From 1a10174258f5d79e20a7bd017ba5bd9d2cb6a572 Mon Sep 17 00:00:00 2001
From: simar7 <1254783+simar7@users.noreply.github.com>
Date: Fri, 13 Jan 2023 06:46:07 -0800
Subject: [PATCH] docs: Add Trivy migration guide (#1961)

---
 docs/guides/trivy.md | 47 ++++++++++++++++++++++++++++++++++++++++++++
 mkdocs.yml           |  1 +
 2 files changed, 48 insertions(+)
 create mode 100644 docs/guides/trivy.md

diff --git a/docs/guides/trivy.md b/docs/guides/trivy.md
new file mode 100644
index 0000000000..f91a82ebb2
--- /dev/null
+++ b/docs/guides/trivy.md
@@ -0,0 +1,47 @@
+# Moving towards configuration scanning with Trivy
+Overtime we've taken [trivy][trivy] to be the go-to scanning tool for a vareity of things. This also includes terraform scanning.
+
+This section describes some differences between Trivy and tfsec.
+
+| Feature              | Trivy                                                  | tfsec                |
+|----------------------|--------------------------------------------------------|----------------------|
+| Policy Distribution | Embedded and Updated via Registry                      | Embedded             |
+| Custom Policies      | Rego                                                   | Rego, JSON, and YAML |
+| Supported Formats    | Dockerfile, JSON, YAML, Terraform, CloudFormation etc. | Terraform  Only      |
+
+
+# Comparison with examples
+## Simple scan
+### With Trivy
+```shell
+$ trivy config <dir>
+```
+### With tfsec
+```shell
+$ tfsec <dir>
+```
+
+## Passing tfvars
+### With Trivy
+```shell
+$ trivy --tf-vars <vars.tf> <dir>
+```
+### With tfsec
+```shell
+$ tfsec <dir> --tf-vars-file <vars.tf>
+```
+
+## Report formats
+### With Trivy
+```shell
+$ trivy config --format <format-type> <dir>
+```
+
+### With tfsec
+```shell
+$ tfsec <dir> --format <format-type>
+```
+
+We welcome any feedback if you find features that today are not available with Trivy misconfigration scanning that are available in tfsec. 
+
+[trivy]: https://github.com/aquasecurity/trivy
\ No newline at end of file
diff --git a/mkdocs.yml b/mkdocs.yml
index 116dd46a8e..4e3b79166f 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -25,6 +25,7 @@ theme:
 nav:
 - HOME: index.md
 - Guides:
+  - Migration: guides/trivy.md
   - Installation: guides/installation.md
   - Signature Verification: guides/signing.md
   - Quick Start: guides/quickstart.md