diff --git a/prowler/providers/azure/lib/service/service.py b/prowler/providers/azure/lib/service/service.py index ccb72a5abc..a4fc4b9b9b 100644 --- a/prowler/providers/azure/lib/service/service.py +++ b/prowler/providers/azure/lib/service/service.py @@ -1,4 +1,3 @@ -import time from concurrent.futures import ThreadPoolExecutor, as_completed from prowler.lib.logger import logger @@ -30,16 +29,6 @@ class AzureService: def __threading_call__(self, call, iterator): """Execute a function across multiple items using threading.""" items = list(iterator) if not isinstance(iterator, list) else iterator - item_count = len(items) - - call_name = getattr(call, "__name__", str(call)).strip("_") - call_name = " ".join(word.capitalize() for word in call_name.split("_")) - - logger.info( - f"Azure - Starting threads for '{call_name}' to process {item_count} items..." - ) - - start_time = time.perf_counter() futures = {self.thread_pool.submit(call, item): item for item in items} results = [] @@ -52,11 +41,6 @@ class AzureService: except Exception: pass - elapsed = time.perf_counter() - start_time - logger.info( - f"Azure - Completed '{call_name}' for {item_count} items in {elapsed:.2f}s" - ) - return results def __set_clients__(self, identity, session, service, region_config): diff --git a/prowler/providers/azure/services/keyvault/keyvault_rbac_secret_expiration_set/keyvault_rbac_secret_expiration_set.py b/prowler/providers/azure/services/keyvault/keyvault_rbac_secret_expiration_set/keyvault_rbac_secret_expiration_set.py index dadce7f56d..cd5ec567aa 100644 --- a/prowler/providers/azure/services/keyvault/keyvault_rbac_secret_expiration_set/keyvault_rbac_secret_expiration_set.py +++ b/prowler/providers/azure/services/keyvault/keyvault_rbac_secret_expiration_set/keyvault_rbac_secret_expiration_set.py @@ -1,21 +1,15 @@ -import time - from prowler.lib.check.models import Check, Check_Report_Azure -from prowler.lib.logger import logger from prowler.providers.azure.services.keyvault.keyvault_client import keyvault_client class keyvault_rbac_secret_expiration_set(Check): def execute(self) -> Check_Report_Azure: - start_time = time.perf_counter() findings = [] - total_secrets = 0 for subscription, key_vaults in keyvault_client.key_vaults.items(): for keyvault in key_vaults: if keyvault.properties.enable_rbac_authorization and keyvault.secrets: for secret in keyvault.secrets: - total_secrets += 1 report = Check_Report_Azure( metadata=self.metadata(), resource=secret ) @@ -28,10 +22,4 @@ class keyvault_rbac_secret_expiration_set(Check): report.status_extended = f"Secret '{secret.name}' in KeyVault '{keyvault.name}' has expiration date set." findings.append(report) - elapsed = time.perf_counter() - start_time - logger.info( - f"Check keyvault_rbac_secret_expiration_set: " - f"processed {total_secrets} secrets, created {len(findings)} findings in {elapsed:.2f}s" - ) - return findings diff --git a/prowler/providers/azure/services/keyvault/keyvault_service.py b/prowler/providers/azure/services/keyvault/keyvault_service.py index 1bf599c75b..d6bb683ffe 100644 --- a/prowler/providers/azure/services/keyvault/keyvault_service.py +++ b/prowler/providers/azure/services/keyvault/keyvault_service.py @@ -1,5 +1,3 @@ -import threading -import time from concurrent.futures import ThreadPoolExecutor from dataclasses import dataclass from datetime import datetime @@ -32,25 +30,16 @@ class KeyVault(AzureService): 3. Each vault's keys/secrets/monitor fetched in parallel """ logger.info("KeyVault - Getting key_vaults...") - total_start = time.perf_counter() key_vaults = {} for subscription, client in self.clients.items(): try: key_vaults[subscription] = [] - - list_start = time.perf_counter() vaults_list = list(client.vaults.list_by_subscription()) - list_elapsed = time.perf_counter() - list_start - logger.info(f"KeyVault - list_by_subscription took {list_elapsed:.2f}s") if not vaults_list: continue - logger.info( - f"KeyVault - Found {len(vaults_list)} vaults in subscription {subscription}" - ) - # Prepare items for parallel processing items = [ {"subscription": subscription, "keyvault": vault} @@ -66,29 +55,19 @@ class KeyVault(AzureService): f"Subscription name: {subscription} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" ) - total_elapsed = time.perf_counter() - total_start - logger.info(f"KeyVault - _get_key_vaults TOTAL took {total_elapsed:.2f}s") - return key_vaults def _process_single_keyvault(self, item: dict) -> Optional["KeyVaultInfo"]: """Process a single KeyVault in parallel.""" subscription = item["subscription"] keyvault = item["keyvault"] - thread_id = threading.current_thread().name try: - start_time = time.perf_counter() resource_group = keyvault.id.split("/")[4] keyvault_name = keyvault.name - logger.info( - f"KeyVault - [{thread_id}] Processing vault {keyvault_name} START" - ) - keyvault_properties = keyvault.properties # Fetch keys, secrets, and monitor in parallel - parallel_start = time.perf_counter() with ThreadPoolExecutor(max_workers=3) as executor: keys_future = executor.submit( self._get_keys, subscription, resource_group, keyvault_name @@ -106,14 +85,6 @@ class KeyVault(AzureService): keys = keys_future.result() secrets = secrets_future.result() monitor_settings = monitor_future.result() - parallel_elapsed = time.perf_counter() - parallel_start - - total_elapsed = time.perf_counter() - start_time - logger.info( - f"KeyVault - [{thread_id}] Vault {keyvault_name} DONE: " - f"parallel={parallel_elapsed:.2f}s, total={total_elapsed:.2f}s, " - f"keys={len(keys)}, secrets={len(secrets)}" - ) return KeyVaultInfo( id=getattr(keyvault, "id", ""), @@ -167,10 +138,6 @@ class KeyVault(AzureService): return None def _get_keys(self, subscription, resource_group, keyvault_name): - thread_id = threading.current_thread().name - start_time = time.perf_counter() - logger.info(f"KeyVault - [{thread_id}] _get_keys({keyvault_name}) START") - keys = [] keys_dict = {} @@ -228,12 +195,6 @@ class KeyVault(AzureService): f"Subscription name: {subscription} -- has no access policy configured for keyvault {keyvault_name}" ) - elapsed = time.perf_counter() - start_time - logger.info( - f"KeyVault - [{thread_id}] _get_keys({keyvault_name}) DONE: " - f"{len(keys)} keys in {elapsed:.2f}s" - ) - return keys def _get_single_rotation_policy(self, item: dict) -> tuple: @@ -253,10 +214,6 @@ class KeyVault(AzureService): return (prop.name, None) def _get_secrets(self, subscription, resource_group, keyvault_name): - thread_id = threading.current_thread().name - start_time = time.perf_counter() - logger.info(f"KeyVault - [{thread_id}] _get_secrets({keyvault_name}) START") - secrets = [] try: client = self.clients[subscription] @@ -289,19 +246,9 @@ class KeyVault(AzureService): f"Subscription name: {subscription} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" ) - elapsed = time.perf_counter() - start_time - logger.info( - f"KeyVault - [{thread_id}] _get_secrets({keyvault_name}) DONE: " - f"{len(secrets)} secrets in {elapsed:.2f}s" - ) - return secrets def _get_vault_monitor_settings(self, keyvault_name, resource_group, subscription): - thread_id = threading.current_thread().name - start_time = time.perf_counter() - logger.info(f"KeyVault - [{thread_id}] _get_monitor({keyvault_name}) START") - monitor_diagnostics_settings = [] try: monitor_diagnostics_settings = monitor_client.diagnostic_settings_with_uri( @@ -314,12 +261,6 @@ class KeyVault(AzureService): f"Subscription name: {subscription} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}" ) - elapsed = time.perf_counter() - start_time - logger.info( - f"KeyVault - [{thread_id}] _get_monitor({keyvault_name}) DONE: " - f"{len(monitor_diagnostics_settings)} settings in {elapsed:.2f}s" - ) - return monitor_diagnostics_settings