DEPRECATION: Sunset trivy aws subcommand from Trivy v0.53+

[simar7]

Summary

Trivy (v0.53+ onwards) will no longer include live cloud scanning as part of the core Trivy experience. Users are advised to install the Trivy AWS plugin, if this functionality is still desired. A migration guide can be found here

Scanning AWS Cloud resources for misconfigurations in IaC code scanning (Terraform, CloudFormation, etc.) remains unchanged.

Motivation

Currently the Trivy AWS cloud scanning functionality within the Trivy project is offered in an "experimental" state and we feel we have had many learnings to improve on this experience.

Since the plugin system of Trivy has been enhanced recently and trivy aws itself has found its place within its own repo, we can refactor the functionality of cloud scanning into a plugin.

Benefits

This change has several benefits:

1. Users can now install AWS live cloud scanning, on a per-need basis, if need be.
2. It reduces dependency bloat from Trivy as we no longer have to import several dependencies.
3. This change also allows us to define the architectural changes needed to write a new cloud plugin in the future. We foresee each cloud provider live scanner to be its own plugin (e.g. trivy azure, trivy gcp, etc.)