diff --git a/prowler/CHANGELOG.md b/prowler/CHANGELOG.md index 8801277aab..aadd96bd44 100644 --- a/prowler/CHANGELOG.md +++ b/prowler/CHANGELOG.md @@ -45,6 +45,7 @@ All notable changes to the **Prowler SDK** are documented in this file. ### 🐞 Fixed - Azure PostgreSQL flexible server inventory no longer aborts the whole subscription when the `connection_throttle.enable` parameter is missing (e.g. PostgreSQL v18), and logs the expected "Entra ID authentication not enabled" case as a warning instead of an error, so servers are still scanned [(#11045)](https://github.com/prowler-cloud/prowler/pull/11045) +- `iam_policy_allows_privilege_escalation` now includes the `privilege-escalation` category [(#11648)](https://github.com/prowler-cloud/prowler/pull/11648) ### 🔐 Security diff --git a/prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.metadata.json b/prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.metadata.json index 79b02882d7..4c7962242e 100644 --- a/prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.metadata.json +++ b/prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.metadata.json @@ -37,7 +37,8 @@ } }, "Categories": [ - "identity-access" + "identity-access", + "privilege-escalation" ], "DependsOn": [], "RelatedTo": [],