environment unless you explicitly configure external reporting.
Use Cases
- Managed scanning bastion - Audit container images and hosts from a central, always-ready workstation
- CI runner image - Fail pull requests on critical CVEs or misconfigurations using Trivy exit codes
- Air-gapped scanning - Ship with the vulnerability database pre-loaded for environments without internet access
- Reproducible security tooling - Pinned, checksum-verified scanner in a consistent environment
cloudimg Support
24/7 technical support by email and live chat covers scan configuration, severity gating and exit codes, ignore policies, SBOM generation, IaC and Kubernetes misconfiguration scanning, database refresh and air-gapped operation, and CI integration. Critical issues receive a one-hour average response.
Next Steps
Contact support@cloudimg.co.uk to request a sample scan report, schedule a CI integration walkthrough, or ask any pre-purchase questions about the product.
All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Highlights
- Pre-installed Trivy security scanner with offline vulnerability database eliminates all setup time. The binary is checksum-verified against the official Aqua Security release, and the full CVE database ships pre-loaded on a dedicated, independently resizable EBS data disk. Launch the instance, SSH in, and get scan results on your first command - no downloads, no configuration, no waiting.
- Dedicated data disk architecture separates the vulnerability database from the OS disk, ensuring durable storage that persists independently and resizes without rebuilding the instance. Unlike self-managed Trivy installations where the cache lives on ephemeral storage, this design guarantees your database survives reboots and instance stops while enabling offline scanning in air-gapped environments.
- Scan container images, filesystems, Git repos, Terraform, CloudFormation, Kubernetes manifests, Helm charts, Dockerfiles, and SBOMs from a single binary - with 24/7 technical support from cloudimg engineers. Get help with CI integration, severity gating, exit-code configuration, ignore policies, and air-gapped operation. Critical issues receive a one-hour average response.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Description | Cost/hour |
|---|---|---|
t3.medium Recommended | t3.medium | $0.04 |
t3.micro | t3.micro instance type | $0.04 |
t2.micro | t2.micro instance type | $0.04 |
r8in.16xlarge | r8in.16xlarge instance type | $0.24 |
r8id.metal-48xl | r8id.metal-48xl instance type | $0.24 |
m8i.large | m8i.large instance type | $0.08 |
r8i.96xlarge | r8i.96xlarge instance type | $0.24 |
m7i-flex.12xlarge | m7i-flex.12xlarge instance type | $0.24 |
m8idn.24xlarge | m8idn.24xlarge instance type | $0.24 |
m8ib.2xlarge | m8ib.2xlarge instance type | $0.24 |
Vendor refund policy
Refunds available on request.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release of Trivy 0.71.1, Aqua Security's open source all-in-one security scanner, as a ready-to-use CLI workstation with the vulnerability database pre-loaded.
Additional details
Usage instructions
Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). This is a headless command-line security scanner: there is no web interface. Read the welcome notes with: sudo cat /root/trivy-info.txt. Run trivy version to confirm the toolchain and see the bundled vulnerability database metadata. The vulnerability database is PRE-DOWNLOADED so you can scan offline immediately: scan a filesystem with trivy fs /path, a container image with trivy image name:tag , a Git repository with trivy repo <url>, infrastructure-as-code with trivy config <dir>, and generate an SBOM with trivy image --format cyclonedx -o sbom.json name:tag . Add --skip-db-update to scan without touching the network. The cache and database are on a dedicated data disk at /var/lib/trivy and exported as TRIVY_CACHE_DIR for every login shell. Refresh the database any time with trivy image --download-db-only. Use --severity CRITICAL,HIGH and --exit-code 1 to gate CI pipelines on findings.
Resources
Vendor resources
Support
Vendor support
cloudimg provides 24/7 technical support for this product by email and live chat.
Contact: support@cloudimg.co.uk
Response Times: Critical issues receive a one-hour average response.
Scope of Support:
- Deployment and initial configuration assistance
- Trivy scan configuration, severity gating, and exit-code setup
- Ignore policies and false-positive management
- SBOM generation (CycloneDX and SPDX formats)
- Infrastructure-as-code and Kubernetes misconfiguration scanning
- Vulnerability database refresh and air-gapped operation
- CI/CD integration and pipeline configuration
- Performance tuning and troubleshooting
- Instance updates and maintenance guidance
Refunds: For refund requests or billing inquiries, contact support@cloudimg.co.uk with your AWS Marketplace order details.
Getting Started: After launching the AMI, email support@cloudimg.co.uk if you need help with your first scan, CI integration planning, or any configuration questions. Our engineers are available around the clock to ensure you get value from the product quickly.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.