Skip to content


The Kubernetes Yaml Deployment files are available on GitHub in under /deploy/static.

Example - Deploy from GitHub

This will install the operator in the trivy-system namespace and configure it to scan all namespaces, except kube-system and trivy-system:

kubectl apply -f

To confirm that the Operator is running, check that the trivy-operator Deployment in the trivy-system namespace is available and all its containers are ready:

$ kubectl get deployment -n trivy-system
trivy-operator   1/1     1            1           11m

If for some reason it's not ready yet, check the logs of the trivy-operator Deployment for errors:

kubectl logs deployment/trivy-operator -n trivy-system

Advanced Configuration

You can configure Trivy-Operator to control it's behavior and adapt it to your needs. Aspects of the operator machinery are configured using environment variables on the operator Pod, while aspects of the scanning behavior are controlled by ConfigMaps and Secrets. To learn more, please refer to the Configuration documentation.



Uninstalling the operator and deleting custom resource definitions will also delete all generated security reports.

You can uninstall the operator with the following command:

kubectl delete -f