ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-03-28 19:10:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ben.carrasco:3.15.1
Branches Tags
ben.carrasco:master ben.carrasco:chore/GHA-271823-stepsecurity-remediation ben.carrasco:feat/PROWLER-881-findings-grouped-view ben.carrasco:feat/prowler-1149-entra-conditional-access-policy-block-insider-risk-o365 ben.carrasco:feat/prowler-1150-entra-conditional-access-policy-block-elevated-insider-risk ben.carrasco:feat/prowler-450-organization-switch ben.carrasco:chore/pnpm-supply-chain-protection ben.carrasco:feat/prowler-1147-entra-conditional-access-policy-device-registration-mfa ben.carrasco:fix/ui-precommit-hook-skip-bug ben.carrasco:refactor/ui-remove-pills-clear-all-button ben.carrasco:chore/GHA-261831-stepsecurity-remediation ben.carrasco:PROWLER-1253-implement-directory-service-checks-for-google-workspace-provider-clean ben.carrasco:dependabot/pip/requests-2.33.0 ben.carrasco:feat/vercel-sdk ben.carrasco:dependabot/uv/mcp_server/requests-2.33.0 ben.carrasco:dependabot/pip/api/requests-2.33.0 ben.carrasco:k8s-ocsf ben.carrasco:v5.22 ben.carrasco:mcp-resource-timeline-tool ben.carrasco:PROWLER-1251-porting-attack-paths-scan-temporary-database-from-neo-4-j-to-grafeo ben.carrasco:PROWLER-1250-extend-resource-group-filter-for-all-providers ben.carrasco:docs/fix-missing-onboarding-step ben.carrasco:dependabot/pip/api/authlib-1.6.9 ben.carrasco:dependabot/pip/api/pyasn1-0.6.3 ben.carrasco:dependabot/pip/authlib-1.6.9 ben.carrasco:dependabot/pip/pyjwt-2.12.0 ben.carrasco:dependabot/pip/master/moto-5.1.21 ben.carrasco:feat/cisa-scuba-googleworkspace-compliance ben.carrasco:feat/cis-googleworkspace-compliance ben.carrasco:feat/aspm-provider ben.carrasco:fix/oraclecloud-idp-group-mapping-events-10411 ben.carrasco:feat/vercel-ui ben.carrasco:PROWLER-1225-fix-read-queries-on-the-read-replica-that-doesnt-use-the-write-replica-on-retries--second-attempt ben.carrasco:v5.21 ben.carrasco:feat/vercel-api ben.carrasco:dependabot/pip/api/pyjwt-2.12.0 ben.carrasco:aws-regions-update-175 ben.carrasco:feat/s3-bucket-website-hosting-check ben.carrasco:fix/legacy-metadata-validators-error ben.carrasco:dependabot/uv/mcp_server/authlib-1.6.9 ben.carrasco:dependabot/uv/mcp_server/fastmcp-2.14.2 ben.carrasco:dependabot/uv/mcp_server/pyjwt-2.12.0 ben.carrasco:PROWLER-1225-fix-read-queries-on-the-read-replica-that-doesnt-use-the-write-replica-on-retries ben.carrasco:dependabot/npm_and_yarn/ui/next-16.1.7 ben.carrasco:dependabot/pip/pyasn1-0.6.3 ben.carrasco:backport/v5.20/pr-10360 ben.carrasco:feat/add-rbi-compliance-gcp ben.carrasco:feat/github-organization-repository-deletion-limited ben.carrasco:backport/v5.20/pr-10314 ben.carrasco:PRWLR-7706-add-pydantic-validators-to-check-metadata-model-per-rfc-specification ben.carrasco:k8s-dedup-rbac-findings-subject ben.carrasco:v5.20 ben.carrasco:fix/ci-e2e-empty-test-dirs ben.carrasco:v5.19 ben.carrasco:feat/prowler-683-4-cli-integration ben.carrasco:feat/prowler-683-3-compliance-jsons ben.carrasco:feat/prowler-683-2-universal-outputs ben.carrasco:feat/prowler-683-1-universal-models ben.carrasco:backport/v5.19/pr-10270 ben.carrasco:fix/attack-paths-elb-exposed-internet ben.carrasco:DEVREL-93-prowler-gha-poc-as-gh-service ben.carrasco:fix/codeartifact-list-package-versions-unbounded-fetch ben.carrasco:copilot/sub-pr-10236 ben.carrasco:feat/prowler-1151-entra-conditional-access-policy-unknown-device-blocked ben.carrasco:DEVREL-93-prowler-gha-poc ben.carrasco:ensure-key-format-cloudflare ben.carrasco:aws-regions-update-174 ben.carrasco:feat/prowler-1140-entra-legacy-authentication-blocked ben.carrasco:feat/vercel ben.carrasco:fix-ocsf-params ben.carrasco:v5.18 ben.carrasco:dependabot/pip/api/werkzeug-3.1.6 ben.carrasco:dependabot/pip/api/flask-3.1.3 ben.carrasco:dependabot/uv/mcp_server/cryptography-46.0.5 ben.carrasco:dependabot/uv/mcp_server/python-multipart-0.0.22 ben.carrasco:feat/prowler-1138-entra-conditional-access-policy-risky-sign-in-mfa ben.carrasco:feat/PROWLER-1091-create-new-stepper-implement-aws-organizations-endpoints ben.carrasco:feat/PROWLER-943-image-provider-ui ben.carrasco:dependabot/pip/werkzeug-3.1.6 ben.carrasco:dependabot/pip/flask-3.1.3 ben.carrasco:dependabot/pip/protobuf-6.33.5 ben.carrasco:feat/prowler-1139-entra-conditional-access-policy-require-password-change-high-risk-users ben.carrasco:feat/PROWLER-943-stage-3-a-image-provider-ui ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-rebased ben.carrasco:fix-reporting-docs-1771930526 ben.carrasco:feat/prowler-837-entra-guest-users-mfa-enabled ben.carrasco:feat/prowler-838-entra-sign-in-frequency-for-non-corporate-devices ben.carrasco:feat/prowler-836-entra-policy-blocks-unknown-unsupported-device-platforms ben.carrasco:docs-agentic-workflow ben.carrasco:aws-regions-update-173 ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-redo ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-v2 ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-support ben.carrasco:dependabot/pip/api/cryptography-46.0.5 ben.carrasco:PROWLER-1099-api-scan-schedule-model-provider-fk-migration ben.carrasco:PROWLER-1100-api-crud-endpoints ben.carrasco:PROWLER-1098-cron-based-scan-scheduling ben.carrasco:copilot/fix-return-in-finally-block ben.carrasco:review_metadata_gcp_artifacts ben.carrasco:feat/prowler-836-entra-policy-unknown-unsupported-device-platforms-blocked ben.carrasco:PROWLER-1033-start-api-without-neo-4-j ben.carrasco:PROWLER-1084-skill-prowler-changelog-review ben.carrasco:revert-10028-fix/fidings-filters-navitagion-fail-v4 ben.carrasco:backport/v5.18/pr-10028 ben.carrasco:backport/v5.18/pr-10025 ben.carrasco:backport/v5.18/pr-10021 ben.carrasco:backport/v5.18/pr-10017 ben.carrasco:feat/elasticsearch-integration ben.carrasco:fix/ui-scans-polling-optimization ben.carrasco:image-scan-poc ben.carrasco:dependabot/pip/master/pytest-cov-6.3.0 ben.carrasco:dependabot/pip/master/coverage-7.10.7 ben.carrasco:dependabot/pip/master/pytest-8.4.2 ben.carrasco:dependabot/pip/master/pre-commit-4.3.0 ben.carrasco:dependabot/pip/master/flake8-7.3.0 ben.carrasco:dependabot/pip/master/freezegun-1.5.5 ben.carrasco:dependabot/pip/master/marshmallow-4.0.1 ben.carrasco:dependabot/pip/master/openapi-spec-validator-0.7.2 ben.carrasco:dependabot/pip/master/pytest-xdist-3.8.0 ben.carrasco:dependabot/pip/master/bandit-1.8.6 ben.carrasco:dependabot/pip/master/black-25.11.0 ben.carrasco:dependabot/pip/master/pytest-randomly-4.0.1 ben.carrasco:dependabot/pip/master/pylint-3.3.9 ben.carrasco:PROWLER-960-jwt-key-generation-fails-with-permission-error-on-fresh-docker-compose-deployment ben.carrasco:aws-regions-update-170 ben.carrasco:feat/prowler-838-entra-conditional-access-policy-enforce-sign-in-frequency ben.carrasco:v5.17 ben.carrasco:dependabot/pip/api/azure-core-1.38.0 ben.carrasco:feat/PROWLER-774-Findings-Hierarchical-Tree-View-Check-Resources ben.carrasco:PROWLER-822-high-cloudflare-zone-waf-enabled-check-false-positive ben.carrasco:backport/v5.17/pr-9892 ben.carrasco:PROWLER-690-feature-add-batch-provider-creation-endpoint-api ben.carrasco:feat/migrate-to-prek ben.carrasco:aws-regions-update-169 ben.carrasco:PROWLER-693-enhancement-add-status-field-to-provider-model-api ben.carrasco:aws-regions-update-168 ben.carrasco:dependabot/uv/mcp_server/starlette-0.49.1 ben.carrasco:dependabot/uv/mcp_server/urllib3-2.6.3 ben.carrasco:PROWLER-512-merge-attack-paths ben.carrasco:v5.16 ben.carrasco:attack-paths-demo-extras ben.carrasco:PROWLER-511-solve-one-neo-4-j-database-per-provider ben.carrasco:fix/black-formatting-validate-compliance ben.carrasco:feat/prowler-compliance-review-skill ben.carrasco:PROWLER-663-improve-skill-md-and-correct-typos-for-the-compliance-part ben.carrasco:dependabot/pip/master/google-auth-httplib2-0.2.1 ben.carrasco:feat/sns-integration ben.carrasco:feat/github-integration ben.carrasco:update-api-lock ben.carrasco:fix/v5.16-version-alignment ben.carrasco:api-5.16-changelog ben.carrasco:v5.15 ben.carrasco:feat/PROWLER-22-Risk-Radar-Component-UI-2 ben.carrasco:backport/v5.15/pr-9567 ben.carrasco:feat/api-query-performance-guide ben.carrasco:feat/ui-gga-code-review ben.carrasco:backport/v5.15/pr-9558 ben.carrasco:aws-regions-update-163 ben.carrasco:PROWLER-481-issues-with-ia-c-scan-in-bug-repos ben.carrasco:add-search-provider-bar ben.carrasco:chore/ui-e2e-cloud-tests ben.carrasco:feat/ui-scans-resources-link ben.carrasco:backport/v5.14/pr-9489 ben.carrasco:backport/v5.14/pr-9487 ben.carrasco:aws-regions-update-162 ben.carrasco:feat/PROWLER-34-Risk-Plot-Component-UI ben.carrasco:rbi-framework-support ben.carrasco:PROWLER-XX-separate-runner-for-aws-tests ben.carrasco:v5.14 ben.carrasco:feat/api-providers-severity-endpoint ben.carrasco:feat/PROWLER-447-Attack-surface-component-Front ben.carrasco:backport/v5.14/pr-9345 ben.carrasco:aws-regions-update-161 ben.carrasco:PROWLER-182-kubernetes-add-and-connect-the-provider ben.carrasco:PROWLER-181-gcp-add-and-connect-the-provider ben.carrasco:backport/v5.13/pr-9274 ben.carrasco:PRWLR-7853-asff-first-observed-at-is-not-taking-into-account-the-finding-can-exist ben.carrasco:backport/v5.13/pr-9208 ben.carrasco:v5.13 ben.carrasco:PRWLR-7885-fix-report-timestamps ben.carrasco:DEVREL-115-fix-anchors ben.carrasco:backport/v5.13/pr-9054 ben.carrasco:PROWLER-285-aws-add-an-connect-the-provider-sdk-default-env ben.carrasco:prwlr-7751-github-app-authentication-incorrectly-handles-key-parameter-and-environment-variables ben.carrasco:PROWLER-376-update-docs-with-gcp-permissions ben.carrasco:DEVREL-98-include-open-api-specification-in-mintlify ben.carrasco:add-timeout-thread ben.carrasco:DEVREL-109-add-link-to-aws-console-in-aws-findings ben.carrasco:PROWLER-185-launch-scheduled-scan ben.carrasco:add-links-to-iac-findings ben.carrasco:PROWLER-186-launch-on-demand-scan ben.carrasco:chore-api-prowler-version-update ben.carrasco:api-mintlify-docs ben.carrasco:PROWLER-188-invite-new-user ben.carrasco:PROWLER-197-out-of-scope-github-add-an-connect-the-provider ben.carrasco:PROWLER-XX-check-all-checks-have-passed ben.carrasco:backport/v5.13/pr-9062 ben.carrasco:PROWLER-253-extract-aws-data-from-prowler-database-and-transform-it-to-be-ingested-by-cartography ben.carrasco:workshop-as-docs ben.carrasco:create-alibaba-provider ben.carrasco:PRWLR-7835-amazon-bedrock ben.carrasco:feat/gcp-cloudstorage-versioning-enabled ben.carrasco:feat/cloudflare-provider ben.carrasco:feat/stuck-scans-command ben.carrasco:PROWLER-XX-update-changelogs ben.carrasco:refactor/graph-components-kebab-case ben.carrasco:fix-threatscore-s3-location ben.carrasco:demo-api-key ben.carrasco:trigger-preview ben.carrasco:api-changelog-1-14 ben.carrasco:feat/PRWLR-7763-new-credentials-form ben.carrasco:PROWLER-258-github-social-sign-up ben.carrasco:feat/PRWLR-7933-UI-Api-Key ben.carrasco:attribute-error-in-m365 ben.carrasco:v5.12 ben.carrasco:api-keys-docs-improvement ben.carrasco:iac-in-the-app ben.carrasco:pr-8743 ben.carrasco:PRWLR-8174-add-additional-compliance-information-to-compliance-detail-page-ui ben.carrasco:PRWLR-7170-improve-html-output-in-prowler ben.carrasco:todo-check-class ben.carrasco:review-metadata-aws-neptune ben.carrasco:fix/nextjs-cache-folder-not-found ben.carrasco:update-api-dependency-v5.12-1757406446 ben.carrasco:aws-services-regions-updated-422a8a0f625cee103be5e5a97b9639f49997b949 ben.carrasco:PRWLR-7873-add-all-finding-fields-in-the-ticket-summary-table-jira ben.carrasco:backport/v5.11/pr-8619 ben.carrasco:backport/v5.11/pr-8629 ben.carrasco:backport/v5.11/pr-8638 ben.carrasco:aws-services-regions-updated-fdb76e78207e10cf07660bbfa70665fc6552c0dd ben.carrasco:v5.11 ben.carrasco:nitpicks/7e7fce94-067a-47b0-b6d1-9b1f4ccac28f ben.carrasco:PRWLR-6707-create-a-way-of-reporting-for-prowler-threatscore ben.carrasco:v5.10 ben.carrasco:fix-threatscore-scoring ben.carrasco:PRWLR-7212-recommend-fix ben.carrasco:PRWLR-7784-cloud-providers-connection-filter-status-labels ben.carrasco:add-posthog-integration ben.carrasco:PRWLR-7732-add-mutelist-menu-item ben.carrasco:v5.9 ben.carrasco:alert-autofix-55 ben.carrasco:PRWLR-7212-recommend ben.carrasco:nitpicks/678b4540-69e7-4be1-802c-11e249359177 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359177 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359176 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359175 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359174 ben.carrasco:PRWLR-7606-add-github-provider-to-ui ben.carrasco:fix/kisa-isms-p_compilance ben.carrasco:fix-gh-typo ben.carrasco:backport/v5.9/pr-8265 ben.carrasco:PRWLR-7569-create-different-flows-of-onboarding-in-m-365 ben.carrasco:feature/add-posthog-analytics ben.carrasco:PRWLR-7635-mongodbatlas-additional-checks ben.carrasco:PRWLR-7635-mongodbatlas-provider-foundation ben.carrasco:v5.8 ben.carrasco:PRWLR-6064-change-user-deletion-api-response ben.carrasco:backport/v5.8/pr-8257 ben.carrasco:backport/v5.7/pr-8270 ben.carrasco:update-fixers-docs ben.carrasco:PRWLR-7205-migrate-fixers-to-new-class-structure ben.carrasco:PRWLR-5093-design-the-fixer-class ben.carrasco:PRWLR-7597-fix-and-optimize-search-filters-for-findings-and-resources ben.carrasco:backport/v5.8/pr-8253 ben.carrasco:PRWLR-7512-create-custom-link-component ben.carrasco:PRWLR-7524-improve-api-performance-on-scan-page-using-include-param ben.carrasco:v5.7 ben.carrasco:PRWLR-7386-playwright-setup-nextjs ben.carrasco:backport/v5.7/pr-8087 ben.carrasco:PRWLR-7459-support-for-scanning-remote-git-repositories-specified-by-url ben.carrasco:api-add-missing-map ben.carrasco:PRWLR-7346-create-a-db-helper-to-create-indexes-following-best-practices ben.carrasco:PRWLR-4758-django-must-support-read-only-replica-database-config ben.carrasco:PRWLR-7134-api-performance-tests-for-resources ben.carrasco:fix/update-changelog-and-block-1st-item-in-providers-selector ben.carrasco:psql-proxy ben.carrasco:PRWLR-7292-old-scans-not-shown-when-all-providers-have-connection-fail ben.carrasco:PRWLR-7160-findings-page-scan-id-filter-improvement ben.carrasco:showdown-demo ben.carrasco:backport/v5.7/pr-7928 ben.carrasco:PRWLR-7302-nextjs-analyst ben.carrasco:backport/v5.7/pr-7921 ben.carrasco:PRWLR-7297-django-endpoint ben.carrasco:api-changelog-5.7.2 ben.carrasco:update-changelog ben.carrasco:PRWLR-7318-add-ia-c-provider-tests ben.carrasco:PRWLR-6367-create-a-finding-new-uid-column-to-avoid-length-limitations ben.carrasco:PRWLR-5556-ensure-inactive-users-are-reviewed-and-removed-periodically ben.carrasco:fix/7508-review-fixes ben.carrasco:PRWLR-5989-ensure-that-spf-records-are-published-for-all-exchange ben.carrasco:v5.6 ben.carrasco:backport/v5.6/pr-7746 ben.carrasco:PRWLR-7117-implement-new-findings-latest-endpoint-API-UI ben.carrasco:poc-ui-e2e ben.carrasco:review-changelogs-for-v5.6 ben.carrasco:v5.5 ben.carrasco:PRWLR-6373-Implement-Compliance-Outputs-UI-temp ben.carrasco:PRWLR-6886-sdk-aws-resource-po-c ben.carrasco:PRWLR-6834-exclude-checks-in-prowler-api ben.carrasco:improve-rls-policies ben.carrasco:M365-testing ben.carrasco:PRWLR-6643-capture-sentry-exceptions ben.carrasco:PRWLR-6464-running-into-302-error-subscription-could-not-be-found-7214 ben.carrasco:v4.6 ben.carrasco:PRWLR-6469-review-resource-types-in-check-metadata-2nd-round ben.carrasco:v5.4 ben.carrasco:backport/v4.6/pr-7420 ben.carrasco:v3 ben.carrasco:backport/v4.6/pr-7410 ben.carrasco:backport/v4.6/pr-7330 ben.carrasco:backport/v3/pr-7330 ben.carrasco:improve-deletion-process ben.carrasco:PRWLR-6502-improve-docs-adding-videos ben.carrasco:PRWLR-6472-add-docs-inside-ui-page-for-each-provider ben.carrasco:PRWLR-6455-change-microsoft-365-check-names ben.carrasco:revert-7112-PRWLR-6398-upgrade-poetry-to-v-2-in-prowler ben.carrasco:fix-api-prowler-dep ben.carrasco:backport/v4.6/pr-7205 ben.carrasco:backport/v5.4/pr-7141 ben.carrasco:v5.3 ben.carrasco:PRWLR-5956-Export-Artifacts-only-UIpart-v2 ben.carrasco:backport/v5.2/pr-6947 ben.carrasco:backport/v4.6/pr-6896 ben.carrasco:backport/v4.6/pr-6908 ben.carrasco:PRWLR-5956-Export-Artifacts-only-UIpart ben.carrasco:PRWLR-5860-ensure-security-defaults-is-disabled ben.carrasco:v5.2 ben.carrasco:backport/v3/pr-6823 ben.carrasco:backport/v3/pr-6822 ben.carrasco:backport/v3/pr-6824 ben.carrasco:PRWLR-6129-review-check-report-init-for-region-resource-id-resource-arn ben.carrasco:PRWLR-5956-Export-Artifacts ben.carrasco:PRWLR-6143-fix-error-related-with-detect-secrets ben.carrasco:v5.1 ben.carrasco:v5.0 ben.carrasco:backport/v3/pr-6611 ben.carrasco:backport/v3/pr-6352 ben.carrasco:PRWLR-5573-ensure-scanners-are-in-place-for-open-source-vulnerabilities-in-used-packages ben.carrasco:PRWLR-4669-Roles-Page-UI-with-API-changes ben.carrasco:PRWLR-5831-review-and-fix-all-the-nonetypes-from-prod-logs ben.carrasco:PRWLR-4669-Roles-Page-API-UI ben.carrasco:PRWLR-5516-ensure-branch-protection-is-enforced-on-the-default-branch ben.carrasco:PRWLR-5535-ensure-linear-history-is-required ben.carrasco:backport/v3/pr-6122 ben.carrasco:PRWLR-5696-debug-django-loosing-db-connections ben.carrasco:backport/v4.4/pr-5195 ben.carrasco:PRWLR-5513-enforce-two-approval-requirement-for-code-changes-in-git-hub-repositories ben.carrasco:PRWLR-5550-Scans-New-attribute-Next-scan-schedule ben.carrasco:backport/v3/pr-5961 ben.carrasco:PRWLR-4785-remove-only-logs ben.carrasco:v4.5 ben.carrasco:PRWLR-5281-po-c-development ben.carrasco:PRWLR-5266-review-checks-executed-by-sdk-and-cli ben.carrasco:v4.4 ben.carrasco:PRWLR-4539-iam-customer-managed-policies-should-not-allow-decryption-actions-on-all-kms-keys ben.carrasco:PRWLR-4554-open-search-domains-should-have-at-least-three-data-nodes-with-zone-awareness-enabled ben.carrasco:PRWLR-4969-ensure-elasticsearch-domains-have-at-least-three-dedicated-master-nodes ben.carrasco:prowler-inventory ben.carrasco:PRWLR-4985-fix-resource-type-aws-metadata ben.carrasco:PRWLR-4782-research-about-removing-the-checks-metadata-loading-from-the-check-class ben.carrasco:v4.3 ben.carrasco:PRWLR-4785-review-only-logs-and-remove-it ben.carrasco:PRWLR-4820-error-in-gcp-execution-error-global-key-error-32-accounts ben.carrasco:PRWLR-4778-git-hub-issue-ensure-no-security-groups-allow-ingress-from-wide-open-non-rfc-1918-address-false-positive-4936 ben.carrasco:improve-ocsf ben.carrasco:PRWLR-4674-refactor-cloudfront-service ben.carrasco:dev-memory-management-optimization-poc ben.carrasco:PRWLR-4601-conflicting-documentation-for-mutelist-tags-on-aws-4782 ben.carrasco:PRWLR-4226-bad-dynamo-db-checks-i-ds ben.carrasco:PRWLR-3963-Create-new-tests-for-new-impersonate-account-of-GCP ben.carrasco:revert-4202-bugfix/execute-custom-rules ben.carrasco:v4.2 ben.carrasco:PRWLR-3773-add-listing-functions-to-new-cli ben.carrasco:PRWLR-3778-kubernetes-core-service-error ben.carrasco:PRWLR-3635-Azure-Review-checks-iam_subscription_roles_owner_custom_not_created-and-iam_custom_role_has_permissions_to_administer_resource_locks ben.carrasco:PRWLR-752-run-subservices-by-service-subservices ben.carrasco:PRWLR-2756-OSS-Amazon-Managed-Streaming-for-Apache-Kafka-MSK-Checks ben.carrasco:PRWLR-3666-bug-check-failing-due-to-iam-roles-created-by-aws-control-tower-and-aft-with-administrator-access-policy-3810 ben.carrasco:elasticache-keyerror ben.carrasco:PRWLR-3580-oss-map-k-8-s-checks-to-mitre-att-ck-framework ben.carrasco:cis-azure-fixes ben.carrasco:3865-bug-efs_not_publicly_accessible-does-not-consider-recommended-aws-condition ben.carrasco:v4.1 ben.carrasco:new-public-exposed-checks ben.carrasco:json-ocsf-checkid ben.carrasco:ens_compliance ben.carrasco:work-on-audit-manager ben.carrasco:refactor-audit-info-sagemaker ben.carrasco:bypass-compute-service ben.carrasco:fix-audit-info-tests ben.carrasco:PRWLR-2798-prowler-create-flag-to-remove-output-files-if-sent-to-an-external-provider ben.carrasco:fix-vpc_different_regions ben.carrasco:prowler-2 ben.carrasco:load-once-checks-metadata-info
ben.carrasco:5.22.0 ben.carrasco:5.21.1 ben.carrasco:5.21.0 ben.carrasco:5.20.0 ben.carrasco:5.19.0 ben.carrasco:5.18.3 ben.carrasco:5.18.2 ben.carrasco:5.18.1 ben.carrasco:5.18.0 ben.carrasco:5.17.1 ben.carrasco:5.17.0 ben.carrasco:5.16.1 ben.carrasco:5.16.0 ben.carrasco:5.15.1 ben.carrasco:5.15.0 ben.carrasco:5.14.2 ben.carrasco:5.14.1 ben.carrasco:5.14.0 ben.carrasco:5.13.1 ben.carrasco:5.13.0 ben.carrasco:5.12.3 ben.carrasco:5.12.2 ben.carrasco:5.12.1 ben.carrasco:5.12.0 ben.carrasco:5.11.0 ben.carrasco:5.10.2 ben.carrasco:5.10.1 ben.carrasco:5.10.0 ben.carrasco:5.9.2 ben.carrasco:5.9.1 ben.carrasco:5.9.0 ben.carrasco:5.8.1 ben.carrasco:5.8.0 ben.carrasco:5.7.5 ben.carrasco:5.7.4 ben.carrasco:5.7.3 ben.carrasco:5.7.2 ben.carrasco:5.7.1 ben.carrasco:5.7.0 ben.carrasco:5.6.0 ben.carrasco:5.5.1 ben.carrasco:5.5.0 ben.carrasco:5.4.4 ben.carrasco:5.4.3 ben.carrasco:5.4.2 ben.carrasco:5.4.1 ben.carrasco:5.4.0 ben.carrasco:5.3.0 ben.carrasco:5.2.3 ben.carrasco:5.2.2 ben.carrasco:5.2.1 ben.carrasco:5.2.0 ben.carrasco:5.1.5 ben.carrasco:5.1.4 ben.carrasco:5.1.3 ben.carrasco:5.1.2 ben.carrasco:5.1.1 ben.carrasco:5.1.0 ben.carrasco:5.0.5 ben.carrasco:5.0.4 ben.carrasco:5.0.3 ben.carrasco:5.0.2 ben.carrasco:5.0.1 ben.carrasco:4.6.2 ben.carrasco:5.0.0 ben.carrasco:4.6.1 ben.carrasco:4.6.0 ben.carrasco:4.5.3 ben.carrasco:4.5.2 ben.carrasco:4.5.1 ben.carrasco:4.5.0 ben.carrasco:4.4.1 ben.carrasco:4.4.0 ben.carrasco:4.3.7 ben.carrasco:4.3.6 ben.carrasco:3.16.17 ben.carrasco:4.3.5 ben.carrasco:4.3.4 ben.carrasco:3.16.16 ben.carrasco:3.16.15 ben.carrasco:4.3.3 ben.carrasco:4.3.2 ben.carrasco:4.3.1 ben.carrasco:4.3.0 ben.carrasco:3.16.14 ben.carrasco:3.16.13 ben.carrasco:3.16.12 ben.carrasco:3.16.11 ben.carrasco:3.16.10 ben.carrasco:4.2.4 ben.carrasco:4.2.3 ben.carrasco:3.16.9 ben.carrasco:4.2.2 ben.carrasco:3.16.8 ben.carrasco:3.16.7 ben.carrasco:3.16.6 ben.carrasco:4.2.1 ben.carrasco:4.2.0 ben.carrasco:3.16.5 ben.carrasco:3.16.4 ben.carrasco:3.16.3 ben.carrasco:4.1.0 ben.carrasco:3.16.2 ben.carrasco:3.16.1 ben.carrasco:4.0.1 ben.carrasco:4.0.0 ben.carrasco:3.16.0 ben.carrasco:3.15.3 ben.carrasco:3.15.2 ben.carrasco:3.15.1 ben.carrasco:3.15.0 ben.carrasco:3.14.0 ben.carrasco:3.13.1 ben.carrasco:3.13.0 ben.carrasco:3.12.1 ben.carrasco:3.12.0 ben.carrasco:3.11.3 ben.carrasco:3.11.2 ben.carrasco:3.11.1 ben.carrasco:3.11.0 ben.carrasco:3.10.0 ben.carrasco:3.9.0 ben.carrasco:3.8.2 ben.carrasco:3.8.1 ben.carrasco:3.8.0 ben.carrasco:3.7.2 ben.carrasco:3.7.1 ben.carrasco:3.7.0 ben.carrasco:3.6.1 ben.carrasco:3.6.0 ben.carrasco:3.5.3 ben.carrasco:3.5.2 ben.carrasco:3.5.1 ben.carrasco:3.5.0 ben.carrasco:3.4.1 ben.carrasco:3.4.0 ben.carrasco:3.3.4 ben.carrasco:3.3.3 ben.carrasco:3.3.2 ben.carrasco:3.3.1 ben.carrasco:3.3.0 ben.carrasco:3.2.4 ben.carrasco:3.2.3 ben.carrasco:3.2.2 ben.carrasco:3.2.1 ben.carrasco:3.2.0 ben.carrasco:3.1.4 ben.carrasco:3.1.3 ben.carrasco:3.1.2 ben.carrasco:3.1.1 ben.carrasco:3.1.0 ben.carrasco:3.0.2 ben.carrasco:3.0.1 ben.carrasco:3.0.0 ben.carrasco:2.12.1 ben.carrasco:2.12.0 ben.carrasco:2.11.0 ben.carrasco:2.10.0 ben.carrasco:2.9.0 ben.carrasco:2.8.1 ben.carrasco:2.8.0 ben.carrasco:2.7.0 ben.carrasco:2.6.1 ben.carrasco:2.6.0 ben.carrasco:2.5.0 ben.carrasco:2.4.1 ben.carrasco:2.4.0 ben.carrasco:2.3.0-18122020 ben.carrasco:2.3.0RC ben.carrasco:2.2.0 ben.carrasco:2.0 ben.carrasco:2.0-Beta ben.carrasco:1.6 ben.carrasco:1.5 ben.carrasco:1.4 ben.carrasco:1.3 ben.carrasco:1.2 ben.carrasco:1.1.1 ben.carrasco:1.1 ben.carrasco:1.0
..
compare: ben.carrasco:3.15.2
Branches Tags
ben.carrasco:chore/GHA-271823-stepsecurity-remediation ben.carrasco:master ben.carrasco:feat/PROWLER-881-findings-grouped-view ben.carrasco:feat/prowler-1149-entra-conditional-access-policy-block-insider-risk-o365 ben.carrasco:feat/prowler-1150-entra-conditional-access-policy-block-elevated-insider-risk ben.carrasco:feat/prowler-450-organization-switch ben.carrasco:chore/pnpm-supply-chain-protection ben.carrasco:feat/prowler-1147-entra-conditional-access-policy-device-registration-mfa ben.carrasco:fix/ui-precommit-hook-skip-bug ben.carrasco:refactor/ui-remove-pills-clear-all-button ben.carrasco:chore/GHA-261831-stepsecurity-remediation ben.carrasco:PROWLER-1253-implement-directory-service-checks-for-google-workspace-provider-clean ben.carrasco:dependabot/pip/requests-2.33.0 ben.carrasco:feat/vercel-sdk ben.carrasco:dependabot/uv/mcp_server/requests-2.33.0 ben.carrasco:dependabot/pip/api/requests-2.33.0 ben.carrasco:k8s-ocsf ben.carrasco:v5.22 ben.carrasco:mcp-resource-timeline-tool ben.carrasco:PROWLER-1251-porting-attack-paths-scan-temporary-database-from-neo-4-j-to-grafeo ben.carrasco:PROWLER-1250-extend-resource-group-filter-for-all-providers ben.carrasco:docs/fix-missing-onboarding-step ben.carrasco:dependabot/pip/api/authlib-1.6.9 ben.carrasco:dependabot/pip/api/pyasn1-0.6.3 ben.carrasco:dependabot/pip/authlib-1.6.9 ben.carrasco:dependabot/pip/pyjwt-2.12.0 ben.carrasco:dependabot/pip/master/moto-5.1.21 ben.carrasco:feat/cisa-scuba-googleworkspace-compliance ben.carrasco:feat/cis-googleworkspace-compliance ben.carrasco:feat/aspm-provider ben.carrasco:fix/oraclecloud-idp-group-mapping-events-10411 ben.carrasco:feat/vercel-ui ben.carrasco:PROWLER-1225-fix-read-queries-on-the-read-replica-that-doesnt-use-the-write-replica-on-retries--second-attempt ben.carrasco:v5.21 ben.carrasco:feat/vercel-api ben.carrasco:dependabot/pip/api/pyjwt-2.12.0 ben.carrasco:aws-regions-update-175 ben.carrasco:feat/s3-bucket-website-hosting-check ben.carrasco:fix/legacy-metadata-validators-error ben.carrasco:dependabot/uv/mcp_server/authlib-1.6.9 ben.carrasco:dependabot/uv/mcp_server/fastmcp-2.14.2 ben.carrasco:dependabot/uv/mcp_server/pyjwt-2.12.0 ben.carrasco:PROWLER-1225-fix-read-queries-on-the-read-replica-that-doesnt-use-the-write-replica-on-retries ben.carrasco:dependabot/npm_and_yarn/ui/next-16.1.7 ben.carrasco:dependabot/pip/pyasn1-0.6.3 ben.carrasco:backport/v5.20/pr-10360 ben.carrasco:feat/add-rbi-compliance-gcp ben.carrasco:feat/github-organization-repository-deletion-limited ben.carrasco:backport/v5.20/pr-10314 ben.carrasco:PRWLR-7706-add-pydantic-validators-to-check-metadata-model-per-rfc-specification ben.carrasco:k8s-dedup-rbac-findings-subject ben.carrasco:v5.20 ben.carrasco:fix/ci-e2e-empty-test-dirs ben.carrasco:v5.19 ben.carrasco:feat/prowler-683-4-cli-integration ben.carrasco:feat/prowler-683-3-compliance-jsons ben.carrasco:feat/prowler-683-2-universal-outputs ben.carrasco:feat/prowler-683-1-universal-models ben.carrasco:backport/v5.19/pr-10270 ben.carrasco:fix/attack-paths-elb-exposed-internet ben.carrasco:DEVREL-93-prowler-gha-poc-as-gh-service ben.carrasco:fix/codeartifact-list-package-versions-unbounded-fetch ben.carrasco:copilot/sub-pr-10236 ben.carrasco:feat/prowler-1151-entra-conditional-access-policy-unknown-device-blocked ben.carrasco:DEVREL-93-prowler-gha-poc ben.carrasco:ensure-key-format-cloudflare ben.carrasco:aws-regions-update-174 ben.carrasco:feat/prowler-1140-entra-legacy-authentication-blocked ben.carrasco:feat/vercel ben.carrasco:fix-ocsf-params ben.carrasco:v5.18 ben.carrasco:dependabot/pip/api/werkzeug-3.1.6 ben.carrasco:dependabot/pip/api/flask-3.1.3 ben.carrasco:dependabot/uv/mcp_server/cryptography-46.0.5 ben.carrasco:dependabot/uv/mcp_server/python-multipart-0.0.22 ben.carrasco:feat/prowler-1138-entra-conditional-access-policy-risky-sign-in-mfa ben.carrasco:feat/PROWLER-1091-create-new-stepper-implement-aws-organizations-endpoints ben.carrasco:feat/PROWLER-943-image-provider-ui ben.carrasco:dependabot/pip/werkzeug-3.1.6 ben.carrasco:dependabot/pip/flask-3.1.3 ben.carrasco:dependabot/pip/protobuf-6.33.5 ben.carrasco:feat/prowler-1139-entra-conditional-access-policy-require-password-change-high-risk-users ben.carrasco:feat/PROWLER-943-stage-3-a-image-provider-ui ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-rebased ben.carrasco:fix-reporting-docs-1771930526 ben.carrasco:feat/prowler-837-entra-guest-users-mfa-enabled ben.carrasco:feat/prowler-838-entra-sign-in-frequency-for-non-corporate-devices ben.carrasco:feat/prowler-836-entra-policy-blocks-unknown-unsupported-device-platforms ben.carrasco:docs-agentic-workflow ben.carrasco:aws-regions-update-173 ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-redo ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-v2 ben.carrasco:feat/PROWLER-940-stage-2-a-image-provider-api-support ben.carrasco:dependabot/pip/api/cryptography-46.0.5 ben.carrasco:PROWLER-1099-api-scan-schedule-model-provider-fk-migration ben.carrasco:PROWLER-1100-api-crud-endpoints ben.carrasco:PROWLER-1098-cron-based-scan-scheduling ben.carrasco:copilot/fix-return-in-finally-block ben.carrasco:review_metadata_gcp_artifacts ben.carrasco:feat/prowler-836-entra-policy-unknown-unsupported-device-platforms-blocked ben.carrasco:PROWLER-1033-start-api-without-neo-4-j ben.carrasco:PROWLER-1084-skill-prowler-changelog-review ben.carrasco:revert-10028-fix/fidings-filters-navitagion-fail-v4 ben.carrasco:backport/v5.18/pr-10028 ben.carrasco:backport/v5.18/pr-10025 ben.carrasco:backport/v5.18/pr-10021 ben.carrasco:backport/v5.18/pr-10017 ben.carrasco:feat/elasticsearch-integration ben.carrasco:fix/ui-scans-polling-optimization ben.carrasco:image-scan-poc ben.carrasco:dependabot/pip/master/pytest-cov-6.3.0 ben.carrasco:dependabot/pip/master/coverage-7.10.7 ben.carrasco:dependabot/pip/master/pytest-8.4.2 ben.carrasco:dependabot/pip/master/pre-commit-4.3.0 ben.carrasco:dependabot/pip/master/flake8-7.3.0 ben.carrasco:dependabot/pip/master/freezegun-1.5.5 ben.carrasco:dependabot/pip/master/marshmallow-4.0.1 ben.carrasco:dependabot/pip/master/openapi-spec-validator-0.7.2 ben.carrasco:dependabot/pip/master/pytest-xdist-3.8.0 ben.carrasco:dependabot/pip/master/bandit-1.8.6 ben.carrasco:dependabot/pip/master/black-25.11.0 ben.carrasco:dependabot/pip/master/pytest-randomly-4.0.1 ben.carrasco:dependabot/pip/master/pylint-3.3.9 ben.carrasco:PROWLER-960-jwt-key-generation-fails-with-permission-error-on-fresh-docker-compose-deployment ben.carrasco:aws-regions-update-170 ben.carrasco:feat/prowler-838-entra-conditional-access-policy-enforce-sign-in-frequency ben.carrasco:v5.17 ben.carrasco:dependabot/pip/api/azure-core-1.38.0 ben.carrasco:feat/PROWLER-774-Findings-Hierarchical-Tree-View-Check-Resources ben.carrasco:PROWLER-822-high-cloudflare-zone-waf-enabled-check-false-positive ben.carrasco:backport/v5.17/pr-9892 ben.carrasco:PROWLER-690-feature-add-batch-provider-creation-endpoint-api ben.carrasco:feat/migrate-to-prek ben.carrasco:aws-regions-update-169 ben.carrasco:PROWLER-693-enhancement-add-status-field-to-provider-model-api ben.carrasco:aws-regions-update-168 ben.carrasco:dependabot/uv/mcp_server/starlette-0.49.1 ben.carrasco:dependabot/uv/mcp_server/urllib3-2.6.3 ben.carrasco:PROWLER-512-merge-attack-paths ben.carrasco:v5.16 ben.carrasco:attack-paths-demo-extras ben.carrasco:PROWLER-511-solve-one-neo-4-j-database-per-provider ben.carrasco:fix/black-formatting-validate-compliance ben.carrasco:feat/prowler-compliance-review-skill ben.carrasco:PROWLER-663-improve-skill-md-and-correct-typos-for-the-compliance-part ben.carrasco:dependabot/pip/master/google-auth-httplib2-0.2.1 ben.carrasco:feat/sns-integration ben.carrasco:feat/github-integration ben.carrasco:update-api-lock ben.carrasco:fix/v5.16-version-alignment ben.carrasco:api-5.16-changelog ben.carrasco:v5.15 ben.carrasco:feat/PROWLER-22-Risk-Radar-Component-UI-2 ben.carrasco:backport/v5.15/pr-9567 ben.carrasco:feat/api-query-performance-guide ben.carrasco:feat/ui-gga-code-review ben.carrasco:backport/v5.15/pr-9558 ben.carrasco:aws-regions-update-163 ben.carrasco:PROWLER-481-issues-with-ia-c-scan-in-bug-repos ben.carrasco:add-search-provider-bar ben.carrasco:chore/ui-e2e-cloud-tests ben.carrasco:feat/ui-scans-resources-link ben.carrasco:backport/v5.14/pr-9489 ben.carrasco:backport/v5.14/pr-9487 ben.carrasco:aws-regions-update-162 ben.carrasco:feat/PROWLER-34-Risk-Plot-Component-UI ben.carrasco:rbi-framework-support ben.carrasco:PROWLER-XX-separate-runner-for-aws-tests ben.carrasco:v5.14 ben.carrasco:feat/api-providers-severity-endpoint ben.carrasco:feat/PROWLER-447-Attack-surface-component-Front ben.carrasco:backport/v5.14/pr-9345 ben.carrasco:aws-regions-update-161 ben.carrasco:PROWLER-182-kubernetes-add-and-connect-the-provider ben.carrasco:PROWLER-181-gcp-add-and-connect-the-provider ben.carrasco:backport/v5.13/pr-9274 ben.carrasco:PRWLR-7853-asff-first-observed-at-is-not-taking-into-account-the-finding-can-exist ben.carrasco:backport/v5.13/pr-9208 ben.carrasco:v5.13 ben.carrasco:PRWLR-7885-fix-report-timestamps ben.carrasco:DEVREL-115-fix-anchors ben.carrasco:backport/v5.13/pr-9054 ben.carrasco:PROWLER-285-aws-add-an-connect-the-provider-sdk-default-env ben.carrasco:prwlr-7751-github-app-authentication-incorrectly-handles-key-parameter-and-environment-variables ben.carrasco:PROWLER-376-update-docs-with-gcp-permissions ben.carrasco:DEVREL-98-include-open-api-specification-in-mintlify ben.carrasco:add-timeout-thread ben.carrasco:DEVREL-109-add-link-to-aws-console-in-aws-findings ben.carrasco:PROWLER-185-launch-scheduled-scan ben.carrasco:add-links-to-iac-findings ben.carrasco:PROWLER-186-launch-on-demand-scan ben.carrasco:chore-api-prowler-version-update ben.carrasco:api-mintlify-docs ben.carrasco:PROWLER-188-invite-new-user ben.carrasco:PROWLER-197-out-of-scope-github-add-an-connect-the-provider ben.carrasco:PROWLER-XX-check-all-checks-have-passed ben.carrasco:backport/v5.13/pr-9062 ben.carrasco:PROWLER-253-extract-aws-data-from-prowler-database-and-transform-it-to-be-ingested-by-cartography ben.carrasco:workshop-as-docs ben.carrasco:create-alibaba-provider ben.carrasco:PRWLR-7835-amazon-bedrock ben.carrasco:feat/gcp-cloudstorage-versioning-enabled ben.carrasco:feat/cloudflare-provider ben.carrasco:feat/stuck-scans-command ben.carrasco:PROWLER-XX-update-changelogs ben.carrasco:refactor/graph-components-kebab-case ben.carrasco:fix-threatscore-s3-location ben.carrasco:demo-api-key ben.carrasco:trigger-preview ben.carrasco:api-changelog-1-14 ben.carrasco:feat/PRWLR-7763-new-credentials-form ben.carrasco:PROWLER-258-github-social-sign-up ben.carrasco:feat/PRWLR-7933-UI-Api-Key ben.carrasco:attribute-error-in-m365 ben.carrasco:v5.12 ben.carrasco:api-keys-docs-improvement ben.carrasco:iac-in-the-app ben.carrasco:pr-8743 ben.carrasco:PRWLR-8174-add-additional-compliance-information-to-compliance-detail-page-ui ben.carrasco:PRWLR-7170-improve-html-output-in-prowler ben.carrasco:todo-check-class ben.carrasco:review-metadata-aws-neptune ben.carrasco:fix/nextjs-cache-folder-not-found ben.carrasco:update-api-dependency-v5.12-1757406446 ben.carrasco:aws-services-regions-updated-422a8a0f625cee103be5e5a97b9639f49997b949 ben.carrasco:PRWLR-7873-add-all-finding-fields-in-the-ticket-summary-table-jira ben.carrasco:backport/v5.11/pr-8619 ben.carrasco:backport/v5.11/pr-8629 ben.carrasco:backport/v5.11/pr-8638 ben.carrasco:aws-services-regions-updated-fdb76e78207e10cf07660bbfa70665fc6552c0dd ben.carrasco:v5.11 ben.carrasco:nitpicks/7e7fce94-067a-47b0-b6d1-9b1f4ccac28f ben.carrasco:PRWLR-6707-create-a-way-of-reporting-for-prowler-threatscore ben.carrasco:v5.10 ben.carrasco:fix-threatscore-scoring ben.carrasco:PRWLR-7212-recommend-fix ben.carrasco:PRWLR-7784-cloud-providers-connection-filter-status-labels ben.carrasco:add-posthog-integration ben.carrasco:PRWLR-7732-add-mutelist-menu-item ben.carrasco:v5.9 ben.carrasco:alert-autofix-55 ben.carrasco:PRWLR-7212-recommend ben.carrasco:nitpicks/678b4540-69e7-4be1-802c-11e249359177 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359177 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359176 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359175 ben.carrasco:nitpicks/578b4540-69e7-4be1-802c-11e249359174 ben.carrasco:PRWLR-7606-add-github-provider-to-ui ben.carrasco:fix/kisa-isms-p_compilance ben.carrasco:fix-gh-typo ben.carrasco:backport/v5.9/pr-8265 ben.carrasco:PRWLR-7569-create-different-flows-of-onboarding-in-m-365 ben.carrasco:feature/add-posthog-analytics ben.carrasco:PRWLR-7635-mongodbatlas-additional-checks ben.carrasco:PRWLR-7635-mongodbatlas-provider-foundation ben.carrasco:v5.8 ben.carrasco:PRWLR-6064-change-user-deletion-api-response ben.carrasco:backport/v5.8/pr-8257 ben.carrasco:backport/v5.7/pr-8270 ben.carrasco:update-fixers-docs ben.carrasco:PRWLR-7205-migrate-fixers-to-new-class-structure ben.carrasco:PRWLR-5093-design-the-fixer-class ben.carrasco:PRWLR-7597-fix-and-optimize-search-filters-for-findings-and-resources ben.carrasco:backport/v5.8/pr-8253 ben.carrasco:PRWLR-7512-create-custom-link-component ben.carrasco:PRWLR-7524-improve-api-performance-on-scan-page-using-include-param ben.carrasco:v5.7 ben.carrasco:PRWLR-7386-playwright-setup-nextjs ben.carrasco:backport/v5.7/pr-8087 ben.carrasco:PRWLR-7459-support-for-scanning-remote-git-repositories-specified-by-url ben.carrasco:api-add-missing-map ben.carrasco:PRWLR-7346-create-a-db-helper-to-create-indexes-following-best-practices ben.carrasco:PRWLR-4758-django-must-support-read-only-replica-database-config ben.carrasco:PRWLR-7134-api-performance-tests-for-resources ben.carrasco:fix/update-changelog-and-block-1st-item-in-providers-selector ben.carrasco:psql-proxy ben.carrasco:PRWLR-7292-old-scans-not-shown-when-all-providers-have-connection-fail ben.carrasco:PRWLR-7160-findings-page-scan-id-filter-improvement ben.carrasco:showdown-demo ben.carrasco:backport/v5.7/pr-7928 ben.carrasco:PRWLR-7302-nextjs-analyst ben.carrasco:backport/v5.7/pr-7921 ben.carrasco:PRWLR-7297-django-endpoint ben.carrasco:api-changelog-5.7.2 ben.carrasco:update-changelog ben.carrasco:PRWLR-7318-add-ia-c-provider-tests ben.carrasco:PRWLR-6367-create-a-finding-new-uid-column-to-avoid-length-limitations ben.carrasco:PRWLR-5556-ensure-inactive-users-are-reviewed-and-removed-periodically ben.carrasco:fix/7508-review-fixes ben.carrasco:PRWLR-5989-ensure-that-spf-records-are-published-for-all-exchange ben.carrasco:v5.6 ben.carrasco:backport/v5.6/pr-7746 ben.carrasco:PRWLR-7117-implement-new-findings-latest-endpoint-API-UI ben.carrasco:poc-ui-e2e ben.carrasco:review-changelogs-for-v5.6 ben.carrasco:v5.5 ben.carrasco:PRWLR-6373-Implement-Compliance-Outputs-UI-temp ben.carrasco:PRWLR-6886-sdk-aws-resource-po-c ben.carrasco:PRWLR-6834-exclude-checks-in-prowler-api ben.carrasco:improve-rls-policies ben.carrasco:M365-testing ben.carrasco:PRWLR-6643-capture-sentry-exceptions ben.carrasco:PRWLR-6464-running-into-302-error-subscription-could-not-be-found-7214 ben.carrasco:v4.6 ben.carrasco:PRWLR-6469-review-resource-types-in-check-metadata-2nd-round ben.carrasco:v5.4 ben.carrasco:backport/v4.6/pr-7420 ben.carrasco:v3 ben.carrasco:backport/v4.6/pr-7410 ben.carrasco:backport/v4.6/pr-7330 ben.carrasco:backport/v3/pr-7330 ben.carrasco:improve-deletion-process ben.carrasco:PRWLR-6502-improve-docs-adding-videos ben.carrasco:PRWLR-6472-add-docs-inside-ui-page-for-each-provider ben.carrasco:PRWLR-6455-change-microsoft-365-check-names ben.carrasco:revert-7112-PRWLR-6398-upgrade-poetry-to-v-2-in-prowler ben.carrasco:fix-api-prowler-dep ben.carrasco:backport/v4.6/pr-7205 ben.carrasco:backport/v5.4/pr-7141 ben.carrasco:v5.3 ben.carrasco:PRWLR-5956-Export-Artifacts-only-UIpart-v2 ben.carrasco:backport/v5.2/pr-6947 ben.carrasco:backport/v4.6/pr-6896 ben.carrasco:backport/v4.6/pr-6908 ben.carrasco:PRWLR-5956-Export-Artifacts-only-UIpart ben.carrasco:PRWLR-5860-ensure-security-defaults-is-disabled ben.carrasco:v5.2 ben.carrasco:backport/v3/pr-6823 ben.carrasco:backport/v3/pr-6822 ben.carrasco:backport/v3/pr-6824 ben.carrasco:PRWLR-6129-review-check-report-init-for-region-resource-id-resource-arn ben.carrasco:PRWLR-5956-Export-Artifacts ben.carrasco:PRWLR-6143-fix-error-related-with-detect-secrets ben.carrasco:v5.1 ben.carrasco:v5.0 ben.carrasco:backport/v3/pr-6611 ben.carrasco:backport/v3/pr-6352 ben.carrasco:PRWLR-5573-ensure-scanners-are-in-place-for-open-source-vulnerabilities-in-used-packages ben.carrasco:PRWLR-4669-Roles-Page-UI-with-API-changes ben.carrasco:PRWLR-5831-review-and-fix-all-the-nonetypes-from-prod-logs ben.carrasco:PRWLR-4669-Roles-Page-API-UI ben.carrasco:PRWLR-5516-ensure-branch-protection-is-enforced-on-the-default-branch ben.carrasco:PRWLR-5535-ensure-linear-history-is-required ben.carrasco:backport/v3/pr-6122 ben.carrasco:PRWLR-5696-debug-django-loosing-db-connections ben.carrasco:backport/v4.4/pr-5195 ben.carrasco:PRWLR-5513-enforce-two-approval-requirement-for-code-changes-in-git-hub-repositories ben.carrasco:PRWLR-5550-Scans-New-attribute-Next-scan-schedule ben.carrasco:backport/v3/pr-5961 ben.carrasco:PRWLR-4785-remove-only-logs ben.carrasco:v4.5 ben.carrasco:PRWLR-5281-po-c-development ben.carrasco:PRWLR-5266-review-checks-executed-by-sdk-and-cli ben.carrasco:v4.4 ben.carrasco:PRWLR-4539-iam-customer-managed-policies-should-not-allow-decryption-actions-on-all-kms-keys ben.carrasco:PRWLR-4554-open-search-domains-should-have-at-least-three-data-nodes-with-zone-awareness-enabled ben.carrasco:PRWLR-4969-ensure-elasticsearch-domains-have-at-least-three-dedicated-master-nodes ben.carrasco:prowler-inventory ben.carrasco:PRWLR-4985-fix-resource-type-aws-metadata ben.carrasco:PRWLR-4782-research-about-removing-the-checks-metadata-loading-from-the-check-class ben.carrasco:v4.3 ben.carrasco:PRWLR-4785-review-only-logs-and-remove-it ben.carrasco:PRWLR-4820-error-in-gcp-execution-error-global-key-error-32-accounts ben.carrasco:PRWLR-4778-git-hub-issue-ensure-no-security-groups-allow-ingress-from-wide-open-non-rfc-1918-address-false-positive-4936 ben.carrasco:improve-ocsf ben.carrasco:PRWLR-4674-refactor-cloudfront-service ben.carrasco:dev-memory-management-optimization-poc ben.carrasco:PRWLR-4601-conflicting-documentation-for-mutelist-tags-on-aws-4782 ben.carrasco:PRWLR-4226-bad-dynamo-db-checks-i-ds ben.carrasco:PRWLR-3963-Create-new-tests-for-new-impersonate-account-of-GCP ben.carrasco:revert-4202-bugfix/execute-custom-rules ben.carrasco:v4.2 ben.carrasco:PRWLR-3773-add-listing-functions-to-new-cli ben.carrasco:PRWLR-3778-kubernetes-core-service-error ben.carrasco:PRWLR-3635-Azure-Review-checks-iam_subscription_roles_owner_custom_not_created-and-iam_custom_role_has_permissions_to_administer_resource_locks ben.carrasco:PRWLR-752-run-subservices-by-service-subservices ben.carrasco:PRWLR-2756-OSS-Amazon-Managed-Streaming-for-Apache-Kafka-MSK-Checks ben.carrasco:PRWLR-3666-bug-check-failing-due-to-iam-roles-created-by-aws-control-tower-and-aft-with-administrator-access-policy-3810 ben.carrasco:elasticache-keyerror ben.carrasco:PRWLR-3580-oss-map-k-8-s-checks-to-mitre-att-ck-framework ben.carrasco:cis-azure-fixes ben.carrasco:3865-bug-efs_not_publicly_accessible-does-not-consider-recommended-aws-condition ben.carrasco:v4.1 ben.carrasco:new-public-exposed-checks ben.carrasco:json-ocsf-checkid ben.carrasco:ens_compliance ben.carrasco:work-on-audit-manager ben.carrasco:refactor-audit-info-sagemaker ben.carrasco:bypass-compute-service ben.carrasco:fix-audit-info-tests ben.carrasco:PRWLR-2798-prowler-create-flag-to-remove-output-files-if-sent-to-an-external-provider ben.carrasco:fix-vpc_different_regions ben.carrasco:prowler-2 ben.carrasco:load-once-checks-metadata-info
ben.carrasco:5.22.0 ben.carrasco:5.21.1 ben.carrasco:5.21.0 ben.carrasco:5.20.0 ben.carrasco:5.19.0 ben.carrasco:5.18.3 ben.carrasco:5.18.2 ben.carrasco:5.18.1 ben.carrasco:5.18.0 ben.carrasco:5.17.1 ben.carrasco:5.17.0 ben.carrasco:5.16.1 ben.carrasco:5.16.0 ben.carrasco:5.15.1 ben.carrasco:5.15.0 ben.carrasco:5.14.2 ben.carrasco:5.14.1 ben.carrasco:5.14.0 ben.carrasco:5.13.1 ben.carrasco:5.13.0 ben.carrasco:5.12.3 ben.carrasco:5.12.2 ben.carrasco:5.12.1 ben.carrasco:5.12.0 ben.carrasco:5.11.0 ben.carrasco:5.10.2 ben.carrasco:5.10.1 ben.carrasco:5.10.0 ben.carrasco:5.9.2 ben.carrasco:5.9.1 ben.carrasco:5.9.0 ben.carrasco:5.8.1 ben.carrasco:5.8.0 ben.carrasco:5.7.5 ben.carrasco:5.7.4 ben.carrasco:5.7.3 ben.carrasco:5.7.2 ben.carrasco:5.7.1 ben.carrasco:5.7.0 ben.carrasco:5.6.0 ben.carrasco:5.5.1 ben.carrasco:5.5.0 ben.carrasco:5.4.4 ben.carrasco:5.4.3 ben.carrasco:5.4.2 ben.carrasco:5.4.1 ben.carrasco:5.4.0 ben.carrasco:5.3.0 ben.carrasco:5.2.3 ben.carrasco:5.2.2 ben.carrasco:5.2.1 ben.carrasco:5.2.0 ben.carrasco:5.1.5 ben.carrasco:5.1.4 ben.carrasco:5.1.3 ben.carrasco:5.1.2 ben.carrasco:5.1.1 ben.carrasco:5.1.0 ben.carrasco:5.0.5 ben.carrasco:5.0.4 ben.carrasco:5.0.3 ben.carrasco:5.0.2 ben.carrasco:5.0.1 ben.carrasco:4.6.2 ben.carrasco:5.0.0 ben.carrasco:4.6.1 ben.carrasco:4.6.0 ben.carrasco:4.5.3 ben.carrasco:4.5.2 ben.carrasco:4.5.1 ben.carrasco:4.5.0 ben.carrasco:4.4.1 ben.carrasco:4.4.0 ben.carrasco:4.3.7 ben.carrasco:4.3.6 ben.carrasco:3.16.17 ben.carrasco:4.3.5 ben.carrasco:4.3.4 ben.carrasco:3.16.16 ben.carrasco:3.16.15 ben.carrasco:4.3.3 ben.carrasco:4.3.2 ben.carrasco:4.3.1 ben.carrasco:4.3.0 ben.carrasco:3.16.14 ben.carrasco:3.16.13 ben.carrasco:3.16.12 ben.carrasco:3.16.11 ben.carrasco:3.16.10 ben.carrasco:4.2.4 ben.carrasco:4.2.3 ben.carrasco:3.16.9 ben.carrasco:4.2.2 ben.carrasco:3.16.8 ben.carrasco:3.16.7 ben.carrasco:3.16.6 ben.carrasco:4.2.1 ben.carrasco:4.2.0 ben.carrasco:3.16.5 ben.carrasco:3.16.4 ben.carrasco:3.16.3 ben.carrasco:4.1.0 ben.carrasco:3.16.2 ben.carrasco:3.16.1 ben.carrasco:4.0.1 ben.carrasco:4.0.0 ben.carrasco:3.16.0 ben.carrasco:3.15.3 ben.carrasco:3.15.2 ben.carrasco:3.15.1 ben.carrasco:3.15.0 ben.carrasco:3.14.0 ben.carrasco:3.13.1 ben.carrasco:3.13.0 ben.carrasco:3.12.1 ben.carrasco:3.12.0 ben.carrasco:3.11.3 ben.carrasco:3.11.2 ben.carrasco:3.11.1 ben.carrasco:3.11.0 ben.carrasco:3.10.0 ben.carrasco:3.9.0 ben.carrasco:3.8.2 ben.carrasco:3.8.1 ben.carrasco:3.8.0 ben.carrasco:3.7.2 ben.carrasco:3.7.1 ben.carrasco:3.7.0 ben.carrasco:3.6.1 ben.carrasco:3.6.0 ben.carrasco:3.5.3 ben.carrasco:3.5.2 ben.carrasco:3.5.1 ben.carrasco:3.5.0 ben.carrasco:3.4.1 ben.carrasco:3.4.0 ben.carrasco:3.3.4 ben.carrasco:3.3.3 ben.carrasco:3.3.2 ben.carrasco:3.3.1 ben.carrasco:3.3.0 ben.carrasco:3.2.4 ben.carrasco:3.2.3 ben.carrasco:3.2.2 ben.carrasco:3.2.1 ben.carrasco:3.2.0 ben.carrasco:3.1.4 ben.carrasco:3.1.3 ben.carrasco:3.1.2 ben.carrasco:3.1.1 ben.carrasco:3.1.0 ben.carrasco:3.0.2 ben.carrasco:3.0.1 ben.carrasco:3.0.0 ben.carrasco:2.12.1 ben.carrasco:2.12.0 ben.carrasco:2.11.0 ben.carrasco:2.10.0 ben.carrasco:2.9.0 ben.carrasco:2.8.1 ben.carrasco:2.8.0 ben.carrasco:2.7.0 ben.carrasco:2.6.1 ben.carrasco:2.6.0 ben.carrasco:2.5.0 ben.carrasco:2.4.1 ben.carrasco:2.4.0 ben.carrasco:2.3.0-18122020 ben.carrasco:2.3.0RC ben.carrasco:2.2.0 ben.carrasco:2.0 ben.carrasco:2.0-Beta ben.carrasco:1.6 ben.carrasco:1.5 ben.carrasco:1.4 ben.carrasco:1.3 ben.carrasco:1.2 ben.carrasco:1.1.1 ben.carrasco:1.1 ben.carrasco:1.0

3 Commits
3.15.1 ... 3.15.2

Author SHA1 Message Date
github-actions
e37986c1b0 chore(release): 3.15.2 2024-03-21 09:21:15 +00:00
Sergio Garcia
85d6d025c5 fix(cloudtrail): use dictionary instead of list (#3579) 2024-03-21 09:56:17 +01:00
Pepe Fagoaga
c32f7ba158 fix(actions): Remove indent (#3577) 2024-03-21 09:56:09 +01:00
19 changed files with 61 additions and 65 deletions
Expand all files Collapse all files

32
.github/workflows/pypi-release.yml vendored
View File

@@ -77,22 +77,22 @@ jobs:
poetry config pypi-token.pypi ${{ secrets.PYPI_API_TOKEN }}
poetry publish
- name: Create PR to update version in the branch
run: |
echo "### Description
This PR updates Prowler Version to ${{ env.RELEASE_TAG }}.
### License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license." |\
gh pr create \
--base ${{ env.GITHUB_BASE_BRANCH }} \
--head release-${{ env.RELEASE_TAG }} \
--title "chore(release): update Prowler Version to ${{ env.RELEASE_TAG }}." \
--body-file -
env:
GH_TOKEN: ${{ secrets.PROWLER_ACCESS_TOKEN }}
- name: Create PR to update version in the branch
run: |
echo "### Description
This PR updates Prowler Version to ${{ env.RELEASE_TAG }}.
### License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license." |\
gh pr create \
--base ${{ env.GITHUB_BASE_BRANCH }} \
--head release-${{ env.RELEASE_TAG }} \
--title "chore(release): update Prowler Version to ${{ env.RELEASE_TAG }}." \
--body-file -
env:
GH_TOKEN: ${{ secrets.PROWLER_ACCESS_TOKEN }}
- name: Replicate PyPI package
run: |

2
prowler/config/config.py
View File

@@ -11,7 +11,7 @@ from prowler.lib.logger import logger
timestamp = datetime.today()
timestamp_utc = datetime.now(timezone.utc).replace(tzinfo=timezone.utc)
prowler_version = "3.15.1"
prowler_version = "3.15.2"
html_logo_url = "https://github.com/prowler-cloud/prowler/"
html_logo_img = "https://user-images.githubusercontent.com/3985464/113734260-7ba06900-96fb-11eb-82bc-d4f68a1e2710.png"
square_logo_img = "https://user-images.githubusercontent.com/38561120/235905862-9ece5bd7-9aa3-4e48-807a-3a9035eb8bfb.png"

2
prowler/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.py
View File

@@ -20,7 +20,7 @@ class awslambda_function_invoke_api_operations_cloudtrail_logging_enabled(Check)
f"Lambda function {function.name} is not recorded by CloudTrail."
)
lambda_recorded_cloudtrail = False
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
for data_event in trail.data_events:
# classic event selectors
if not data_event.is_advanced:

2
prowler/providers/aws/services/cloudtrail/cloudtrail_bucket_requires_mfa_delete/cloudtrail_bucket_requires_mfa_delete.py
View File

@@ -8,7 +8,7 @@ from prowler.providers.aws.services.s3.s3_client import s3_client
class cloudtrail_bucket_requires_mfa_delete(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.is_logging:
trail_bucket_is_in_account = False
trail_bucket = trail.s3_bucket

2
prowler/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled.py
View File

@@ -11,7 +11,7 @@ maximum_time_without_logging = 1
class cloudtrail_cloudwatch_logging_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.name:
report = Check_Report_AWS(self.metadata())
report.region = trail.region

2
prowler/providers/aws/services/cloudtrail/cloudtrail_insights_exist/cloudtrail_insights_exist.py
View File

@@ -7,7 +7,7 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
class cloudtrail_insights_exist(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.is_logging:
report = Check_Report_AWS(self.metadata())
report.region = trail.region

2
prowler/providers/aws/services/cloudtrail/cloudtrail_kms_encryption_enabled/cloudtrail_kms_encryption_enabled.py
View File

@@ -7,7 +7,7 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
class cloudtrail_kms_encryption_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.name:
report = Check_Report_AWS(self.metadata())
report.region = trail.region

2
prowler/providers/aws/services/cloudtrail/cloudtrail_log_file_validation_enabled/cloudtrail_log_file_validation_enabled.py
View File

@@ -7,7 +7,7 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
class cloudtrail_log_file_validation_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.name:
report = Check_Report_AWS(self.metadata())
report.region = trail.region

2
prowler/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_access_logging_enabled/cloudtrail_logs_s3_bucket_access_logging_enabled.py
View File

@@ -8,7 +8,7 @@ from prowler.providers.aws.services.s3.s3_client import s3_client
class cloudtrail_logs_s3_bucket_access_logging_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.name:
trail_bucket_is_in_account = False
trail_bucket = trail.s3_bucket

2
prowler/providers/aws/services/cloudtrail/cloudtrail_logs_s3_bucket_is_not_publicly_accessible/cloudtrail_logs_s3_bucket_is_not_publicly_accessible.py
View File

@@ -8,7 +8,7 @@ from prowler.providers.aws.services.s3.s3_client import s3_client
class cloudtrail_logs_s3_bucket_is_not_publicly_accessible(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.name:
trail_bucket_is_in_account = False
trail_bucket = trail.s3_bucket

4
prowler/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled/cloudtrail_multi_region_enabled.py
View File

@@ -10,8 +10,8 @@ class cloudtrail_multi_region_enabled(Check):
for region in cloudtrail_client.regional_clients.keys():
report = Check_Report_AWS(self.metadata())
report.region = region
for trail in cloudtrail_client.trails:
if trail.region == region:
for trail in cloudtrail_client.trails.values():
if trail.region == region or trail.is_multiregion:
if trail.is_logging:
report.status = "PASS"
report.resource_id = trail.name

2
prowler/providers/aws/services/cloudtrail/cloudtrail_multi_region_enabled_logging_management_events/cloudtrail_multi_region_enabled_logging_management_events.py
View File

@@ -16,7 +16,7 @@ class cloudtrail_multi_region_enabled_logging_management_events(Check):
report.resource_id = cloudtrail_client.audited_account
report.resource_arn = cloudtrail_client.trail_arn_template
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
if trail.is_logging:
if trail.is_multiregion:
for event in trail.data_events:

2
prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_read_enabled/cloudtrail_s3_dataevents_read_enabled.py
View File

@@ -8,7 +8,7 @@ from prowler.providers.aws.services.s3.s3_client import s3_client
class cloudtrail_s3_dataevents_read_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
for data_event in trail.data_events:
# classic event selectors
if not data_event.is_advanced:

2
prowler/providers/aws/services/cloudtrail/cloudtrail_s3_dataevents_write_enabled/cloudtrail_s3_dataevents_write_enabled.py
View File

@@ -8,7 +8,7 @@ from prowler.providers.aws.services.s3.s3_client import s3_client
class cloudtrail_s3_dataevents_write_enabled(Check):
def execute(self):
findings = []
for trail in cloudtrail_client.trails:
for trail in cloudtrail_client.trails.values():
for data_event in trail.data_events:
# Classic event selectors
if not data_event.is_advanced:

44
prowler/providers/aws/services/cloudtrail/cloudtrail_service.py
View File

@@ -15,7 +15,7 @@ class Cloudtrail(AWSService):
# Call AWSService's __init__
super().__init__(__class__.__name__, audit_info)
self.trail_arn_template = f"arn:{self.audited_partition}:cloudtrail:{self.region}:{self.audited_account}:trail"
self.trails = []
self.trails = {}
self.__threading_call__(self.__get_trails__)
self.__get_trail_status__()
self.__get_insight_selectors__()
@@ -45,27 +45,23 @@ class Cloudtrail(AWSService):
kms_key_id = trail["KmsKeyId"]
if "CloudWatchLogsLogGroupArn" in trail:
log_group_arn = trail["CloudWatchLogsLogGroupArn"]
self.trails.append(
Trail(
name=trail["Name"],
is_multiregion=trail["IsMultiRegionTrail"],
home_region=trail["HomeRegion"],
arn=trail["TrailARN"],
region=regional_client.region,
is_logging=False,
log_file_validation_enabled=trail[
"LogFileValidationEnabled"
],
latest_cloudwatch_delivery_time=None,
s3_bucket=trail["S3BucketName"],
kms_key=kms_key_id,
log_group_arn=log_group_arn,
data_events=[],
has_insight_selectors=trail.get("HasInsightSelectors"),
)
self.trails[trail["TrailARN"]] = Trail(
name=trail["Name"],
is_multiregion=trail["IsMultiRegionTrail"],
home_region=trail["HomeRegion"],
arn=trail["TrailARN"],
region=regional_client.region,
is_logging=False,
log_file_validation_enabled=trail["LogFileValidationEnabled"],
latest_cloudwatch_delivery_time=None,
s3_bucket=trail["S3BucketName"],
kms_key=kms_key_id,
log_group_arn=log_group_arn,
data_events=[],
has_insight_selectors=trail.get("HasInsightSelectors"),
)
if trails_count == 0:
self.trails.append(
self.trails[self.__get_trail_arn_template__(regional_client.region)] = (
Trail(
region=regional_client.region,
)
@@ -79,7 +75,7 @@ class Cloudtrail(AWSService):
def __get_trail_status__(self):
logger.info("Cloudtrail - Getting trail status")
try:
for trail in self.trails:
for trail in self.trails.values():
for region, client in self.regional_clients.items():
if trail.region == region and trail.name:
status = client.get_trail_status(Name=trail.arn)
@@ -97,7 +93,7 @@ class Cloudtrail(AWSService):
def __get_event_selectors__(self):
logger.info("Cloudtrail - Getting event selector")
try:
for trail in self.trails:
for trail in self.trails.values():
for region, client in self.regional_clients.items():
if trail.region == region and trail.name:
data_events = client.get_event_selectors(TrailName=trail.arn)
@@ -131,7 +127,7 @@ class Cloudtrail(AWSService):
logger.info("Cloudtrail - Getting trail insight selectors...")
try:
for trail in self.trails:
for trail in self.trails.values():
for region, client in self.regional_clients.items():
if trail.region == region and trail.name:
insight_selectors = None
@@ -180,7 +176,7 @@ class Cloudtrail(AWSService):
def __list_tags_for_resource__(self):
logger.info("CloudTrail - List Tags...")
try:
for trail in self.trails:
for trail in self.trails.values():
# Check if trails are in this account and region
if (
trail.region == trail.home_region

2
prowler/providers/aws/services/cloudwatch/lib/metric_filters.py
View File

@@ -12,7 +12,7 @@ def check_cloudwatch_log_metric_filter(
):
# 1. Iterate for CloudWatch Log Group in CloudTrail trails
log_groups = []
for trail in trails:
for trail in trails.values():
if trail.log_group_arn:
log_groups.append(trail.log_group_arn.split(":")[6])
# 2. Describe metric filters for previous log groups

2
pyproject.toml
View File

@@ -22,7 +22,7 @@ packages = [
{include = "prowler"}
]
readme = "README.md"
version = "3.15.1"
version = "3.15.2"
[tool.poetry.dependencies]
alive-progress = "3.1.5"

10
tests/providers/aws/services/cloudtrail/cloudtrail_cloudwatch_logging_enabled/cloudtrail_cloudwatch_logging_enabled_test.py
View File

@@ -87,7 +87,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
cloudtrail_cloudwatch_logging_enabled,
)
for trail in service_client.trails:
for trail in service_client.trails.values():
if trail.name == trail_name_us:
trail.latest_cloudwatch_delivery_time = datetime.now().replace(
tzinfo=timezone.utc
@@ -174,7 +174,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
cloudtrail_cloudwatch_logging_enabled,
)
for trail in service_client.trails:
for trail in service_client.trails.values():
if trail.name == trail_name_us:
trail.latest_cloudwatch_delivery_time = datetime.now().replace(
tzinfo=timezone.utc
@@ -190,8 +190,8 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
check = cloudtrail_cloudwatch_logging_enabled()
result = check.execute()
# len of result should be 3 -> (1 multiregion entry per region + 1 entry because of single region trail)
assert len(result) == 3
# len of result should be 2 -> (1 per trail)
assert len(result) == 2
for report in result:
if report.resource_id == trail_name_us:
assert report.resource_id == trail_name_us
@@ -262,7 +262,7 @@ class Test_cloudtrail_cloudwatch_logging_enabled:
cloudtrail_cloudwatch_logging_enabled,
)
for trail in service_client.trails:
for trail in service_client.trails.values():
if trail.name == trail_name_us:
trail.latest_cloudwatch_delivery_time = datetime.now().replace(
tzinfo=timezone.utc

8
tests/providers/aws/services/cloudtrail/cloudtrail_service_test.py
View File

@@ -88,7 +88,7 @@ class Test_Cloudtrail_Service:
)
cloudtrail = Cloudtrail(audit_info)
assert len(cloudtrail.trails) == 2
for trail in cloudtrail.trails:
for trail in cloudtrail.trails.values():
if trail.name:
assert trail.name == trail_name_us or trail.name == trail_name_eu
assert not trail.is_multiregion
@@ -145,7 +145,7 @@ class Test_Cloudtrail_Service:
)
cloudtrail = Cloudtrail(audit_info)
assert len(cloudtrail.trails) == len(audit_info.audited_regions)
for trail in cloudtrail.trails:
for trail in cloudtrail.trails.values():
if trail.name:
if trail.name == trail_name_us:
assert not trail.is_multiregion
@@ -189,7 +189,7 @@ class Test_Cloudtrail_Service:
)
cloudtrail = Cloudtrail(audit_info)
assert len(cloudtrail.trails) == len(audit_info.audited_regions)
for trail in cloudtrail.trails:
for trail in cloudtrail.trails.values():
if trail.name:
if trail.name == trail_name_us:
assert not trail.is_multiregion
@@ -237,7 +237,7 @@ class Test_Cloudtrail_Service:
)
cloudtrail = Cloudtrail(audit_info)
assert len(cloudtrail.trails) == len(audit_info.audited_regions)
for trail in cloudtrail.trails:
for trail in cloudtrail.trails.values():
if trail.name:
if trail.name == trail_name_us:
assert not trail.is_multiregion