chore: add manage group actions

Merge branch 'PRWLR-5824-Update-resource-name-and-enable-relationships-on-role-and-provider_group-create-update' into PRWLR-4669-Roles-Page-UI-with-API-changes
2026-06-13 05:59:47 +00:00 · 2024-12-18 17:38:09 +01:00 · 2024-12-18 12:10:45 +01:00 · 2024-12-18 11:15:37 +01:00 · 2024-12-18 11:08:19 +01:00 · 2024-12-18 11:05:29 +01:00
300 changed files with 3716 additions and 18967 deletions
@@ -6,14 +6,13 @@
 PROWLER_UI_VERSION="latest"
 SITE_URL=http://localhost:3000
 API_BASE_URL=http://prowler-api:8080/api/v1
-NEXT_PUBLIC_API_DOCS_URL=http://prowler-api:8080/api/v1/docs
 AUTH_TRUST_HOST=true
 UI_PORT=3000
 # openssl rand -base64 32
 AUTH_SECRET="N/c6mnaS5+SWq81+819OrzQZlmx1Vxtp/orjttJSmw8="

 #### Prowler API Configuration ####
-PROWLER_API_VERSION="stable"
+PROWLER_API_VERSION="latest"
 # PostgreSQL settings
 # If running Django and celery on host, use 'localhost', else use 'postgres-db'
 POSTGRES_HOST=postgres-db
@@ -41,12 +40,9 @@ DJANGO_LOGGING_FORMATTER=human_readable
 # Select one of [DEBUG|INFO|WARNING|ERROR|CRITICAL]
 # Applies to both Django and Celery Workers
 DJANGO_LOGGING_LEVEL=INFO
-# Defaults to the maximum available based on CPU cores if not set.
-DJANGO_WORKERS=4
-# Token lifetime is in minutes
-DJANGO_ACCESS_TOKEN_LIFETIME=30
-# Token lifetime is in minutes
-DJANGO_REFRESH_TOKEN_LIFETIME=1440
+DJANGO_WORKERS=4 # Defaults to the maximum available based on CPU cores if not set.
+DJANGO_ACCESS_TOKEN_LIFETIME=30 # Token lifetime is in minutes
+DJANGO_REFRESH_TOKEN_LIFETIME=1440 # Token lifetime is in minutes
 DJANGO_CACHE_MAX_AGE=3600
 DJANGO_STALE_WHILE_REVALIDATE=60
 DJANGO_MANAGE_DB_PARTITIONS=True
@@ -91,4 +87,3 @@ jQIDAQAB
 -----END PUBLIC KEY-----"
 # openssl rand -base64 32
 DJANGO_SECRETS_ENCRYPTION_KEY="oE/ltOhp/n1TdbHjVmzcjDPLcLA41CVI/4Rk+UB5ESc="
-DJANGO_BROKER_VISIBILITY_TIMEOUT=86400
@@ -16,17 +16,6 @@ updates:
      - "dependencies"
      - "pip"

-  - package-ecosystem: "pip"
-    directory: "/api"
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
-    target-branch: master
-    labels:
-      - "dependencies"
-      - "pip"
-      - "component/api"
-
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
@@ -38,7 +27,7 @@ updates:
      - "github_actions"

  - package-ecosystem: "npm"
-    directory: "/ui"
+    directory: "/"
    schedule:
      interval: "daily"
    open-pull-requests-limit: 10
@@ -46,7 +35,6 @@ updates:
    labels:
      - "dependencies"
      - "npm"
-      - "component/ui"

  - package-ecosystem: "docker"
    directory: "/"
@@ -23,7 +23,6 @@ env:
  # Tags
  LATEST_TAG: latest
  RELEASE_TAG: ${{ github.event.release.tag_name }}
-  STABLE_TAG: stable

  WORKING_DIRECTORY: ./api

@@ -32,34 +31,19 @@ env:
  PROWLERCLOUD_DOCKERHUB_IMAGE: prowler-api

 jobs:
-  repository-check:
-    name: Repository check
-    runs-on: ubuntu-latest
-    outputs:
-      is_repo: ${{ steps.repository_check.outputs.is_repo }}
-    steps:
-      - name: Repository check
-        id: repository_check
-        working-directory: /tmp
-        run: |
-          if [[ ${{ github.repository }} == "prowler-cloud/prowler" ]]
-          then
-            echo "is_repo=true" >> "${GITHUB_OUTPUT}"
-          else
-            echo "This action only runs for prowler-cloud/prowler"
-            echo "is_repo=false" >> "${GITHUB_OUTPUT}"
-          fi
-
  # Build Prowler OSS container
  container-build-push:
-    needs: repository-check
-    if: needs.repository-check.outputs.is_repo == 'true'
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ${{ env.WORKING_DIRECTORY }}

    steps:
+      - name: Repository check
+        working-directory: /tmp
+        run: |
+          [[ ${{ github.repository }} != "prowler-cloud/prowler" ]] && echo "This action only runs for prowler-cloud/prowler"; exit 0
+
      - name: Checkout
        uses: actions/checkout@v4

@@ -93,6 +77,5 @@ jobs:
          push: true
          tags: |
            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.RELEASE_TAG }}
-            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.STABLE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
@@ -15,12 +15,16 @@ on:
  push:
    branches:
      - "master"
+      - "v3"
+      - "v4.*"
      - "v5.*"
    paths:
      - "api/**"
  pull_request:
    branches:
      - "master"
+      - "v3"
+      - "v4.*"
      - "v5.*"
    paths:
      - "api/**"
@@ -4,13 +4,11 @@ on:
  push:
    branches:
      - "master"
-      - "v5.*"
    paths:
      - "api/**"
  pull_request:
    branches:
      - "master"
-      - "v5.*"
    paths:
      - "api/**"

@@ -89,7 +87,7 @@ jobs:
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==1.8.5
+          pipx install poetry

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -114,7 +112,7 @@ jobs:
        working-directory: ./api
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry check --lock
+          poetry lock --check

      - name: Lint with ruff
        working-directory: ./api
@@ -11,7 +11,7 @@ jobs:
        with:
          fetch-depth: 0
      - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@v3.88.2
+        uses: trufflesecurity/trufflehog@v3.86.1
        with:
          path: ./
          base: ${{ github.event.repository.default_branch }}
@@ -68,7 +68,7 @@ jobs:

      - name: Install Poetry
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry
          pipx inject poetry poetry-bumpversion

      - name: Get Prowler version
@@ -17,7 +17,6 @@ on:
      - "master"
      - "v3"
      - "v4.*"
-      - "v5.*"
    paths-ignore:
      - 'ui/**'
      - 'api/**'
@@ -26,7 +25,6 @@ on:
      - "master"
      - "v3"
      - "v4.*"
-      - "v5.*"
    paths-ignore:
      - 'ui/**'
      - 'api/**'
@@ -37,14 +37,12 @@ jobs:
            README.md
            mkdocs.yml
            .backportrc.json
-            .env
-            docker-compose*

      - name: Install poetry
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==1.8.5
+          pipx install poetry

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -67,7 +65,7 @@ jobs:
      - name: Poetry check
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry check --lock
+          poetry lock --check

      - name: Lint with flake8
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
@@ -10,40 +10,12 @@ env:
  CACHE: "poetry"

 jobs:
-  repository-check:
-    name: Repository check
-    runs-on: ubuntu-latest
-    outputs:
-      is_repo: ${{ steps.repository_check.outputs.is_repo }}
-    steps:
-      - name: Repository check
-        id: repository_check
-        working-directory: /tmp
-        run: |
-          if [[ ${{ github.repository }} == "prowler-cloud/prowler" ]]
-          then
-            echo "is_repo=true" >> "${GITHUB_OUTPUT}"
-          else
-            echo "This action only runs for prowler-cloud/prowler"
-            echo "is_repo=false" >> "${GITHUB_OUTPUT}"
-          fi
-
  release-prowler-job:
    runs-on: ubuntu-latest
-    needs: repository-check
-    if: needs.repository-check.outputs.is_repo == 'true'
    env:
      POETRY_VIRTUALENVS_CREATE: "false"
    name: Release Prowler to PyPI
    steps:
-      - name: Repository check
-        working-directory: /tmp
-        run: |
-              if [[ "${{ github.repository }}" != "prowler-cloud/prowler" ]]; then
-                  echo "This action only runs for prowler-cloud/prowler"
-                  exit 1
-              fi
-
      - name: Get Prowler version
        run: |
          PROWLER_VERSION="${{ env.RELEASE_TAG }}"
@@ -68,7 +40,7 @@ jobs:

      - name: Install dependencies
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry

      - name: Setup Python
        uses: actions/setup-python@v5
@@ -23,7 +23,6 @@ env:
  # Tags
  LATEST_TAG: latest
  RELEASE_TAG: ${{ github.event.release.tag_name }}
-  STABLE_TAG: stable

  WORKING_DIRECTORY: ./ui

@@ -32,34 +31,19 @@ env:
  PROWLERCLOUD_DOCKERHUB_IMAGE: prowler-ui

 jobs:
-  repository-check:
-    name: Repository check
-    runs-on: ubuntu-latest
-    outputs:
-      is_repo: ${{ steps.repository_check.outputs.is_repo }}
-    steps:
-      - name: Repository check
-        id: repository_check
-        working-directory: /tmp
-        run: |
-          if [[ ${{ github.repository }} == "prowler-cloud/prowler" ]]
-          then
-            echo "is_repo=true" >> "${GITHUB_OUTPUT}"
-          else
-            echo "This action only runs for prowler-cloud/prowler"
-            echo "is_repo=false" >> "${GITHUB_OUTPUT}"
-          fi
-
  # Build Prowler OSS container
  container-build-push:
-    needs: repository-check
-    if: needs.repository-check.outputs.is_repo == 'true'
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ${{ env.WORKING_DIRECTORY }}

    steps:
+      - name: Repository check
+        working-directory: /tmp
+        run: |
+          [[ ${{ github.repository }} != "prowler-cloud/prowler" ]] && echo "This action only runs for prowler-cloud/prowler"; exit 0
+
      - name: Checkout
        uses: actions/checkout@v4

@@ -93,6 +77,5 @@ jobs:
          push: true
          tags: |
            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.RELEASE_TAG }}
-            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.STABLE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
@@ -15,12 +15,14 @@ on:
  push:
    branches:
      - "master"
+      - "v4.*"
      - "v5.*"
    paths:
      - "ui/**"
  pull_request:
    branches:
      - "master"
+      - "v4.*"
      - "v5.*"
    paths:
      - "ui/**"
@@ -1,16 +1,9 @@
 name: UI - Pull Request

 on:
-  push:
-    branches:
-      - "master"
-      - "v5.*"
-    paths:
-      - "ui/**"
  pull_request:
    branches:
      - master
-      - "v5.*"
    paths:
      - 'ui/**'

@@ -90,7 +90,7 @@ repos:
      - id: bandit
        name: bandit
        description: "Bandit is a tool for finding common security issues in Python code"
-        entry: bash -c 'bandit -q -lll -x '*_test.py,./contrib/,./.venv/' -r .'
+        entry: bash -c 'bandit -q -lll -x '*_test.py,./contrib/' -r .'
        language: system
        files: '.*\.py'

@@ -103,6 +103,7 @@ repos:
      - id: vulture
        name: vulture
        description: "Vulture finds unused code in Python programs."
-        entry: bash -c 'vulture --exclude "contrib,.venv,api/src/backend/api/tests/,api/src/backend/conftest.py,api/src/backend/tasks/tests/" --min-confidence 100 .'
+        entry: bash -c 'vulture --exclude "contrib" --min-confidence 100 .'
+        exclude: 'api/src/backend/'
        language: system
        files: '.*\.py'
@@ -72,7 +72,7 @@ It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, Fe
 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
 | AWS | 561 | 81 -> `prowler aws --list-services` | 30 -> `prowler aws --list-compliance` | 9 -> `prowler aws --list-categories` |
-| GCP | 77 | 13 -> `prowler gcp --list-services` | 4 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
+| GCP | 77 | 13 -> `prowler gcp --list-services` | 3 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
 | Azure | 139 | 18 -> `prowler azure --list-services` | 4 -> `prowler azure --list-compliance` | 2 -> `prowler azure --list-categories` |
 | Kubernetes | 83 | 7 -> `prowler kubernetes --list-services` | 1 -> `prowler kubernetes --list-compliance` | 7 -> `prowler kubernetes --list-categories` |

@@ -98,7 +98,6 @@ curl -LO https://raw.githubusercontent.com/prowler-cloud/prowler/refs/heads/mast
 docker compose up -d
 ```

-> Containers are built for `linux/amd64`. If your workstation's architecture is different, please set `DOCKER_DEFAULT_PLATFORM=linux/amd64` in your environment or use the `--platform linux/amd64` flag in the docker command.
 > Enjoy Prowler App at http://localhost:3000 by signing up with your email and password.

 ### From GitHub
@@ -22,7 +22,6 @@ DJANGO_SECRETS_ENCRYPTION_KEY=""
 # Decide whether to allow Django manage database table partitions
 DJANGO_MANAGE_DB_PARTITIONS=[True|False]
 DJANGO_CELERY_DEADLOCK_ATTEMPTS=5
-DJANGO_BROKER_VISIBILITY_TIMEOUT=86400

 # PostgreSQL settings
 # If running django and celery on host, use 'localhost', else use 'postgres-db'
@@ -12,7 +12,7 @@ version = "1.1.0"

 [tool.poetry.dependencies]
 celery = {extras = ["pytest"], version = "^5.4.0"}
-django = "5.1.4"
+django = "5.1.1"
 django-celery-beat = "^2.7.0"
 django-celery-results = "^2.5.1"
 django-cors-headers = "4.4.0"
@@ -27,7 +27,7 @@ drf-nested-routers = "^0.94.1"
 drf-spectacular = "0.27.2"
 drf-spectacular-jsonapi = "0.5.1"
 gunicorn = "23.0.0"
-prowler = "^5.0"
+prowler = {git = "https://github.com/prowler-cloud/prowler.git", tag = "5.0.0"}
 psycopg2-binary = "2.9.9"
 pytest-celery = {extras = ["redis"], version = "^1.0.1"}
 # Needed for prowler compatibility
@@ -48,8 +48,8 @@ pytest-env = "1.1.3"
 pytest-randomly = "3.15.0"
 pytest-xdist = "3.6.1"
 ruff = "0.5.0"
-safety = "3.2.9"
-vulture = "2.14"
+safety = "3.2.3"
+vulture = "2.11"

 [tool.poetry.scripts]
 celery = "src.backend.config.settings.celery"
@@ -5,6 +5,7 @@ from datetime import datetime, timedelta, timezone

 from django.conf import settings
 from django.contrib.auth.models import BaseUserManager
+from django.core.paginator import Paginator
 from django.db import connection, models, transaction
 from psycopg2 import connect as psycopg2_connect
 from psycopg2.extensions import AsIs, new_type, register_adapter, register_type
@@ -119,18 +120,15 @@ def batch_delete(queryset, batch_size=5000):
    total_deleted = 0
    deletion_summary = {}

-    while True:
-        # Get a batch of IDs to delete
-        batch_ids = set(
-            queryset.values_list("id", flat=True).order_by("id")[:batch_size]
-        )
-        if not batch_ids:
-            # No more objects to delete
-            break
+    paginator = Paginator(queryset.order_by("id").only("id"), batch_size)
+
+    for page_num in paginator.page_range:
+        batch_ids = [obj.id for obj in paginator.page(page_num).object_list]

        deleted_count, deleted_info = queryset.filter(id__in=batch_ids).delete()

        total_deleted += deleted_count
+
        for model_label, count in deleted_info.items():
            deletion_summary[model_label] = deletion_summary.get(model_label, 0) + count

@@ -319,27 +319,6 @@ class FindingFilter(FilterSet):
        field_name="resources__type", lookup_expr="icontains"
    )

-    resource_tag_key = CharFilter(field_name="resources__tags__key")
-    resource_tag_key__in = CharInFilter(
-        field_name="resources__tags__key", lookup_expr="in"
-    )
-    resource_tag_key__icontains = CharFilter(
-        field_name="resources__tags__key", lookup_expr="icontains"
-    )
-    resource_tag_value = CharFilter(field_name="resources__tags__value")
-    resource_tag_value__in = CharInFilter(
-        field_name="resources__tags__value", lookup_expr="in"
-    )
-    resource_tag_value__icontains = CharFilter(
-        field_name="resources__tags__value", lookup_expr="icontains"
-    )
-    resource_tags = CharInFilter(
-        method="filter_resource_tag",
-        lookup_expr="in",
-        help_text="Filter by resource tags `key:value` pairs.\nMultiple values may be "
-        "separated by commas.",
-    )
-
    scan = UUIDFilter(method="filter_scan_id")
    scan__in = UUIDInFilter(method="filter_scan_id_in")

@@ -374,12 +353,6 @@ class FindingFilter(FilterSet):
            },
        }

-    @property
-    def qs(self):
-        # Force distinct results to prevent duplicates with many-to-many relationships
-        parent_qs = super().qs
-        return parent_qs.distinct()
-
    #  Convert filter values to UUIDv7 values for use with partitioning
    def filter_scan_id(self, queryset, name, value):
        try:
@@ -453,16 +426,6 @@ class FindingFilter(FilterSet):

        return queryset.filter(id__lte=end).filter(inserted_at__lte=value)

-    def filter_resource_tag(self, queryset, name, value):
-        overall_query = Q()
-        for key_value_pair in value:
-            tag_key, tag_value = key_value_pair.split(":", 1)
-            overall_query |= Q(
-                resources__tags__key__icontains=tag_key,
-                resources__tags__value__icontains=tag_value,
-            )
-        return queryset.filter(overall_query).distinct()
-
    @staticmethod
    def maybe_date_to_datetime(value):
        dt = value
@@ -1,17 +1,15 @@
 # Generated by Django 5.1.1 on 2024-12-05 12:29

-import uuid
-
+import api.rls
 import django.db.models.deletion
+import uuid
 from django.conf import settings
 from django.db import migrations, models

-import api.rls
-

 class Migration(migrations.Migration):
    dependencies = [
-        ("api", "0003_update_provider_unique_constraint_with_is_deleted"),
+        ("api", "0002_token_migrations"),
    ]

    operations = [
@@ -1,23 +0,0 @@
-# Generated by Django 5.1.1 on 2024-12-20 13:16
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = [
-        ("api", "0002_token_migrations"),
-    ]
-
-    operations = [
-        migrations.RemoveConstraint(
-            model_name="provider",
-            name="unique_provider_uids",
-        ),
-        migrations.AddConstraint(
-            model_name="provider",
-            constraint=models.UniqueConstraint(
-                fields=("tenant_id", "provider", "uid", "is_deleted"),
-                name="unique_provider_uids",
-            ),
-        ),
-    ]
@@ -1,5 +1,4 @@
 from django.db import migrations
-
 from api.db_router import MainRouter


@@ -36,7 +35,7 @@ def create_admin_role(apps, schema_editor):

 class Migration(migrations.Migration):
    dependencies = [
-        ("api", "0004_rbac"),
+        ("api", "0003_rbac"),
    ]

    operations = [
@@ -271,7 +271,7 @@ class Provider(RowLevelSecurityProtectedModel):

        constraints = [
            models.UniqueConstraint(
-                fields=("tenant_id", "provider", "uid", "is_deleted"),
+                fields=("tenant_id", "provider", "uid"),
                name="unique_provider_uids",
            ),
            RowLevelSecurityConstraint(
@@ -515,8 +515,8 @@ class Resource(RowLevelSecurityProtectedModel):
        through="ResourceTagMapping",
    )

-    def get_tags(self, tenant_id: str) -> dict:
-        return {tag.key: tag.value for tag in self.tags.filter(tenant_id=tenant_id)}
+    def get_tags(self) -> dict:
+        return {tag.key: tag.value for tag in self.tags.all()}

    def clear_tags(self):
        self.tags.clear()
@@ -1,11 +1,9 @@
 from enum import Enum
-from typing import Optional
-
-from django.db.models import QuerySet
 from rest_framework.permissions import BasePermission
-
-from api.db_router import MainRouter
 from api.models import Provider, Role, User
+from api.db_router import MainRouter
+from typing import Optional
+from django.db.models import QuerySet


 class Permissions(Enum):
@@ -65,11 +63,8 @@ def get_providers(role: Role) -> QuerySet[Provider]:
        A QuerySet of Provider objects filtered by the role's provider groups.
        If the role has no provider groups, returns an empty queryset.
    """
-    tenant = role.tenant
    provider_groups = role.provider_groups.all()
    if not provider_groups.exists():
        return Provider.objects.none()

-    return Provider.objects.filter(
-        tenant=tenant, provider_groups__in=provider_groups
-    ).distinct()
+    return Provider.objects.filter(provider_groups__in=provider_groups).distinct()
@@ -1,7 +1,7 @@
 openapi: 3.0.3
 info:
  title: Prowler API
-  version: 1.2.0
+  version: 1.1.0
  description: |-
    Prowler API specification.

@@ -477,51 +477,6 @@ paths:
        description: Multiple values may be separated by commas.
        explode: false
        style: form
-      - in: query
-        name: filter[resource_tag_key]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tag_value]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tags]
-        schema:
-          type: array
-          items:
-            type: string
-        description: |-
-          Filter by resource tags `key:value` pairs.
-          Multiple values may be separated by commas.
-        explode: false
-        style: form
      - in: query
        name: filter[resource_type]
        schema:
@@ -1028,523 +983,6 @@ paths:
        description: Multiple values may be separated by commas.
        explode: false
        style: form
-      - in: query
-        name: filter[resource_tag_key]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tag_value]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tags]
-        schema:
-          type: array
-          items:
-            type: string
-        description: |-
-          Filter by resource tags `key:value` pairs.
-          Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_type]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_type__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_type__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_uid]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_uid__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_uid__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resources]
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[scan]
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: filter[scan__in]
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - name: filter[search]
-        required: false
-        in: query
-        description: A search term.
-        schema:
-          type: string
-      - in: query
-        name: filter[service]
-        schema:
-          type: string
-      - in: query
-        name: filter[service__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[service__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[severity]
-        schema:
-          type: string
-          enum:
-          - critical
-          - high
-          - informational
-          - low
-          - medium
-        description: |-
-          * `critical` - Critical
-          * `high` - High
-          * `medium` - Medium
-          * `low` - Low
-          * `informational` - Informational
-      - in: query
-        name: filter[severity__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[status]
-        schema:
-          type: string
-          enum:
-          - FAIL
-          - MANUAL
-          - MUTED
-          - PASS
-        description: |-
-          * `FAIL` - Fail
-          * `PASS` - Pass
-          * `MANUAL` - Manual
-          * `MUTED` - Muted
-      - in: query
-        name: filter[status__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[uid]
-        schema:
-          type: string
-      - in: query
-        name: filter[uid__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[updated_at]
-        schema:
-          type: string
-          format: date
-      - in: query
-        name: filter[updated_at__gte]
-        schema:
-          type: string
-          format: date-time
-      - in: query
-        name: filter[updated_at__lte]
-        schema:
-          type: string
-          format: date-time
-      - name: sort
-        required: false
-        in: query
-        description: '[list of fields to sort by](https://jsonapi.org/format/#fetching-sorting)'
-        schema:
-          type: array
-          items:
-            type: string
-            enum:
-            - id
-            - -id
-            - status
-            - -status
-            - severity
-            - -severity
-            - check_id
-            - -check_id
-            - inserted_at
-            - -inserted_at
-            - updated_at
-            - -updated_at
-        explode: false
-      tags:
-      - Finding
-      security:
-      - jwtAuth: []
-      deprecated: true
-      responses:
-        '200':
-          content:
-            application/vnd.api+json:
-              schema:
-                $ref: '#/components/schemas/FindingDynamicFilterResponse'
-          description: ''
-  /api/v1/findings/metadata:
-    get:
-      operationId: findings_metadata_retrieve
-      description: Fetch unique metadata values from a set of findings. This is useful
-        for dynamic filtering.
-      summary: Retrieve metadata values from findings
-      parameters:
-      - in: query
-        name: fields[findings-metadata]
-        schema:
-          type: array
-          items:
-            type: string
-            enum:
-            - services
-            - regions
-            - resource_types
-            - tags
-        description: endpoint return only specific fields in the response on a per-type
-          basis by including a fields[TYPE] query parameter.
-        explode: false
-      - in: query
-        name: filter[check_id]
-        schema:
-          type: string
-      - in: query
-        name: filter[check_id__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[check_id__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[delta]
-        schema:
-          type: string
-          nullable: true
-          enum:
-          - changed
-          - new
-        description: |-
-          * `new` - New
-          * `changed` - Changed
-      - in: query
-        name: filter[delta__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[id]
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: filter[id__in]
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[impact]
-        schema:
-          type: string
-          enum:
-          - critical
-          - high
-          - informational
-          - low
-          - medium
-        description: |-
-          * `critical` - Critical
-          * `high` - High
-          * `medium` - Medium
-          * `low` - Low
-          * `informational` - Informational
-      - in: query
-        name: filter[impact__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[inserted_at]
-        schema:
-          type: string
-          format: date
-      - in: query
-        name: filter[inserted_at__date]
-        schema:
-          type: string
-          format: date
-      - in: query
-        name: filter[inserted_at__gte]
-        schema:
-          type: string
-          format: date
-      - in: query
-        name: filter[inserted_at__lte]
-        schema:
-          type: string
-          format: date
-      - in: query
-        name: filter[provider]
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: filter[provider__in]
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[provider_alias]
-        schema:
-          type: string
-      - in: query
-        name: filter[provider_alias__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[provider_alias__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[provider_type]
-        schema:
-          type: string
-          enum:
-          - aws
-          - azure
-          - gcp
-          - kubernetes
-        description: |-
-          * `aws` - AWS
-          * `azure` - Azure
-          * `gcp` - GCP
-          * `kubernetes` - Kubernetes
-      - in: query
-        name: filter[provider_type__in]
-        schema:
-          type: array
-          items:
-            type: string
-            enum:
-            - aws
-            - azure
-            - gcp
-            - kubernetes
-        description: |-
-          Multiple values may be separated by commas.
-
-          * `aws` - AWS
-          * `azure` - Azure
-          * `gcp` - GCP
-          * `kubernetes` - Kubernetes
-        explode: false
-        style: form
-      - in: query
-        name: filter[provider_uid]
-        schema:
-          type: string
-      - in: query
-        name: filter[provider_uid__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[provider_uid__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[region]
-        schema:
-          type: string
-      - in: query
-        name: filter[region__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[region__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_name]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_name__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_name__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tag_key]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_key__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tag_value]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__icontains]
-        schema:
-          type: string
-      - in: query
-        name: filter[resource_tag_value__in]
-        schema:
-          type: array
-          items:
-            type: string
-        description: Multiple values may be separated by commas.
-        explode: false
-        style: form
-      - in: query
-        name: filter[resource_tags]
-        schema:
-          type: array
-          items:
-            type: string
-        description: |-
-          Filter by resource tags `key:value` pairs.
-          Multiple values may be separated by commas.
-        explode: false
-        style: form
      - in: query
        name: filter[resource_type]
        schema:
@@ -1730,11 +1168,11 @@ paths:
      security:
      - jwtAuth: []
      responses:
-        '200':
+        '201':
          content:
            application/vnd.api+json:
              schema:
-                $ref: '#/components/schemas/FindingMetadataResponse'
+                $ref: '#/components/schemas/OpenApiResponseResponse'
          description: ''
  /api/v1/invitations/accept:
    post:
@@ -3510,7 +2948,9 @@ paths:
            - name
            - manage_users
            - manage_account
+            - manage_billing
            - manage_providers
+            - manage_integrations
            - manage_scans
            - permission_state
            - unlimited_visibility
@@ -3628,8 +3068,12 @@ paths:
            - -manage_users
            - manage_account
            - -manage_account
+            - manage_billing
+            - -manage_billing
            - manage_providers
            - -manage_providers
+            - manage_integrations
+            - -manage_integrations
            - manage_scans
            - -manage_scans
            - permission_state
@@ -3703,7 +3147,9 @@ paths:
            - name
            - manage_users
            - manage_account
+            - manage_billing
            - manage_providers
+            - manage_integrations
            - manage_scans
            - permission_state
            - unlimited_visibility
@@ -5379,8 +4825,8 @@ paths:
          description: ''
    delete:
      operationId: users_destroy
-      description: Remove the current user account from the system.
-      summary: Delete the user account
+      description: Remove a user account from the system.
+      summary: Delete a user account
      parameters:
      - in: path
        name: id
@@ -6012,92 +5458,6 @@ components:
              readOnly: true
          required:
          - scan
-    FindingDynamicFilter:
-      type: object
-      required:
-      - type
-      - id
-      additionalProperties: false
-      properties:
-        type:
-          allOf:
-          - $ref: '#/components/schemas/FindingDynamicFilterTypeEnum'
-          description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
-            member is used to describe resource objects that share common attributes
-            and relationships.
-        id: {}
-        attributes:
-          type: object
-          properties:
-            services:
-              type: array
-              items:
-                type: string
-            regions:
-              type: array
-              items:
-                type: string
-          required:
-          - services
-          - regions
-    FindingDynamicFilterResponse:
-      type: object
-      properties:
-        data:
-          $ref: '#/components/schemas/FindingDynamicFilter'
-      required:
-      - data
-    FindingDynamicFilterTypeEnum:
-      type: string
-      enum:
-      - finding-dynamic-filters
-    FindingMetadata:
-      type: object
-      required:
-      - type
-      - id
-      additionalProperties: false
-      properties:
-        type:
-          allOf:
-          - $ref: '#/components/schemas/FindingMetadataTypeEnum'
-          description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
-            member is used to describe resource objects that share common attributes
-            and relationships.
-        id: {}
-        attributes:
-          type: object
-          properties:
-            services:
-              type: array
-              items:
-                type: string
-            regions:
-              type: array
-              items:
-                type: string
-            resource_types:
-              type: array
-              items:
-                type: string
-            tags:
-              description: Tags are described as key-value pairs.
-          required:
-          - services
-          - regions
-          - resource_types
-          - tags
-    FindingMetadataResponse:
-      type: object
-      properties:
-        data:
-          $ref: '#/components/schemas/FindingMetadata'
-      required:
-      - data
-    FindingMetadataTypeEnum:
-      type: string
-      enum:
-      - findings-metadata
    FindingResponse:
      type: object
      properties:
@@ -6542,6 +5902,8 @@ components:
              - data
              description: A related resource object from type roles
              title: roles
+          required:
+          - roles
    InvitationUpdateResponse:
      type: object
      properties:
@@ -6553,6 +5915,7 @@ components:
      type: object
      required:
      - type
+      - id
      additionalProperties: false
      properties:
        type:
@@ -6561,6 +5924,9 @@ components:
          description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
            member is used to describe resource objects that share common attributes
            and relationships.
+        id:
+          type: string
+          format: uuid
        attributes:
          type: object
          properties:
@@ -7071,6 +6437,8 @@ components:
                  - data
                  description: A related resource object from type roles
                  title: roles
+              required:
+              - roles
      required:
      - data
    PatchedProviderGroupMembershipRequest:
@@ -7482,8 +6850,12 @@ components:
                  type: boolean
                manage_account:
                  type: boolean
+                manage_billing:
+                  type: boolean
                manage_providers:
                  type: boolean
+                manage_integrations:
+                  type: boolean
                manage_scans:
                  type: boolean
                permission_state:
@@ -7759,6 +7131,37 @@ components:
              required:
              - name
              - email
+            relationships:
+              type: object
+              properties:
+                roles:
+                  type: object
+                  properties:
+                    data:
+                      type: array
+                      items:
+                        type: object
+                        properties:
+                          id:
+                            type: string
+                            format: uuid
+                            title: Resource Identifier
+                            description: The identifier of the related object.
+                          type:
+                            type: string
+                            enum:
+                            - roles
+                            title: Resource Type Name
+                            description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
+                              member is used to describe resource objects that share
+                              common attributes and relationships.
+                        required:
+                        - id
+                        - type
+                  required:
+                  - data
+                  description: A related resource object from type roles
+                  title: roles
      required:
      - data
    Provider:
@@ -9134,8 +8537,12 @@ components:
              type: boolean
            manage_account:
              type: boolean
+            manage_billing:
+              type: boolean
            manage_providers:
              type: boolean
+            manage_integrations:
+              type: boolean
            manage_scans:
              type: boolean
            permission_state:
@@ -9263,8 +8670,12 @@ components:
              type: boolean
            manage_account:
              type: boolean
+            manage_billing:
+              type: boolean
            manage_providers:
              type: boolean
+            manage_integrations:
+              type: boolean
            manage_scans:
              type: boolean
            permission_state:
@@ -9397,8 +8808,12 @@ components:
                  type: boolean
                manage_account:
                  type: boolean
+                manage_billing:
+                  type: boolean
                manage_providers:
                  type: boolean
+                manage_integrations:
+                  type: boolean
                manage_scans:
                  type: boolean
                permission_state:
@@ -10462,6 +9877,37 @@ components:
          required:
          - name
          - email
+        relationships:
+          type: object
+          properties:
+            roles:
+              type: object
+              properties:
+                data:
+                  type: array
+                  items:
+                    type: object
+                    properties:
+                      id:
+                        type: string
+                        format: uuid
+                        title: Resource Identifier
+                        description: The identifier of the related object.
+                      type:
+                        type: string
+                        enum:
+                        - roles
+                        title: Resource Type Name
+                        description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
+                          member is used to describe resource objects that share common
+                          attributes and relationships.
+                    required:
+                    - id
+                    - type
+              required:
+              - data
+              description: A related resource object from type roles
+              title: roles
    UserUpdateResponse:
      type: object
      properties:
@@ -1,8 +1,9 @@
 import pytest
-from conftest import TEST_PASSWORD, get_api_tokens, get_authorization_header
 from django.urls import reverse
 from rest_framework.test import APIClient

+from conftest import TEST_PASSWORD, get_api_tokens, get_authorization_header
+

@pytest.mark.django_db
 def test_basic_authentication():
@@ -95,85 +96,3 @@ def test_refresh_token(create_test_user, tenants_fixture):
        format="vnd.api+json",
    )
    assert new_refresh_response.status_code == 200
-
-
-@pytest.mark.django_db
-def test_user_me_when_inviting_users(create_test_user, tenants_fixture, roles_fixture):
-    client = APIClient()
-
-    role = roles_fixture[0]
-
-    user1_email = "user1@testing.com"
-    user2_email = "user2@testing.com"
-
-    password = "thisisapassword123"
-
-    user1_response = client.post(
-        reverse("user-list"),
-        data={
-            "data": {
-                "type": "users",
-                "attributes": {
-                    "name": "user1",
-                    "email": user1_email,
-                    "password": password,
-                },
-            }
-        },
-        format="vnd.api+json",
-    )
-    assert user1_response.status_code == 201
-
-    user1_access_token, _ = get_api_tokens(client, user1_email, password)
-    user1_headers = get_authorization_header(user1_access_token)
-
-    user2_invitation = client.post(
-        reverse("invitation-list"),
-        data={
-            "data": {
-                "type": "invitations",
-                "attributes": {"email": user2_email},
-                "relationships": {
-                    "roles": {
-                        "data": [
-                            {
-                                "type": "roles",
-                                "id": str(role.id),
-                            }
-                        ]
-                    }
-                },
-            }
-        },
-        format="vnd.api+json",
-        headers=user1_headers,
-    )
-    assert user2_invitation.status_code == 201
-    invitation_token = user2_invitation.json()["data"]["attributes"]["token"]
-
-    user2_response = client.post(
-        reverse("user-list") + f"?invitation_token={invitation_token}",
-        data={
-            "data": {
-                "type": "users",
-                "attributes": {
-                    "name": "user2",
-                    "email": user2_email,
-                    "password": password,
-                },
-            }
-        },
-        format="vnd.api+json",
-    )
-    assert user2_response.status_code == 201
-
-    user2_access_token, _ = get_api_tokens(client, user2_email, password)
-    user2_headers = get_authorization_header(user2_access_token)
-
-    user1_me = client.get(reverse("user-me"), headers=user1_headers)
-    assert user1_me.status_code == 200
-    assert user1_me.json()["data"]["attributes"]["email"] == user1_email
-
-    user2_me = client.get(reverse("user-me"), headers=user2_headers)
-    assert user2_me.status_code == 200
-    assert user2_me.json()["data"]["attributes"]["email"] == user2_email
@@ -1,85 +0,0 @@
-from unittest.mock import Mock, patch
-
-import pytest
-from conftest import get_api_tokens, get_authorization_header
-from django.urls import reverse
-from rest_framework.test import APIClient
-
-from api.models import Provider
-
-
-@patch("api.v1.views.Task.objects.get")
-@patch("api.v1.views.delete_provider_task.delay")
-@pytest.mark.django_db
-def test_delete_provider_without_executing_task(
-    mock_delete_task, mock_task_get, create_test_user, tenants_fixture, tasks_fixture
-):
-    client = APIClient()
-
-    test_user = "test_email@prowler.com"
-    test_password = "test_password"
-
-    prowler_task = tasks_fixture[0]
-    task_mock = Mock()
-    task_mock.id = prowler_task.id
-    mock_delete_task.return_value = task_mock
-    mock_task_get.return_value = prowler_task
-
-    user_creation_response = client.post(
-        reverse("user-list"),
-        data={
-            "data": {
-                "type": "users",
-                "attributes": {
-                    "name": "test",
-                    "email": test_user,
-                    "password": test_password,
-                },
-            }
-        },
-        format="vnd.api+json",
-    )
-    assert user_creation_response.status_code == 201
-
-    access_token, _ = get_api_tokens(client, test_user, test_password)
-    auth_headers = get_authorization_header(access_token)
-
-    create_provider_response = client.post(
-        reverse("provider-list"),
-        data={
-            "data": {
-                "type": "providers",
-                "attributes": {
-                    "provider": Provider.ProviderChoices.AWS,
-                    "uid": "123456789012",
-                },
-            }
-        },
-        format="vnd.api+json",
-        headers=auth_headers,
-    )
-    assert create_provider_response.status_code == 201
-    provider_id = create_provider_response.json()["data"]["id"]
-    provider_uid = create_provider_response.json()["data"]["attributes"]["uid"]
-
-    remove_provider = client.delete(
-        reverse("provider-detail", kwargs={"pk": provider_id}),
-        headers=auth_headers,
-    )
-    assert remove_provider.status_code == 202
-
-    recreate_provider_response = client.post(
-        reverse("provider-list"),
-        data={
-            "data": {
-                "type": "providers",
-                "attributes": {
-                    "provider": Provider.ProviderChoices.AWS,
-                    "uid": provider_uid,
-                },
-            }
-        },
-        format="vnd.api+json",
-        headers=auth_headers,
-    )
-    assert recreate_provider_response.status_code == 201
@@ -2,15 +2,7 @@ from datetime import datetime, timezone
 from enum import Enum
 from unittest.mock import patch

-import pytest
-
-from api.db_utils import (
-    batch_delete,
-    enum_to_choices,
-    generate_random_token,
-    one_week_from_now,
-)
-from api.models import Provider
+from api.db_utils import enum_to_choices, one_week_from_now, generate_random_token


 class TestEnumToChoices:
@@ -114,26 +106,3 @@ class TestGenerateRandomToken:
        token = generate_random_token(length=5, symbols="")
        # Default symbols
        assert len(token) == 5
-
-
-class TestBatchDelete:
-    @pytest.fixture
-    def create_test_providers(self, tenants_fixture):
-        tenant = tenants_fixture[0]
-        provider_id = 123456789012
-        provider_count = 10
-        for i in range(provider_count):
-            Provider.objects.create(
-                tenant=tenant,
-                uid=f"{provider_id + i}",
-                provider=Provider.ProviderChoices.AWS,
-            )
-        return provider_count
-
-    @pytest.mark.django_db
-    def test_batch_delete(self, create_test_providers):
-        _, summary = batch_delete(
-            Provider.objects.all(), batch_size=create_test_providers // 2
-        )
-        assert Provider.objects.all().count() == 0
-        assert summary == {"api.Provider": create_test_providers}
@@ -7,10 +7,9 @@ from api.models import Resource, ResourceTag
 class TestResourceModel:
    def test_setting_tags(self, providers_fixture):
        provider, *_ = providers_fixture
-        tenant_id = provider.tenant_id

        resource = Resource.objects.create(
-            tenant_id=tenant_id,
+            tenant_id=provider.tenant_id,
            provider=provider,
            uid="arn:aws:ec2:us-east-1:123456789012:instance/i-1234567890abcdef0",
            name="My Instance 1",
@@ -21,12 +20,12 @@ class TestResourceModel:

        tags = [
            ResourceTag.objects.create(
-                tenant_id=tenant_id,
+                tenant_id=provider.tenant_id,
                key="key",
                value="value",
            ),
            ResourceTag.objects.create(
-                tenant_id=tenant_id,
+                tenant_id=provider.tenant_id,
                key="key2",
                value="value2",
            ),
@@ -34,9 +33,9 @@ class TestResourceModel:

        resource.upsert_or_delete_tags(tags)

-        assert len(tags) == len(resource.tags.filter(tenant_id=tenant_id))
+        assert len(tags) == len(resource.tags.all())

-        tags_dict = resource.get_tags(tenant_id=tenant_id)
+        tags_dict = resource.get_tags()

        for tag in tags:
            assert tag.key in tags_dict
@@ -44,51 +43,47 @@ class TestResourceModel:

    def test_adding_tags(self, resources_fixture):
        resource, *_ = resources_fixture
-        tenant_id = str(resource.tenant_id)

        tags = [
            ResourceTag.objects.create(
-                tenant_id=tenant_id,
+                tenant_id=resource.tenant_id,
                key="env",
                value="test",
            ),
        ]
-        before_count = len(resource.tags.filter(tenant_id=tenant_id))
+        before_count = len(resource.tags.all())

        resource.upsert_or_delete_tags(tags)

-        assert before_count + 1 == len(resource.tags.filter(tenant_id=tenant_id))
+        assert before_count + 1 == len(resource.tags.all())

-        tags_dict = resource.get_tags(tenant_id=tenant_id)
+        tags_dict = resource.get_tags()

        assert "env" in tags_dict
        assert tags_dict["env"] == "test"

    def test_adding_duplicate_tags(self, resources_fixture):
        resource, *_ = resources_fixture
-        tenant_id = str(resource.tenant_id)

-        tags = resource.tags.filter(tenant_id=tenant_id)
+        tags = resource.tags.all()

-        before_count = len(resource.tags.filter(tenant_id=tenant_id))
+        before_count = len(resource.tags.all())

        resource.upsert_or_delete_tags(tags)

        # should be the same number of tags
-        assert before_count == len(resource.tags.filter(tenant_id=tenant_id))
+        assert before_count == len(resource.tags.all())

    def test_add_tags_none(self, resources_fixture):
        resource, *_ = resources_fixture
-        tenant_id = str(resource.tenant_id)
        resource.upsert_or_delete_tags(None)

-        assert len(resource.tags.filter(tenant_id=tenant_id)) == 0
-        assert resource.get_tags(tenant_id=tenant_id) == {}
+        assert len(resource.tags.all()) == 0
+        assert resource.get_tags() == {}

    def test_clear_tags(self, resources_fixture):
        resource, *_ = resources_fixture
-        tenant_id = str(resource.tenant_id)
        resource.clear_tags()

-        assert len(resource.tags.filter(tenant_id=tenant_id)) == 0
-        assert resource.get_tags(tenant_id=tenant_id) == {}
+        assert len(resource.tags.all()) == 0
+        assert resource.get_tags() == {}
@@ -261,16 +261,6 @@ class TestUserViewSet:
        assert response.status_code == status.HTTP_204_NO_CONTENT
        assert not User.objects.filter(id=create_test_user.id).exists()

-    def test_users_destroy_other_user(
-        self, authenticated_client, create_test_user, users_fixture
-    ):
-        user = users_fixture[2]
-        response = authenticated_client.delete(
-            reverse("user-detail", kwargs={"pk": str(user.id)})
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
-        assert User.objects.filter(id=create_test_user.id).exists()
-
    def test_users_destroy_invalid_user(self, authenticated_client, create_test_user):
        another_user = User.objects.create_user(
            password="otherpassword", email="other@example.com"
@@ -278,7 +268,7 @@ class TestUserViewSet:
        response = authenticated_client.delete(
            reverse("user-detail", kwargs={"pk": another_user.id})
        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
+        assert response.status_code == status.HTTP_404_NOT_FOUND
        assert User.objects.filter(id=another_user.id).exists()

    @pytest.mark.parametrize(
@@ -350,7 +340,7 @@ class TestTenantViewSet:
    def test_tenants_list(self, authenticated_client, tenants_fixture):
        response = authenticated_client.get(reverse("tenant-list"))
        assert response.status_code == status.HTTP_200_OK
-        assert len(response.json()["data"]) == 2  # Test user belongs to 2 tenants
+        assert len(response.json()["data"]) == len(tenants_fixture)

    def test_tenants_retrieve(self, authenticated_client, tenants_fixture):
        tenant1, *_ = tenants_fixture
@@ -480,11 +470,11 @@ class TestTenantViewSet:
        (
            [
                ("name", "Tenant One", 1),
-                ("name.icontains", "Tenant", 2),
-                ("inserted_at", TODAY, 2),
-                ("inserted_at.gte", "2024-01-01", 2),
+                ("name.icontains", "Tenant", 3),
+                ("inserted_at", TODAY, 3),
+                ("inserted_at.gte", "2024-01-01", 3),
                ("inserted_at.lte", "2024-01-01", 0),
-                ("updated_at.gte", "2024-01-01", 2),
+                ("updated_at.gte", "2024-01-01", 3),
                ("updated_at.lte", "2024-01-01", 0),
            ]
        ),
@@ -520,9 +510,7 @@ class TestTenantViewSet:
        assert response.status_code == status.HTTP_200_OK
        assert len(response.json()["data"]) == page_size
        assert response.json()["meta"]["pagination"]["page"] == 1
-        assert (
-            response.json()["meta"]["pagination"]["pages"] == 2
-        )  # Test user belongs to 2 tenants
+        assert response.json()["meta"]["pagination"]["pages"] == len(tenants_fixture)

    def test_tenants_list_page_number(self, authenticated_client, tenants_fixture):
        page_size = 1
@@ -535,13 +523,13 @@ class TestTenantViewSet:
        assert response.status_code == status.HTTP_200_OK
        assert len(response.json()["data"]) == page_size
        assert response.json()["meta"]["pagination"]["page"] == page_number
-        assert response.json()["meta"]["pagination"]["pages"] == 2
+        assert response.json()["meta"]["pagination"]["pages"] == len(tenants_fixture)

    def test_tenants_list_sort_name(self, authenticated_client, tenants_fixture):
        _, tenant2, _ = tenants_fixture
        response = authenticated_client.get(reverse("tenant-list"), {"sort": "-name"})
        assert response.status_code == status.HTTP_200_OK
-        assert len(response.json()["data"]) == 2
+        assert len(response.json()["data"]) == 3
        assert response.json()["data"][0]["attributes"]["name"] == tenant2.name

    def test_tenants_list_memberships_as_owner(
@@ -1459,8 +1447,12 @@ class TestProviderGroupViewSet:
                "id": str(group.id),
                "type": "provider-groups",
                "relationships": {
-                    "providers": {"data": []},  # Removing all providers
-                    "roles": {"data": []},  # Removing all roles
+                    "providers": {
+                        "data": []  # Removing all providers
+                    },
+                    "roles": {
+                        "data": []  # Removing all roles
+                    },
                },
            }
        }
@@ -2351,10 +2343,7 @@ class TestResourceViewSet:
            response.json()["errors"][0]["detail"] == "invalid sort parameter: invalid"
        )

-    def test_resources_retrieve(
-        self, authenticated_client, tenants_fixture, resources_fixture
-    ):
-        tenant = tenants_fixture[0]
+    def test_resources_retrieve(self, authenticated_client, resources_fixture):
        resource_1, *_ = resources_fixture
        response = authenticated_client.get(
            reverse("resource-detail", kwargs={"pk": resource_1.id}),
@@ -2365,9 +2354,7 @@ class TestResourceViewSet:
        assert response.json()["data"]["attributes"]["region"] == resource_1.region
        assert response.json()["data"]["attributes"]["service"] == resource_1.service
        assert response.json()["data"]["attributes"]["type"] == resource_1.type
-        assert response.json()["data"]["attributes"]["tags"] == resource_1.get_tags(
-            tenant_id=str(tenant.id)
-        )
+        assert response.json()["data"]["attributes"]["tags"] == resource_1.get_tags()

    def test_resources_invalid_retrieve(self, authenticated_client):
        response = authenticated_client.get(
@@ -2440,11 +2427,7 @@ class TestFindingViewSet:
                ("inserted_at", "2024-01-01", 0),
                ("inserted_at.date", "2024-01-01", 0),
                ("inserted_at.gte", "2024-01-01", 2),
-                (
-                    "inserted_at.lte",
-                    "2028-12-31",
-                    2,
-                ),  # TODO: To avoid having to modify this value and to ensure that the tests always work, we should set the time before the fixtures are inserted
+                ("inserted_at.lte", "2024-12-31", 2),
                ("updated_at.lte", "2024-01-01", 0),
                ("resource_type.icontains", "prowler", 2),
                # full text search on finding
@@ -2454,15 +2437,6 @@ class TestFindingViewSet:
                ("search", "ec2", 2),
                # full text search on finding tags
                ("search", "value2", 2),
-                ("resource_tag_key", "key", 2),
-                ("resource_tag_key__in", "key,key2", 2),
-                ("resource_tag_key__icontains", "key", 2),
-                ("resource_tag_value", "value", 2),
-                ("resource_tag_value__in", "value,value2", 2),
-                ("resource_tag_value__icontains", "value", 2),
-                ("resource_tags", "key:value", 2),
-                ("resource_tags", "not:exists", 0),
-                ("resource_tags", "not:exists,key:value", 2),
            ]
        ),
    )
@@ -2601,34 +2575,30 @@ class TestFindingViewSet:
        )
        assert response.status_code == status.HTTP_404_NOT_FOUND

-    def test_findings_metadata_retrieve(self, authenticated_client, findings_fixture):
+    def test_findings_services_regions_retrieve(
+        self, authenticated_client, findings_fixture
+    ):
        finding_1, *_ = findings_fixture
        response = authenticated_client.get(
-            reverse("finding-metadata"),
+            reverse("finding-findings_services_regions"),
            {"filter[inserted_at]": finding_1.updated_at.strftime("%Y-%m-%d")},
        )
        data = response.json()

        expected_services = {"ec2", "s3"}
        expected_regions = {"eu-west-1", "us-east-1"}
-        expected_tags = {"key": ["value"], "key2": ["value2"]}
-        expected_resource_types = {"prowler-test"}

-        assert data["data"]["type"] == "findings-metadata"
+        assert data["data"]["type"] == "finding-dynamic-filters"
        assert data["data"]["id"] is None
        assert set(data["data"]["attributes"]["services"]) == expected_services
        assert set(data["data"]["attributes"]["regions"]) == expected_regions
-        assert (
-            set(data["data"]["attributes"]["resource_types"]) == expected_resource_types
-        )
-        assert data["data"]["attributes"]["tags"] == expected_tags

-    def test_findings_metadata_severity_retrieve(
+    def test_findings_services_regions_severity_retrieve(
        self, authenticated_client, findings_fixture
    ):
        finding_1, *_ = findings_fixture
        response = authenticated_client.get(
-            reverse("finding-metadata"),
+            reverse("finding-findings_services_regions"),
            {
                "filter[severity__in]": ["low", "medium"],
                "filter[inserted_at]": finding_1.updated_at.strftime("%Y-%m-%d"),
@@ -2638,34 +2608,26 @@ class TestFindingViewSet:

        expected_services = {"s3"}
        expected_regions = {"eu-west-1"}
-        expected_tags = {"key": ["value"], "key2": ["value2"]}
-        expected_resource_types = {"prowler-test"}

-        assert data["data"]["type"] == "findings-metadata"
+        assert data["data"]["type"] == "finding-dynamic-filters"
        assert data["data"]["id"] is None
        assert set(data["data"]["attributes"]["services"]) == expected_services
        assert set(data["data"]["attributes"]["regions"]) == expected_regions
-        assert (
-            set(data["data"]["attributes"]["resource_types"]) == expected_resource_types
-        )
-        assert data["data"]["attributes"]["tags"] == expected_tags

-    def test_findings_metadata_future_date(self, authenticated_client):
+    def test_findings_services_regions_future_date(self, authenticated_client):
        response = authenticated_client.get(
-            reverse("finding-metadata"),
+            reverse("finding-findings_services_regions"),
            {"filter[inserted_at]": "2048-01-01"},
        )
        data = response.json()
-        assert data["data"]["type"] == "findings-metadata"
+        assert data["data"]["type"] == "finding-dynamic-filters"
        assert data["data"]["id"] is None
        assert data["data"]["attributes"]["services"] == []
        assert data["data"]["attributes"]["regions"] == []
-        assert data["data"]["attributes"]["tags"] == {}
-        assert data["data"]["attributes"]["resource_types"] == []

-    def test_findings_metadata_invalid_date(self, authenticated_client):
+    def test_findings_services_regions_invalid_date(self, authenticated_client):
        response = authenticated_client.get(
-            reverse("finding-metadata"),
+            reverse("finding-findings_services_regions"),
            {"filter[inserted_at]": "2048-01-011"},
        )
        assert response.json() == {
@@ -2872,10 +2834,9 @@ class TestInvitationViewSet:
        )

    def test_invitations_partial_update_valid(
-        self, authenticated_client, invitations_fixture, roles_fixture
+        self, authenticated_client, invitations_fixture
    ):
        invitation, *_ = invitations_fixture
-        role1, role2, *_ = roles_fixture
        new_email = "new_email@prowler.com"
        new_expires_at = datetime.now(timezone.utc) + timedelta(days=7)
        new_expires_at_iso = new_expires_at.isoformat()
@@ -2887,14 +2848,6 @@ class TestInvitationViewSet:
                    "email": new_email,
                    "expires_at": new_expires_at_iso,
                },
-                "relationships": {
-                    "roles": {
-                        "data": [
-                            {"type": "roles", "id": str(role1.id)},
-                            {"type": "roles", "id": str(role2.id)},
-                        ]
-                    },
-                },
            }
        }
        assert invitation.email != new_email
@@ -2913,7 +2866,6 @@ class TestInvitationViewSet:

        assert invitation.email == new_email
        assert invitation.expires_at == new_expires_at
-        assert invitation.roles.count() == 2

    @pytest.mark.parametrize(
        "email",
@@ -3299,8 +3251,8 @@ class TestRoleViewSet:
        response = authenticated_client.get(reverse("role-list"))
        assert response.status_code == status.HTTP_200_OK
        assert (
-            len(response.json()["data"]) == len(roles_fixture) + 1
-        )  # 1 default admin role
+            len(response.json()["data"]) == len(roles_fixture) + 2
+        )  # 2 default admin roles, one for each tenant

    def test_role_retrieve(self, authenticated_client, roles_fixture):
        role = roles_fixture[0]
@@ -3338,7 +3290,9 @@ class TestRoleViewSet:
                    "name": "Test Role",
                    "manage_users": "false",
                    "manage_account": "false",
+                    "manage_billing": "false",
                    "manage_providers": "true",
+                    "manage_integrations": "true",
                    "manage_scans": "true",
                    "unlimited_visibility": "true",
                },
@@ -3365,7 +3319,9 @@ class TestRoleViewSet:
                    "name": "Test Role",
                    "manage_users": "false",
                    "manage_account": "false",
+                    "manage_billing": "false",
                    "manage_providers": "true",
+                    "manage_integrations": "true",
                    "manage_scans": "true",
                    "unlimited_visibility": "true",
                },
@@ -3413,26 +3369,6 @@ class TestRoleViewSet:
        errors = response.json()["errors"]
        assert errors[0]["source"]["pointer"] == "/data/attributes/name"

-    def test_admin_role_partial_update(self, authenticated_client, admin_role_fixture):
-        role = admin_role_fixture
-        data = {
-            "data": {
-                "id": str(role.id),
-                "type": "roles",
-                "attributes": {
-                    "name": "Updated Role",
-                },
-            }
-        }
-        response = authenticated_client.patch(
-            reverse("role-detail", kwargs={"pk": role.id}),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
-        role.refresh_from_db()
-        assert role.name != "Updated Role"
-
    def test_role_partial_update(self, authenticated_client, roles_fixture):
        role = roles_fixture[1]
        data = {
@@ -3440,7 +3376,7 @@ class TestRoleViewSet:
                "id": str(role.id),
                "type": "roles",
                "attributes": {
-                    "name": "Updated Role",
+                    "name": "Updated Provider Group Name",
                },
            }
        }
@@ -3451,7 +3387,7 @@ class TestRoleViewSet:
        )
        assert response.status_code == status.HTTP_200_OK
        role.refresh_from_db()
-        assert role.name == "Updated Role"
+        assert role.name == "Updated Provider Group Name"

    def test_role_partial_update_invalid(self, authenticated_client, roles_fixture):
        role = roles_fixture[2]
@@ -3473,14 +3409,6 @@ class TestRoleViewSet:
        errors = response.json()["errors"]
        assert errors[0]["source"]["pointer"] == "/data/attributes/name"

-    def test_role_destroy_admin(self, authenticated_client, admin_role_fixture):
-        role = admin_role_fixture
-        response = authenticated_client.delete(
-            reverse("role-detail", kwargs={"pk": role.id})
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
-        assert Role.objects.filter(id=role.id).exists()
-
    def test_role_destroy(self, authenticated_client, roles_fixture):
        role = roles_fixture[2]
        response = authenticated_client.delete(
@@ -3539,7 +3467,9 @@ class TestRoleViewSet:
                    "name": "Role with Users and PGs",
                    "manage_users": "true",
                    "manage_account": "false",
+                    "manage_billing": "true",
                    "manage_providers": "true",
+                    "manage_integrations": "false",
                    "manage_scans": "false",
                    "unlimited_visibility": "false",
                },
@@ -3624,8 +3554,12 @@ class TestRoleViewSet:
                "id": str(role.id),
                "type": "roles",
                "relationships": {
-                    "users": {"data": []},  # Clearing all users
-                    "provider_groups": {"data": []},  # Clearing all provider groups
+                    "users": {
+                        "data": []  # Clearing all users
+                    },
+                    "provider_groups": {
+                        "data": []  # Clearing all provider groups
+                    },
                },
            }
        }
@@ -3653,7 +3587,9 @@ class TestRoleViewSet:
                    "name": "Invalid Users Role",
                    "manage_users": "false",
                    "manage_account": "false",
+                    "manage_billing": "false",
                    "manage_providers": "true",
+                    "manage_integrations": "true",
                    "manage_scans": "true",
                    "unlimited_visibility": "true",
                },
@@ -235,10 +235,13 @@ class UserCreateSerializer(BaseWriteSerializer):

 class UserUpdateSerializer(BaseWriteSerializer):
    password = serializers.CharField(write_only=True, required=False)
+    roles = serializers.ResourceRelatedField(
+        queryset=Role.objects.all(), many=True, required=False
+    )

    class Meta:
        model = User
-        fields = ["id", "name", "password", "email", "company_name"]
+        fields = ["id", "name", "password", "email", "company_name", "roles"]
        extra_kwargs = {
            "id": {"read_only": True},
        }
@@ -503,6 +506,7 @@ class ProviderGroupCreateSerializer(ProviderGroupSerializer):
            "updated_at",
            "providers",
            "roles",
+            "url",
        ]

    def create(self, validated_data):
@@ -874,7 +878,7 @@ class ResourceSerializer(RLSSerializer):
        }
    )
    def get_tags(self, obj):
-        return obj.get_tags(self.context.get("tenant_id"))
+        return obj.get_tags()

    def get_fields(self):
        """`type` is a Python reserved keyword."""
@@ -917,7 +921,6 @@ class FindingSerializer(RLSSerializer):
    }


-# To be removed when the related endpoint is removed as well
 class FindingDynamicFilterSerializer(serializers.Serializer):
    services = serializers.ListField(child=serializers.CharField(), allow_empty=True)
    regions = serializers.ListField(child=serializers.CharField(), allow_empty=True)
@@ -926,18 +929,6 @@ class FindingDynamicFilterSerializer(serializers.Serializer):
        resource_name = "finding-dynamic-filters"


-class FindingMetadataSerializer(serializers.Serializer):
-    services = serializers.ListField(child=serializers.CharField(), allow_empty=True)
-    regions = serializers.ListField(child=serializers.CharField(), allow_empty=True)
-    resource_types = serializers.ListField(
-        child=serializers.CharField(), allow_empty=True
-    )
-    tags = serializers.JSONField(help_text="Tags are described as key-value pairs.")
-
-    class Meta:
-        resource_name = "findings-metadata"
-
-
 # Provider secrets
 class BaseWriteProviderSecretSerializer(BaseWriteSerializer):
    @staticmethod
@@ -1246,12 +1237,6 @@ class InvitationSerializer(RLSSerializer):

    roles = serializers.ResourceRelatedField(many=True, queryset=Role.objects.all())

-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        tenant_id = self.context.get("tenant_id")
-        if tenant_id is not None:
-            self.fields["roles"].queryset = Role.objects.filter(tenant_id=tenant_id)
-
    class Meta:
        model = Invitation
        fields = [
@@ -1271,12 +1256,6 @@ class InvitationSerializer(RLSSerializer):
 class InvitationBaseWriteSerializer(BaseWriteSerializer):
    roles = serializers.ResourceRelatedField(many=True, queryset=Role.objects.all())

-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        tenant_id = self.context.get("tenant_id")
-        if tenant_id is not None:
-            self.fields["roles"].queryset = Role.objects.filter(tenant_id=tenant_id)
-
    def validate_email(self, value):
        user = User.objects.filter(email=value).first()
        tenant_id = self.context["tenant_id"]
@@ -1337,10 +1316,6 @@ class InvitationCreateSerializer(InvitationBaseWriteSerializer, RLSSerializer):


 class InvitationUpdateSerializer(InvitationBaseWriteSerializer):
-    roles = serializers.ResourceRelatedField(
-        required=False, many=True, queryset=Role.objects.all()
-    )
-
    class Meta:
        model = Invitation
        fields = ["id", "email", "expires_at", "state", "token", "roles"]
@@ -1354,18 +1329,14 @@ class InvitationUpdateSerializer(InvitationBaseWriteSerializer):

    def update(self, instance, validated_data):
        tenant_id = self.context.get("tenant_id")
+        invitation = super().update(instance, validated_data)
        if "roles" in validated_data:
            roles = validated_data.pop("roles")
            instance.roles.clear()
-            new_relationships = [
-                InvitationRoleRelationship(
-                    role=r, invitation=instance, tenant_id=tenant_id
+            for role in roles:
+                InvitationRoleRelationship.objects.create(
+                    role=role, invitation=invitation, tenant_id=tenant_id
                )
-                for r in roles
-            ]
-            InvitationRoleRelationship.objects.bulk_create(new_relationships)
-
-        invitation = super().update(instance, validated_data)

        return invitation

@@ -1392,17 +1363,6 @@ class RoleSerializer(RLSSerializer, BaseWriteSerializer):
        queryset=ProviderGroup.objects.all(), many=True, required=False
    )

-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        tenant_id = self.context.get("tenant_id")
-        if tenant_id is not None:
-            self.fields["users"].queryset = User.objects.filter(
-                membership__tenant__id=tenant_id
-            )
-            self.fields["provider_groups"].queryset = ProviderGroup.objects.filter(
-                tenant_id=self.context.get("tenant_id")
-            )
-
    def get_permission_state(self, obj) -> str:
        return obj.permission_state

@@ -1430,11 +1390,9 @@ class RoleSerializer(RLSSerializer, BaseWriteSerializer):
            "name",
            "manage_users",
            "manage_account",
-            # Disable for the first release
-            # "manage_billing",
-            # "manage_integrations",
-            # /Disable for the first release
+            "manage_billing",
            "manage_providers",
+            "manage_integrations",
            "manage_scans",
            "permission_state",
            "unlimited_visibility",
@@ -4,7 +4,6 @@ from django.contrib.postgres.aggregates import ArrayAgg
 from django.contrib.postgres.search import SearchQuery
 from django.db import transaction
 from django.db.models import Count, F, OuterRef, Prefetch, Q, Subquery, Sum
-from django.db.models.functions import JSONObject
 from django.urls import reverse
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import cache_control
@@ -88,7 +87,6 @@ from api.v1.serializers import (
    ComplianceOverviewFullSerializer,
    ComplianceOverviewSerializer,
    FindingDynamicFilterSerializer,
-    FindingMetadataSerializer,
    FindingSerializer,
    InvitationAcceptSerializer,
    InvitationCreateSerializer,
@@ -100,9 +98,9 @@ from api.v1.serializers import (
    OverviewServiceSerializer,
    OverviewSeveritySerializer,
    ProviderCreateSerializer,
-    ProviderGroupCreateSerializer,
    ProviderGroupMembershipSerializer,
    ProviderGroupSerializer,
+    ProviderGroupCreateSerializer,
    ProviderGroupUpdateSerializer,
    ProviderSecretCreateSerializer,
    ProviderSecretSerializer,
@@ -194,7 +192,7 @@ class SchemaView(SpectacularAPIView):

    def get(self, request, *args, **kwargs):
        spectacular_settings.TITLE = "Prowler API"
-        spectacular_settings.VERSION = "1.2.0"
+        spectacular_settings.VERSION = "1.1.0"
        spectacular_settings.DESCRIPTION = (
            "Prowler API specification.\n\nThis file is auto-generated."
        )
@@ -277,8 +275,8 @@ class SchemaView(SpectacularAPIView):
    ),
    destroy=extend_schema(
        tags=["User"],
-        summary="Delete the user account",
-        description="Remove the current user account from the system.",
+        summary="Delete a user account",
+        description="Remove a user account from the system.",
    ),
    me=extend_schema(
        tags=["User"],
@@ -311,12 +309,7 @@ class UserViewSet(BaseUserViewset):
        # If called during schema generation, return an empty queryset
        if getattr(self, "swagger_fake_view", False):
            return User.objects.none()
-        queryset = (
-            User.objects.filter(membership__tenant__id=self.request.tenant_id)
-            if hasattr(self.request, "tenant_id")
-            else User.objects.all()
-        )
-        return queryset.prefetch_related("memberships", "roles")
+        return User.objects.filter(membership__tenant__id=self.request.tenant_id)

    def get_permissions(self):
        if self.action == "create":
@@ -335,19 +328,13 @@ class UserViewSet(BaseUserViewset):

    @action(detail=False, methods=["get"], url_name="me")
    def me(self, request):
-        user = self.request.user
+        user = self.get_queryset().first()
        serializer = UserSerializer(user, context=self.get_serializer_context())
        return Response(
            data=serializer.data,
            status=status.HTTP_200_OK,
        )

-    def destroy(self, request, *args, **kwargs):
-        if kwargs["pk"] != str(self.request.user.id):
-            raise ValidationError("Only the current user can be deleted.")
-
-        return super().destroy(request, *args, **kwargs)
-
    @extend_schema(
        parameters=[
            OpenApiParameter(
@@ -465,7 +452,7 @@ class UserRoleRelationshipView(RelationshipView, BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_USERS]

    def get_queryset(self):
-        return User.objects.filter(membership__tenant__id=self.request.tenant_id)
+        return User.objects.all()

    def create(self, request, *args, **kwargs):
        user = self.get_object()
@@ -553,8 +540,7 @@ class TenantViewSet(BaseTenantViewset):
    required_permissions = [Permissions.MANAGE_ACCOUNT]

    def get_queryset(self):
-        queryset = Tenant.objects.filter(membership__user=self.request.user)
-        return queryset.prefetch_related("memberships")
+        return Tenant.objects.all()

    def create(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
@@ -614,8 +600,7 @@ class MembershipViewSet(BaseTenantViewset):

    def get_queryset(self):
        user = self.request.user
-        queryset = Membership.objects.filter(user_id=user.id)
-        return queryset.select_related("user", "tenant")
+        return Membership.objects.filter(user_id=user.id)


@extend_schema_view(
@@ -751,10 +736,10 @@ class ProviderGroupViewSet(BaseRLSViewSet):
        # Check if any of the user's roles have UNLIMITED_VISIBILITY
        if user_roles.unlimited_visibility:
            # User has unlimited visibility, return all provider groups
-            return ProviderGroup.objects.prefetch_related("providers", "roles")
+            return ProviderGroup.objects.prefetch_related("providers")

        # Collect provider groups associated with the user's roles
-        return user_roles.provider_groups.all().prefetch_related("providers", "roles")
+        return user_roles.provider_groups.all()

    def get_serializer_class(self):
        if self.action == "create":
@@ -805,7 +790,7 @@ class ProviderGroupProvidersRelationshipView(RelationshipView, BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_PROVIDERS]

    def get_queryset(self):
-        return ProviderGroup.objects.filter(tenant_id=self.request.tenant_id)
+        return ProviderGroup.objects.all()

    def create(self, request, *args, **kwargs):
        provider_group = self.get_object()
@@ -919,11 +904,10 @@ class ProviderViewSet(BaseRLSViewSet):
        user_roles = get_role(self.request.user)
        if user_roles.unlimited_visibility:
            # User has unlimited visibility, return all providers
-            queryset = Provider.objects.filter(tenant_id=self.request.tenant_id)
-        else:
-            # User lacks permission, filter providers based on provider groups associated with the role
-            queryset = get_providers(user_roles)
-        return queryset.select_related("secret").prefetch_related("provider_groups")
+            return Provider.objects.all()
+
+        # User lacks permission, filter providers based on provider groups associated with the role
+        return get_providers(user_roles)

    def get_serializer_class(self):
        if self.action == "create":
@@ -961,7 +945,7 @@ class ProviderViewSet(BaseRLSViewSet):
        get_object_or_404(Provider, pk=pk)
        with transaction.atomic():
            task = check_provider_connection_task.delay(
-                provider_id=pk, tenant_id=self.request.tenant_id
+                provider_id=pk, tenant_id=request.tenant_id
            )
        prowler_task = Task.objects.get(id=task.id)
        serializer = TaskSerializer(prowler_task)
@@ -982,7 +966,7 @@ class ProviderViewSet(BaseRLSViewSet):

        with transaction.atomic():
            task = delete_provider_task.delay(
-                provider_id=pk, tenant_id=self.request.tenant_id
+                provider_id=pk, tenant_id=request.tenant_id
            )
        prowler_task = Task.objects.get(id=task.id)
        serializer = TaskSerializer(prowler_task)
@@ -1052,7 +1036,7 @@ class ScanViewSet(BaseRLSViewSet):
        """
        if self.request.method in SAFE_METHODS:
            # No permissions required for GET requests
-            self.required_permissions = []
+            self.required_permissions = [Permissions.MANAGE_PROVIDERS]
        else:
            # Require permission for non-GET requests
            self.required_permissions = [Permissions.MANAGE_SCANS]
@@ -1061,11 +1045,10 @@ class ScanViewSet(BaseRLSViewSet):
        user_roles = get_role(self.request.user)
        if user_roles.unlimited_visibility:
            # User has unlimited visibility, return all scans
-            queryset = Scan.objects.filter(tenant_id=self.request.tenant_id)
-        else:
-            # User lacks permission, filter providers based on provider groups associated with the role
-            queryset = Scan.objects.filter(provider__in=get_providers(user_roles))
-        return queryset.select_related("provider", "task")
+            return Scan.objects.all()
+
+        # User lacks permission, filter providers based on provider groups associated with the role
+        return Scan.objects.filter(provider__in=get_providers(user_roles))

    def get_serializer_class(self):
        if self.action == "create":
@@ -1099,14 +1082,14 @@ class ScanViewSet(BaseRLSViewSet):
        with transaction.atomic():
            task = perform_scan_task.apply_async(
                kwargs={
-                    "tenant_id": self.request.tenant_id,
+                    "tenant_id": request.tenant_id,
                    "scan_id": str(scan.id),
                    "provider_id": str(scan.provider_id),
                    # Disabled for now
                    # checks_to_execute=scan.scanner_args.get("checks_to_execute"),
                },
                link=perform_scan_summary_task.si(
-                    tenant_id=self.request.tenant_id,
+                    tenant_id=request.tenant_id,
                    scan_id=str(scan.id),
                ),
            )
@@ -1162,7 +1145,7 @@ class TaskViewSet(BaseRLSViewSet):
        return Task.objects.annotate(
            name=F("task_runner_task__task_name"),
            state=F("task_runner_task__status"),
-        ).select_related("task_runner_task")
+        )

    def destroy(self, request, *args, pk=None, **kwargs):
        task = get_object_or_404(Task, pk=pk)
@@ -1223,20 +1206,17 @@ class ResourceViewSet(BaseRLSViewSet):
        "inserted_at",
        "updated_at",
    ]
-    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of
-    # the provider through the provider group)
+    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of the provider through the provider group)
    required_permissions = []

    def get_queryset(self):
        user_roles = get_role(self.request.user)
        if user_roles.unlimited_visibility:
            # User has unlimited visibility, return all scans
-            queryset = Resource.objects.filter(tenant_id=self.request.tenant_id)
+            queryset = Resource.objects.all()
        else:
            # User lacks permission, filter providers based on provider groups associated with the role
-            queryset = Resource.objects.filter(
-                tenant_id=self.request.tenant_id, provider__in=get_providers(user_roles)
-            )
+            queryset = Resource.objects.filter(provider__in=get_providers(user_roles))

        search_value = self.request.query_params.get("filter[search]", None)
        if search_value:
@@ -1282,13 +1262,7 @@ class ResourceViewSet(BaseRLSViewSet):
        tags=["Finding"],
        summary="Retrieve the services and regions that are impacted by findings",
        description="Fetch services and regions affected in findings.",
-        filters=True,
-        deprecated=True,
-    ),
-    metadata=extend_schema(
-        tags=["Finding"],
-        summary="Retrieve metadata values from findings",
-        description="Fetch unique metadata values from a set of findings. This is useful for dynamic filtering.",
+        responses={201: OpenApiResponse(response=MembershipSerializer)},
        filters=True,
    ),
 )
@@ -1315,15 +1289,12 @@ class FindingViewSet(BaseRLSViewSet):
        "inserted_at",
        "updated_at",
    ]
-    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of
-    # the provider through the provider group)
+    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of the provider through the provider group)
    required_permissions = []

    def get_serializer_class(self):
        if self.action == "findings_services_regions":
            return FindingDynamicFilterSerializer
-        elif self.action == "metadata":
-            return FindingMetadataSerializer

        return super().get_serializer_class()

@@ -1331,7 +1302,7 @@ class FindingViewSet(BaseRLSViewSet):
        user_roles = get_role(self.request.user)
        if user_roles.unlimited_visibility:
            # User has unlimited visibility, return all scans
-            queryset = Finding.objects.filter(tenant_id=self.request.tenant_id)
+            queryset = Finding.objects.all()
        else:
            # User lacks permission, filter providers based on provider groups associated with the role
            queryset = Finding.objects.filter(
@@ -1392,51 +1363,6 @@ class FindingViewSet(BaseRLSViewSet):

        return Response(data=serializer.data, status=status.HTTP_200_OK)

-    @action(detail=False, methods=["get"], url_name="metadata")
-    def metadata(self, request):
-        queryset = self.get_queryset()
-        filtered_queryset = self.filter_queryset(queryset)
-
-        result = filtered_queryset.aggregate(
-            services=ArrayAgg("resources__service", flat=True, distinct=True),
-            regions=ArrayAgg("resources__region", flat=True, distinct=True),
-            tags=ArrayAgg(
-                JSONObject(
-                    key=F("resources__tags__key"), value=F("resources__tags__value")
-                ),
-                distinct=True,
-                filter=Q(resources__tags__key__isnull=False),
-            ),
-            resource_types=ArrayAgg("resources__type", flat=True, distinct=True),
-        )
-        if result["services"] is None:
-            result["services"] = []
-        if result["regions"] is None:
-            result["regions"] = []
-        if result["regions"] is None:
-            result["regions"] = []
-        if result["resource_types"] is None:
-            result["resource_types"] = []
-        if result["tags"] is None:
-            result["tags"] = []
-
-        tags_dict = {}
-        for t in result["tags"]:
-            key, value = t["key"], t["value"]
-            if key not in tags_dict:
-                tags_dict[key] = []
-            tags_dict[key].append(value)
-
-        result["tags"] = tags_dict
-
-        serializer = self.get_serializer(
-            data=result,
-        )
-
-        serializer.is_valid(raise_exception=True)
-
-        return Response(data=serializer.data, status=status.HTTP_200_OK)
-

@extend_schema_view(
    list=extend_schema(
@@ -1483,7 +1409,7 @@ class ProviderSecretViewSet(BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_PROVIDERS]

    def get_queryset(self):
-        return ProviderSecret.objects.filter(tenant_id=self.request.tenant_id)
+        return ProviderSecret.objects.all()

    def get_serializer_class(self):
        if self.action == "create":
@@ -1542,7 +1468,7 @@ class InvitationViewSet(BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_ACCOUNT]

    def get_queryset(self):
-        return Invitation.objects.filter(tenant_id=self.request.tenant_id)
+        return Invitation.objects.all()

    def get_serializer_class(self):
        if self.action == "create":
@@ -1589,7 +1515,7 @@ class InvitationAcceptViewSet(BaseRLSViewSet):
    http_method_names = ["post"]

    def get_queryset(self):
-        return Invitation.objects.filter(tenant_id=self.request.tenant_id)
+        return Invitation.objects.all()

    def get_serializer_class(self):
        if hasattr(self, "response_serializer_class"):
@@ -1681,7 +1607,7 @@ class RoleViewSet(BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_ACCOUNT]

    def get_queryset(self):
-        return Role.objects.filter(tenant_id=self.request.tenant_id)
+        return Role.objects.all()

    def get_serializer_class(self):
        if self.action == "create":
@@ -1697,22 +1623,12 @@ class RoleViewSet(BaseRLSViewSet):
            request.data["manage_account"] = str(user_role.manage_account).lower()
        return super().partial_update(request, *args, **kwargs)

-    def destroy(self, request, *args, **kwargs):
-        instance = self.get_object()
-        if (
-            instance.name == "admin"
-        ):  # TODO: Move to a constant/enum (in case other roles are created by default)
-            raise ValidationError(detail="The admin role cannot be deleted.")
-
-        return super().destroy(request, *args, **kwargs)
-

@extend_schema_view(
    create=extend_schema(
        tags=["Role"],
        summary="Create a new role-provider_groups relationship",
-        description="Add a new role-provider_groups relationship to the system by providing the required "
-        "role-provider_groups details.",
+        description="Add a new role-provider_groups relationship to the system by providing the required role-provider_groups details.",
        responses={
            204: OpenApiResponse(description="Relationship created successfully"),
            400: OpenApiResponse(
@@ -1751,7 +1667,7 @@ class RoleProviderGroupRelationshipView(RelationshipView, BaseRLSViewSet):
    required_permissions = [Permissions.MANAGE_ACCOUNT]

    def get_queryset(self):
-        return Role.objects.filter(tenant_id=self.request.tenant_id)
+        return Role.objects.all()

    def create(self, request, *args, **kwargs):
        role = self.get_object()
@@ -1834,8 +1750,7 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):
    search_fields = ["compliance_id"]
    ordering = ["compliance_id"]
    ordering_fields = ["inserted_at", "compliance_id", "framework", "region"]
-    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of
-    # the provider through the provider group)
+    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of the provider through the provider group)
    required_permissions = []

    def get_queryset(self):
@@ -1846,28 +1761,20 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):

        if self.action == "retrieve":
            if unlimited_visibility:
-                # User has unlimited visibility, return all compliance
-                return ComplianceOverview.objects.filter(
-                    tenant_id=self.request.tenant_id
-                )
+                # User has unlimited visibility, return all compliance compliances
+                return ComplianceOverview.objects.all()

            providers = get_providers(role)
-            return ComplianceOverview.objects.filter(
-                tenant_id=self.request.tenant_id, scan__provider__in=providers
-            )
+            return ComplianceOverview.objects.filter(scan__provider__in=providers)

        if unlimited_visibility:
-            base_queryset = self.filter_queryset(
-                ComplianceOverview.objects.filter(tenant_id=self.request.tenant_id)
-            )
+            base_queryset = self.filter_queryset(ComplianceOverview.objects.all())
        else:
            providers = Provider.objects.filter(
                provider_groups__in=role.provider_groups.all()
            ).distinct()
            base_queryset = self.filter_queryset(
-                ComplianceOverview.objects.filter(
-                    tenant_id=self.request.tenant_id, scan__provider__in=providers
-                )
+                ComplianceOverview.objects.filter(scan__provider__in=providers)
            )

        max_failed_ids = (
@@ -1946,8 +1853,7 @@ class OverviewViewSet(BaseRLSViewSet):
    queryset = ComplianceOverview.objects.all()
    http_method_names = ["get"]
    ordering = ["-id"]
-    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of
-    # the provider through the provider group)
+    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of the provider through the provider group)
    required_permissions = []

    def get_queryset(self):
@@ -1956,10 +1862,8 @@ class OverviewViewSet(BaseRLSViewSet):

        def _get_filtered_queryset(model):
            if role.unlimited_visibility:
-                return model.objects.filter(tenant_id=self.request.tenant_id)
-            return model.objects.filter(
-                tenant_id=self.request.tenant_id, scan__provider__in=providers
-            )
+                return model.objects.all()
+            return model.objects.filter(scan__provider__in=providers)

        if self.action == "providers":
            return _get_filtered_queryset(Finding)
@@ -1998,22 +1902,17 @@ class OverviewViewSet(BaseRLSViewSet):

    @action(detail=False, methods=["get"], url_name="providers")
    def providers(self, request):
-        tenant_id = self.request.tenant_id
        # Subquery to get the most recent finding for each uid
        latest_finding_ids = (
            Finding.objects.filter(
-                tenant_id=tenant_id,
-                uid=OuterRef("uid"),
-                scan__provider=OuterRef("scan__provider"),
+                uid=OuterRef("uid"), scan__provider=OuterRef("scan__provider")
            )
            .order_by("-id")  # Most recent by id
            .values("id")[:1]
        )

        # Filter findings to only include the most recent for each uid
-        recent_findings = Finding.objects.filter(
-            tenant_id=tenant_id, id__in=Subquery(latest_finding_ids)
-        )
+        recent_findings = Finding.objects.filter(id__in=Subquery(latest_finding_ids))

        # Aggregate findings by provider
        findings_aggregated = (
@@ -2030,10 +1929,8 @@ class OverviewViewSet(BaseRLSViewSet):
        )

        # Aggregate total resources by provider
-        resources_aggregated = (
-            Resource.objects.filter(tenant_id=tenant_id)
-            .values("provider__provider")
-            .annotate(total_resources=Count("id"))
+        resources_aggregated = Resource.objects.values("provider__provider").annotate(
+            total_resources=Count("id")
        )

        # Combine findings and resources data
@@ -2065,15 +1962,12 @@ class OverviewViewSet(BaseRLSViewSet):

    @action(detail=False, methods=["get"], url_name="findings")
    def findings(self, request):
-        tenant_id = self.request.tenant_id
        queryset = self.get_queryset()
        filtered_queryset = self.filter_queryset(queryset)

        latest_scan_subquery = (
            Scan.objects.filter(
-                tenant_id=tenant_id,
-                state=StateChoices.COMPLETED,
-                provider_id=OuterRef("scan__provider_id"),
+                state=StateChoices.COMPLETED, provider_id=OuterRef("scan__provider_id")
            )
            .order_by("-id")
            .values("id")[:1]
@@ -2110,15 +2004,12 @@ class OverviewViewSet(BaseRLSViewSet):

    @action(detail=False, methods=["get"], url_name="findings_severity")
    def findings_severity(self, request):
-        tenant_id = self.request.tenant_id
        queryset = self.get_queryset()
        filtered_queryset = self.filter_queryset(queryset)

        latest_scan_subquery = (
            Scan.objects.filter(
-                tenant_id=tenant_id,
-                state=StateChoices.COMPLETED,
-                provider_id=OuterRef("scan__provider_id"),
+                state=StateChoices.COMPLETED, provider_id=OuterRef("scan__provider_id")
            )
            .order_by("-id")
            .values("id")[:1]
@@ -2146,15 +2037,12 @@ class OverviewViewSet(BaseRLSViewSet):

    @action(detail=False, methods=["get"], url_name="services")
    def services(self, request):
-        tenant_id = self.request.tenant_id
        queryset = self.get_queryset()
        filtered_queryset = self.filter_queryset(queryset)

        latest_scan_subquery = (
            Scan.objects.filter(
-                tenant_id=tenant_id,
-                state=StateChoices.COMPLETED,
-                provider_id=OuterRef("scan__provider_id"),
+                state=StateChoices.COMPLETED, provider_id=OuterRef("scan__provider_id")
            )
            .order_by("-id")
            .values("id")[:1]
@@ -1,21 +1,10 @@
 from celery import Celery, Task
-from config.env import env
-
-BROKER_VISIBILITY_TIMEOUT = env.int("DJANGO_BROKER_VISIBILITY_TIMEOUT", default=86400)

 celery_app = Celery("tasks")

 celery_app.config_from_object("django.conf:settings", namespace="CELERY")
 celery_app.conf.update(result_extended=True, result_expires=None)

-celery_app.conf.broker_transport_options = {
-    "visibility_timeout": BROKER_VISIBILITY_TIMEOUT
-}
-celery_app.conf.result_backend_transport_options = {
-    "visibility_timeout": BROKER_VISIBILITY_TIMEOUT
-}
-celery_app.conf.visibility_timeout = BROKER_VISIBILITY_TIMEOUT
-
 celery_app.autodiscover_tasks(["api"])


@@ -88,14 +88,16 @@ def create_test_user(django_db_setup, django_db_blocker):


@pytest.fixture(scope="function")
-def create_test_user_rbac(django_db_setup, django_db_blocker, tenants_fixture):
+def create_test_user_rbac(django_db_setup, django_db_blocker):
    with django_db_blocker.unblock():
        user = User.objects.create_user(
            name="testing",
            email="rbac@rbac.com",
            password=TEST_PASSWORD,
        )
-        tenant = tenants_fixture[0]
+        tenant = Tenant.objects.create(
+            name="Tenant Test",
+        )
        Membership.objects.create(
            user=user,
            tenant=tenant,
@@ -121,14 +123,16 @@ def create_test_user_rbac(django_db_setup, django_db_blocker, tenants_fixture):


@pytest.fixture(scope="function")
-def create_test_user_rbac_no_roles(django_db_setup, django_db_blocker, tenants_fixture):
+def create_test_user_rbac_no_roles(django_db_setup, django_db_blocker):
    with django_db_blocker.unblock():
        user = User.objects.create_user(
            name="testing",
            email="rbac_noroles@rbac.com",
            password=TEST_PASSWORD,
        )
-        tenant = tenants_fixture[0]
+        tenant = Tenant.objects.create(
+            name="Tenant Test",
+        )
        Membership.objects.create(
            user=user,
            tenant=tenant,
@@ -176,16 +180,10 @@ def create_test_user_rbac_limited(django_db_setup, django_db_blocker):
@pytest.fixture
 def authenticated_client_rbac(create_test_user_rbac, tenants_fixture, client):
    client.user = create_test_user_rbac
-    tenant_id = tenants_fixture[0].id
    serializer = TokenSerializer(
-        data={
-            "type": "tokens",
-            "email": "rbac@rbac.com",
-            "password": TEST_PASSWORD,
-            "tenant_id": tenant_id,
-        }
+        data={"type": "tokens", "email": "rbac@rbac.com", "password": TEST_PASSWORD}
    )
-    serializer.is_valid(raise_exception=True)
+    serializer.is_valid()
    access_token = serializer.validated_data["access"]
    client.defaults["HTTP_AUTHORIZATION"] = f"Bearer {access_token}"
    return client
@@ -305,7 +303,7 @@ def set_user_admin_roles_fixture(create_test_user, tenants_fixture):
@pytest.fixture
 def invitations_fixture(create_test_user, tenants_fixture):
    user = create_test_user
-    tenant = tenants_fixture[0]
+    *_, tenant = tenants_fixture
    valid_invitation = Invitation.objects.create(
        email="testing@prowler.com",
        state=Invitation.State.PENDING,
@@ -395,23 +393,6 @@ def provider_groups_fixture(tenants_fixture):
    return pgroup1, pgroup2, pgroup3


-@pytest.fixture
-def admin_role_fixture(tenants_fixture):
-    tenant, *_ = tenants_fixture
-
-    return Role.objects.get_or_create(
-        name="admin",
-        tenant_id=tenant.id,
-        manage_users=True,
-        manage_account=True,
-        manage_billing=True,
-        manage_providers=True,
-        manage_integrations=True,
-        manage_scans=True,
-        unlimited_visibility=True,
-    )[0]
-
-
@pytest.fixture
 def roles_fixture(tenants_fixture):
    tenant, *_ = tenants_fixture
@@ -116,6 +116,7 @@ def perform_prowler_scan(
        ValueError: If the provider cannot be connected.

    """
+    generate_compliance = False
    check_status_by_region = {}
    exception = None
    unique_resources = set()
@@ -144,6 +145,7 @@ def perform_prowler_scan(
                )
                provider_instance.save()

+        generate_compliance = provider_instance.provider != Provider.ProviderChoices.GCP
        prowler_scan = ProwlerScan(provider=prowler_provider, checks=checks_to_execute)

        resource_cache = {}
@@ -255,7 +257,7 @@ def perform_prowler_scan(
                    finding_instance.add_resources([resource_instance])

                # Update compliance data if applicable
-                if finding.status.value == "MUTED":
+                if not generate_compliance or finding.status.value == "MUTED":
                    continue

                region_dict = check_status_by_region.setdefault(finding.region, {})
@@ -283,7 +285,7 @@ def perform_prowler_scan(
            scan_instance.unique_resource_count = len(unique_resources)
            scan_instance.save()

-    if exception is None:
+    if exception is None and generate_compliance:
        try:
            regions = prowler_provider.get_regions()
        except AttributeError:
@@ -1,301 +0,0 @@
-# AWS SSO to Prowler Automation Script
-
-## Table of Contents
- [Introduction](#introduction)
- [Prerequisites](#prerequisites)
- [Setup](#setup)
- [Script Overview](#script-overview)
- [Usage](#usage)
- [Troubleshooting](#troubleshooting)
- [Customization](#customization)
- [Security Considerations](#security-considerations)
- [License](#license)
-
-## Introduction
-
-This repository provides a Bash script that automates the process of logging into AWS Single Sign-On (SSO), extracting temporary AWS credentials, and running **Prowler**—a security tool that performs AWS security best practices assessments—inside a Docker container using those credentials.
-
-By following this guide, you can streamline your AWS security assessments, ensuring that you consistently apply best practices across your AWS accounts.
-
-## Prerequisites
-
-Before you begin, ensure that you have the following tools installed and properly configured on your system:
-
-1. **AWS CLI v2**
-   - AWS SSO support is available from AWS CLI version 2 onwards.
-   - [Installation Guide](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)
-
-2. **jq**
-   - A lightweight and flexible command-line JSON processor.
-   - **macOS (Homebrew):**
-     ```bash
-     brew install jq
-     ```
-   - **Ubuntu/Debian:**
-     ```bash
-     sudo apt-get update
-     sudo apt-get install -y jq
-     ```
-   - **Windows:**
-     - [Download jq](https://stedolan.github.io/jq/download/)
-
-3. **Docker**
-   - Ensure Docker is installed and running on your system.
-   - [Docker Installation Guide](https://docs.docker.com/get-docker/)
-
-4. **AWS SSO Profile Configuration**
-   - Ensure that you have configured an AWS CLI profile with SSO.
-   - [Configuring AWS CLI with SSO](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html)
-
-## Setup
-
-1. **Clone the Repository**
-   ```bash
-   git clone https://github.com/your-username/aws-sso-prowler-automation.git
-   cd aws-sso-prowler-automation
-   ```
-
-2. **Create the Automation Script**
-   Create a new Bash script named `run_prowler_sso.sh` and make it executable.
-
-   ```bash
-   nano run_prowler_sso.sh
-   chmod +x run_prowler_sso.sh
-   ```
-
-3. **Add the Script Content**
-   Paste the following content into `run_prowler_sso.sh`:
-
-4. **Configure AWS SSO Profile**
-   Ensure that your AWS CLI profile (`twodragon` in this case) is correctly configured for SSO.
-
-   ```bash
-   aws configure sso --profile twodragon
-   ```
-
-   **Example Configuration Prompts:**
-   ```
-   SSO session name (Recommended): [twodragon]
-   SSO start URL [None]: https://twodragon.awsapps.com/start
-   SSO region [None]: ap-northeast-2
-   SSO account ID [None]: 123456789012
-   SSO role name [None]: ReadOnlyAccess
-   CLI default client region [None]: ap-northeast-2
-   CLI default output format [None]: json
-   CLI profile name [twodragon]: twodragon
-   ```
-
-## Script Overview
-
-The `run_prowler_sso.sh` script performs the following actions:
-
-1. **AWS SSO Login:**
-   - Initiates AWS SSO login for the specified profile.
-   - Opens the SSO authorization page in the default browser for user authentication.
-
-2. **Extract Temporary Credentials:**
-   - Locates the most recent SSO cache file containing the `accessToken`.
-   - Uses `jq` to parse and extract the `accessToken` from the cache file.
-   - Retrieves the `sso_role_name` and `sso_account_id` from the AWS CLI configuration.
-   - Obtains temporary AWS credentials (`AccessKeyId`, `SecretAccessKey`, `SessionToken`) using the extracted `accessToken`.
-
-3. **Set Environment Variables:**
-   - Exports the extracted AWS credentials as environment variables to be used by the Docker container.
-
-4. **Run Prowler:**
-   - Executes the **Prowler** Docker container, passing the AWS credentials as environment variables for security assessments.
-
-## Usage
-
-1. **Make the Script Executable**
-   Ensure the script has execute permissions.
-
-   ```bash
-   chmod +x run_prowler_sso.sh
-   ```
-
-2. **Run the Script**
-   Execute the script to start the AWS SSO login process and run Prowler.
-
-   ```bash
-   ./run_prowler_sso.sh
-   ```
-
-3. **Follow the Prompts**
-   - A browser window will open prompting you to authenticate via AWS SSO.
-   - Complete the authentication process in the browser.
-   - Upon successful login, the script will extract temporary credentials and run Prowler.
-
-4. **Review Prowler Output**
-   - Prowler will analyze your AWS environment based on the specified checks and output the results directly in the terminal.
-
-## Troubleshooting
-
-If you encounter issues during the script execution, follow these steps to diagnose and resolve them.
-
-### 1. Verify AWS CLI Version
-
-Ensure you are using AWS CLI version 2 or later.
-
-```bash
-aws --version
-```
-
-**Expected Output:**
-```
-aws-cli/2.11.10 Python/3.9.12 Darwin/20.3.0 exe/x86_64 prompt/off
-```
-
-If you are not using version 2, [install or update AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html).
-
-### 2. Confirm AWS SSO Profile Configuration
-
-Check that the `twodragon` profile is correctly configured.
-
-```bash
-aws configure list-profiles
-```
-
-**Expected Output:**
-```
-default
-twodragon
-```
-
-Review the profile details:
-
-```bash
-aws configure get sso_start_url --profile twodragon
-aws configure get sso_region --profile twodragon
-aws configure get sso_account_id --profile twodragon
-aws configure get sso_role_name --profile twodragon
-```
-
-Ensure all fields return the correct values.
-
-### 3. Check SSO Cache File
-
-Ensure that the SSO cache file contains a valid `accessToken`.
-
-```bash
-cat ~/.aws/sso/cache/*.json
-```
-
-**Example Content:**
-```json
-{
-  "accessToken": "eyJz93a...k4laUWw",
-  "expiresAt": "2024-12-22T14:07:55Z",
-  "clientId": "example-client-id",
-  "clientSecret": "example-client-secret",
-  "startUrl": "https://twodragon.awsapps.com/start#"
-}
-```
-
-If `accessToken` is `null` or missing, retry the AWS SSO login:
-
-```bash
-aws sso login --profile twodragon
-```
-
-### 4. Validate `jq` Installation
-
-Ensure that `jq` is installed and functioning correctly.
-
-```bash
-jq --version
-```
-
-**Expected Output:**
-```
-jq-1.6
-```
-
-If `jq` is not installed, install it using the instructions in the [Prerequisites](#prerequisites) section.
-
-### 5. Test Docker Environment Variables
-
-Verify that the Docker container receives the AWS credentials correctly.
-
-```bash
-docker run --platform linux/amd64 \
-    -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
-    -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
-    -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN \
-    toniblyx/prowler /bin/bash -c 'echo $AWS_ACCESS_KEY_ID; echo $AWS_SECRET_ACCESS_KEY; echo $AWS_SESSION_TOKEN'
-```
-
-**Expected Output:**
-```
-ASIA...
-wJalrFEMI/K7MDENG/bPxRfiCY...
-IQoJb3JpZ2luX2VjEHwaCXVz...
-```
-
-Ensure that none of the environment variables are empty.
-
-### 6. Review Script Output
-
-Run the script with debugging enabled to get detailed output.
-
-1. **Enable Debugging in Script**
-   Add `set -x` for verbose output.
-
-   ```bash
-   #!/bin/bash
-   set -e
-   set -x
-   # ... rest of the script ...
-   ```
-
-2. **Run the Script**
-
-   ```bash
-   ./run_prowler_sso.sh
-   ```
-
-3. **Analyze Output**
-   Look for any errors or unexpected values in the output to identify where the script is failing.
-
-## Customization
-
-You can modify the script to suit your specific needs, such as:
-
- **Changing the AWS Profile Name:**
-  Update the `PROFILE` variable at the top of the script.
-
-  ```bash
-  PROFILE="your-profile-name"
-  ```
-
- **Adding Prowler Options:**
-  Pass additional options to Prowler for customized checks or output formats.
-
-  ```bash
-  docker run --platform linux/amd64 \
-      -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \
-      -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \
-      -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN \
-      toniblyx/prowler -c check123 -M json
-  ```
-
-## Security Considerations
-
- **Handle Credentials Securely:**
-  - Avoid sharing or exposing your AWS credentials.
-  - Do not include sensitive information in logs or version control.
-
- **Script Permissions:**
-  - Ensure the script file has appropriate permissions to prevent unauthorized access.
-
-    ```bash
-    chmod 700 run_prowler_sso.sh
-    ```
-
- **Environment Variables:**
-  - Be cautious when exporting credentials as environment variables.
-  - Consider using more secure methods for credential management if necessary.
-
-## License
-
-This project is licensed under the [MIT License](LICENSE).
@@ -1,136 +0,0 @@
-#!/bin/bash
-set -e
-
-# Set the profile name
-PROFILE="twodragon"
-
-# Set the Prowler output directory
-OUTPUT_DIR=~/prowler-output
-mkdir -p "$OUTPUT_DIR"
-
-# Set the port for the local web server
-WEB_SERVER_PORT=8000
-
-# ----------------------------------------------
-# Functions
-# ----------------------------------------------
-
-# Function to open the HTML report in the default browser
-open_report() {
-    local report_path="$1"
-
-    if [[ "$OSTYPE" == "darwin"* ]]; then
-        open "$report_path"
-    elif [[ "$OSTYPE" == "linux-gnu"* ]]; then
-        xdg-open "$report_path"
-    elif [[ "$OSTYPE" == "msys" ]]; then
-        start "" "$report_path"
-    else
-        echo "Automatic method to open Prowler HTML report is not supported on this OS."
-        echo "Please open the report manually at: $report_path"
-    fi
-}
-
-# Function to start a simple HTTP server to host the Prowler reports
-start_web_server() {
-    local directory="$1"
-    local port="$2"
-
-    echo "Starting local web server to host Prowler reports at http://localhost:$port"
-    echo "Press Ctrl+C to stop the web server."
-
-    # Change to the output directory
-    cd "$directory"
-
-    # Start the HTTP server in the foreground
-    # Python 3 is required
-    python3 -m http.server "$port"
-}
-
-# ----------------------------------------------
-# Main Script
-# ----------------------------------------------
-
-# AWS SSO Login
-echo "Logging into AWS SSO..."
-aws sso login --profile "$PROFILE"
-
-# Extract temporary credentials
-echo "Extracting temporary credentials..."
-
-# Find the most recently modified SSO cache file
-CACHE_FILE=$(ls -t ~/.aws/sso/cache/*.json 2>/dev/null | head -n 1)
-echo "Cache File: $CACHE_FILE"
-
-if [ -z "$CACHE_FILE" ]; then
-    echo "SSO cache file not found. Please ensure AWS SSO login was successful."
-    exit 1
-fi
-
-# Extract accessToken using jq
-ACCESS_TOKEN=$(jq -r '.accessToken' "$CACHE_FILE")
-echo "Access Token: $ACCESS_TOKEN"
-
-if [ -z "$ACCESS_TOKEN" ] || [ "$ACCESS_TOKEN" == "null" ]; then
-    echo "Unable to extract accessToken. Please check your SSO login and cache file."
-    exit 1
-fi
-
-# Extract role name and account ID from AWS CLI configuration
-ROLE_NAME=$(aws configure get sso_role_name --profile "$PROFILE")
-ACCOUNT_ID=$(aws configure get sso_account_id --profile "$PROFILE")
-echo "Role Name: $ROLE_NAME"
-echo "Account ID: $ACCOUNT_ID"
-
-if [ -z "$ROLE_NAME" ] || [ -z "$ACCOUNT_ID" ]; then
-    echo "Unable to extract sso_role_name or sso_account_id. Please check your profile configuration."
-    exit 1
-fi
-
-# Obtain temporary credentials using AWS SSO
-TEMP_CREDS=$(aws sso get-role-credentials \
-    --role-name "$ROLE_NAME" \
-    --account-id "$ACCOUNT_ID" \
-    --access-token "$ACCESS_TOKEN" \
-    --profile "$PROFILE")
-
-echo "TEMP_CREDS: $TEMP_CREDS"
-
-# Extract credentials from the JSON response
-AWS_ACCESS_KEY_ID=$(echo "$TEMP_CREDS" | jq -r '.roleCredentials.accessKeyId')
-AWS_SECRET_ACCESS_KEY=$(echo "$TEMP_CREDS" | jq -r '.roleCredentials.secretAccessKey')
-AWS_SESSION_TOKEN=$(echo "$TEMP_CREDS" | jq -r '.roleCredentials.sessionToken')
-
-# Verify that all credentials were extracted successfully
-if [ -z "$AWS_ACCESS_KEY_ID" ] || [ -z "$AWS_SECRET_ACCESS_KEY" ] || [ -z "$AWS_SESSION_TOKEN" ]; then
-    echo "Unable to extract temporary credentials."
-    exit 1
-fi
-
-# Export AWS credentials as environment variables
-export AWS_ACCESS_KEY_ID
-export AWS_SECRET_ACCESS_KEY
-export AWS_SESSION_TOKEN
-
-echo "AWS credentials have been set."
-
-# Run Prowler in Docker container
-echo "Running Prowler Docker container..."
-
-docker run --platform linux/amd64 \
-    -e AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID" \
-    -e AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY" \
-    -e AWS_SESSION_TOKEN="$AWS_SESSION_TOKEN" \
-    -v "$OUTPUT_DIR":/home/prowler/output \
-    toniblyx/prowler -M html -M csv -M json-ocsf --output-directory /home/prowler/output --output-filename prowler-output
-
-echo "Prowler has finished running. Reports are saved in $OUTPUT_DIR."
-
-# Open the HTML report in the default browser
-REPORT_PATH="$OUTPUT_DIR/prowler-output.html"
-echo "Opening Prowler HTML report..."
-open_report "$REPORT_PATH" &
-
-# Start the local web server to host the Prowler dashboard
-# This will run in the foreground. To run it in the background, append an ampersand (&) at the end of the command.
-start_web_server "$OUTPUT_DIR" "$WEB_SERVER_PORT"
@@ -1,24 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_cis
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_DESCRIPTION",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ].copy()
-
-    return get_section_containers_cis(
-        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
-    )
@@ -1,7 +1,7 @@
 services:
  api:
    hostname: "prowler-api"
-    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-stable}
+    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-latest}
    env_file:
      - path: .env
        required: false
@@ -17,7 +17,7 @@ services:
      - "prod"

  ui:
-    image: prowlercloud/prowler-ui:${PROWLER_UI_VERSION:-stable}
+    image: prowlercloud/prowler-ui:${PROWLER_UI_VERSION:-latest}
    env_file:
      - path: .env
        required: false
@@ -61,7 +61,7 @@ services:
      retries: 3

  worker:
-    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-stable}
+    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-latest}
    env_file:
      - path: .env
        required: false
@@ -75,7 +75,7 @@ services:
      - "worker"

  worker-beat:
-    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-stable}
+    image: prowlercloud/prowler-api:${PROWLER_API_VERSION:-latest}
    env_file:
      - path: ./.env
        required: false
@@ -279,9 +279,6 @@ Each Prowler check has metadata associated which is stored at the same level of
  "Severity": "critical",
  # ResourceType only for AWS, holds the type from here
  # https://docs.aws.amazon.com/securityhub/latest/userguide/asff-resources.html
-  # In case of not existing, use CloudFormation type but removing the "::" and using capital letters only at the beginning of each word. Example: "AWS::EC2::Instance" -> "AwsEc2Instance"
-  # CloudFormation type reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
-  # If the resource type does not exist in the CloudFormation types, use "Other".
  "ResourceType": "Other",
  # Description holds the title of the check, for now is the same as CheckTitle
  "Description": "Ensure there are no EC2 AMIs set as Public.",
@@ -1,336 +1,3 @@
-# Creating a New Integration
+# Create a new integration

-## Introduction
-
-Integrating Prowler with external tools enhances its functionality and seamlessly embeds it into your workflows. Prowler supports a wide range of integrations to streamline security assessments and reporting. Common integration targets include messaging platforms like Slack, project management tools like Jira, and cloud services such as AWS Security Hub.
-
-* Consult the [Prowler Developer Guide](https://docs.prowler.com/projects/prowler-open-source/en/latest/) to understand how Prowler works and the way that you can integrate it with the desired product!
-* Identify the best approach for the specific platform you’re targeting.
-
-## Steps to Create an Integration
-
-### Identify the Integration Purpose
-
-* Clearly define the objective of the integration. For example:
-    * Sending Prowler findings to a platform for alerts, tracking, or further analysis.
-    * Review existing integrations in the [`prowler/lib/outputs`](https://github.com/prowler-cloud/prowler/tree/master/prowler/lib/outputs) folder for inspiration and implementation examples.
-
-### Develop the Integration
-
-* Script Development:
-    * Write a script to process Prowler’s output and interact with the target platform’s API.
-    * For example, to send findings, parse Prowler’s results and use the platform’s API to create entries or notifications.
-* Configuration:
-    * Ensure your script includes configurable options for environment-specific settings, such as API endpoints and authentication tokens.
-
-### Fundamental Structure
-
-* Integration Class:
-    * Create a class that encapsulates attributes and methods for the integration.
-    Here is an example with Jira integration:
-    ```python title="Jira Class"
-    class Jira:
-    """
-    Jira class to interact with the Jira API
-
-    [Note]
-    This integration is limited to a single Jira Cloud, therefore all the issues will be created for same Jira Cloud ID. We will need to work on the ability of providing a Jira Cloud ID if the user is present in more than one.
-
-    Attributes:
-        - _redirect_uri: The redirect URI
-        - _client_id: The client ID
-        - _client_secret: The client secret
-        - _access_token: The access token
-        - _refresh_token: The refresh token
-        - _expiration_date: The authentication expiration
-        - _cloud_id: The cloud ID
-        - _scopes: The scopes needed to authenticate, read:jira-user read:jira-work write:jira-work
-        - AUTH_URL: The URL to authenticate with Jira
-        - PARAMS_TEMPLATE: The template for the parameters to authenticate with Jira
-        - TOKEN_URL: The URL to get the access token from Jira
-        - API_TOKEN_URL: The URL to get the accessible resources from Jira
-
-    Methods:
-        - __init__: Initialize the Jira object
-        - input_authorization_code: Input the authorization code
-        - auth_code_url: Generate the URL to authorize the application
-        - get_auth: Get the access token and refresh token
-        - get_cloud_id: Get the cloud ID from Jira
-        - get_access_token: Get the access token
-        - refresh_access_token: Refresh the access token from Jira
-        - test_connection: Test the connection to Jira and return a Connection object
-        - get_projects: Get the projects from Jira
-        - get_available_issue_types: Get the available issue types for a project
-        - send_findings: Send the findings to Jira and create an issue
-
-    Raises:
-        - JiraGetAuthResponseError: Failed to get the access token and refresh token
-        - JiraGetCloudIDNoResourcesError: No resources were found in Jira when getting the cloud id
-        - JiraGetCloudIDResponseError: Failed to get the cloud ID, response code did not match 200
-        - JiraGetCloudIDError: Failed to get the cloud ID from Jira
-        - JiraAuthenticationError: Failed to authenticate
-        - JiraRefreshTokenError: Failed to refresh the access token
-        - JiraRefreshTokenResponseError: Failed to refresh the access token, response code did not match 200
-        - JiraGetAccessTokenError: Failed to get the access token
-        - JiraNoProjectsError: No projects found in Jira
-        - JiraGetProjectsError: Failed to get projects from Jira
-        - JiraGetProjectsResponseError: Failed to get projects from Jira, response code did not match 200
-        - JiraInvalidIssueTypeError: The issue type is invalid
-        - JiraGetAvailableIssueTypesError: Failed to get available issue types from Jira
-        - JiraGetAvailableIssueTypesResponseError: Failed to get available issue types from Jira, response code did not match 200
-        - JiraCreateIssueError: Failed to create an issue in Jira
-        - JiraSendFindingsResponseError: Failed to send the findings to Jira
-        - JiraTestConnectionError: Failed to test the connection
-
-    Usage:
-        jira = Jira(
-            redirect_uri="http://localhost:8080",
-            client_id="client_id",
-            client_secret="client_secret
-        )
-        jira.send_findings(findings=findings, project_key="KEY")
-    """
-
-    _redirect_uri: str = None
-    _client_id: str = None
-    _client_secret: str = None
-    _access_token: str = None
-    _refresh_token: str = None
-    _expiration_date: int = None
-    _cloud_id: str = None
-    _scopes: list[str] = None
-    AUTH_URL = "https://auth.atlassian.com/authorize"
-    PARAMS_TEMPLATE = {
-        "audience": "api.atlassian.com",
-        "client_id": None,
-        "scope": None,
-        "redirect_uri": None,
-        "state": None,
-        "response_type": "code",
-        "prompt": "consent",
-    }
-    TOKEN_URL = "https://auth.atlassian.com/oauth/token"
-    API_TOKEN_URL = "https://api.atlassian.com/oauth/token/accessible-resources"
-
-    def __init__(
-        self,
-        redirect_uri: str = None,
-        client_id: str = None,
-        client_secret: str = None,
-    ):
-        self._redirect_uri = redirect_uri
-        self._client_id = client_id
-        self._client_secret = client_secret
-        self._scopes = ["read:jira-user", "read:jira-work", "write:jira-work"]
-        auth_url = self.auth_code_url()
-        authorization_code = self.input_authorization_code(auth_url)
-        self.get_auth(authorization_code)
-
-    # More properties and methods
-    ```
-* Test Connection Method:
-    * Implement a method to validate credentials or tokens, ensuring the connection to the target platform is successful.
-    The following is the code for the `test_connection` method for the `Jira` class:
-    ```python title="Test connection"
-    @staticmethod
-    def test_connection(
-        redirect_uri: str = None,
-        client_id: str = None,
-        client_secret: str = None,
-        raise_on_exception: bool = True,
-    ) -> Connection:
-        """Test the connection to Jira
-
-        Args:
-            - redirect_uri: The redirect URI
-            - client_id: The client ID
-            - client_secret: The client secret
-            - raise_on_exception: Whether to raise an exception or not
-
-        Returns:
-            - Connection: The connection object
-
-        Raises:
-            - JiraGetCloudIDNoResourcesError: No resources were found in Jira when getting the cloud id
-            - JiraGetCloudIDResponseError: Failed to get the cloud ID, response code did not match 200
-            - JiraGetCloudIDError: Failed to get the cloud ID from Jira
-            - JiraAuthenticationError: Failed to authenticate
-            - JiraTestConnectionError: Failed to test the connection
-        """
-        try:
-            jira = Jira(
-                redirect_uri=redirect_uri,
-                client_id=client_id,
-                client_secret=client_secret,
-            )
-            access_token = jira.get_access_token()
-
-            if not access_token:
-                return ValueError("Failed to get access token")
-
-            headers = {"Authorization": f"Bearer {access_token}"}
-            response = requests.get(
-                f"https://api.atlassian.com/ex/jira/{jira.cloud_id}/rest/api/3/myself",
-                headers=headers,
-            )
-
-            if response.status_code == 200:
-                return Connection(is_connected=True)
-            else:
-                return Connection(is_connected=False, error=response.json())
-        except JiraGetCloudIDNoResourcesError as no_resources_error:
-            logger.error(
-                f"{no_resources_error.__class__.__name__}[{no_resources_error.__traceback__.tb_lineno}]: {no_resources_error}"
-            )
-            if raise_on_exception:
-                raise no_resources_error
-            return Connection(error=no_resources_error)
-        except JiraGetCloudIDResponseError as response_error:
-            logger.error(
-                f"{response_error.__class__.__name__}[{response_error.__traceback__.tb_lineno}]: {response_error}"
-            )
-            if raise_on_exception:
-                raise response_error
-            return Connection(error=response_error)
-        except JiraGetCloudIDError as cloud_id_error:
-            logger.error(
-                f"{cloud_id_error.__class__.__name__}[{cloud_id_error.__traceback__.tb_lineno}]: {cloud_id_error}"
-            )
-            if raise_on_exception:
-                raise cloud_id_error
-            return Connection(error=cloud_id_error)
-        except JiraAuthenticationError as auth_error:
-            logger.error(
-                f"{auth_error.__class__.__name__}[{auth_error.__traceback__.tb_lineno}]: {auth_error}"
-            )
-            if raise_on_exception:
-                raise auth_error
-            return Connection(error=auth_error)
-        except Exception as error:
-            logger.error(f"Failed to test connection: {error}")
-            if raise_on_exception:
-                raise JiraTestConnectionError(
-                    message="Failed to test connection on the Jira integration",
-                    file=os.path.basename(__file__),
-                )
-            return Connection(is_connected=False, error=error)
-    ```
-* Send Findings Method:
-    * Add a method to send Prowler findings to the target platform, adhering to its API specifications.
-    The following is the code for the `send_findings` method for the `Jira` class:
-    ```python title="Send findings method"
-    def send_findings(
-        self,
-        findings: list[Finding] = None,
-        project_key: str = None,
-        issue_type: str = None,
-    ):
-        """
-        Send the findings to Jira
-
-        Args:
-            - findings: The findings to send
-            - project_key: The project key
-            - issue_type: The issue type
-
-        Raises:
-            - JiraRefreshTokenError: Failed to refresh the access token
-            - JiraRefreshTokenResponseError: Failed to refresh the access token, response code did not match 200
-            - JiraCreateIssueError: Failed to create an issue in Jira
-            - JiraSendFindingsResponseError: Failed to send the findings to Jira
-        """
-        try:
-            access_token = self.get_access_token()
-
-            if not access_token:
-                raise JiraNoTokenError(
-                    message="No token was found",
-                    file=os.path.basename(__file__),
-                )
-
-            projects = self.get_projects()
-
-            if project_key not in projects:
-                logger.error("The project key is invalid")
-                raise JiraInvalidProjectKeyError(
-                    message="The project key is invalid",
-                    file=os.path.basename(__file__),
-                )
-
-            available_issue_types = self.get_available_issue_types(project_key)
-
-            if issue_type not in available_issue_types:
-                logger.error("The issue type is invalid")
-                raise JiraInvalidIssueTypeError(
-                    message="The issue type is invalid", file=os.path.basename(__file__)
-                )
-            headers = {
-                "Authorization": f"Bearer {access_token}",
-                "Content-Type": "application/json",
-            }
-
-            for finding in findings:
-                status_color = self.get_color_from_status(finding.status.value)
-                adf_description = self.get_adf_description(
-                    check_id=finding.metadata.CheckID,
-                    check_title=finding.metadata.CheckTitle,
-                    severity=finding.metadata.Severity.value.upper(),
-                    status=finding.status.value,
-                    status_color=status_color,
-                    status_extended=finding.status_extended,
-                    provider=finding.metadata.Provider,
-                    region=finding.region,
-                    resource_uid=finding.resource_uid,
-                    resource_name=finding.resource_name,
-                    risk=finding.metadata.Risk,
-                    recommendation_text=finding.metadata.Remediation.Recommendation.Text,
-                    recommendation_url=finding.metadata.Remediation.Recommendation.Url,
-                )
-                payload = {
-                    "fields": {
-                        "project": {"key": project_key},
-                        "summary": f"[Prowler] {finding.metadata.Severity.value.upper()} - {finding.metadata.CheckID} - {finding.resource_uid}",
-                        "description": adf_description,
-                        "issuetype": {"name": issue_type},
-                    }
-                }
-
-                response = requests.post(
-                    f"https://api.atlassian.com/ex/jira/{self.cloud_id}/rest/api/3/issue",
-                    json=payload,
-                    headers=headers,
-                )
-
-                if response.status_code != 201:
-                    response_error = f"Failed to send finding: {response.status_code} - {response.json()}"
-                    logger.warning(response_error)
-                    raise JiraSendFindingsResponseError(
-                        message=response_error, file=os.path.basename(__file__)
-                    )
-                else:
-                    logger.info(f"Finding sent successfully: {response.json()}")
-        except JiraRefreshTokenError as refresh_error:
-            raise refresh_error
-        except JiraRefreshTokenResponseError as response_error:
-            raise response_error
-        except Exception as e:
-            logger.error(f"Failed to send findings: {e}")
-            raise JiraCreateIssueError(
-                message="Failed to create an issue in Jira",
-                file=os.path.basename(__file__),
-            )
-    ```
-
-### Testing
-
-* Test the integration in a controlled environment to confirm it behaves as expected.
-* Verify that Prowler’s findings are accurately transmitted and correctly processed by the target platform.
-* Simulate edge cases to ensure robust error handling.
-
-### Documentation
-
-* Provide clear, detailed documentation for your integration:
-    * Setup instructions, including any required dependencies.
-    * Configuration details, such as environment variables or authentication steps.
-    * Example use cases and troubleshooting tips.
-* Good documentation ensures maintainability and simplifies onboarding for team members.
+Coming soon ...
@@ -1,166 +1,3 @@
-# Create a Custom Output Format
+# Create a custom output format

-## Introduction
-
-Prowler can generate outputs in multiple formats, allowing users to customize the way findings are presented. This is particularly useful when integrating Prowler with third-party tools, creating specialized reports, or simply tailoring the data to meet specific requirements. A custom output format gives you the flexibility to extract and display only the most relevant information in the way you need it.
-
-* Prowler organizes its outputs in the `/lib/outputs` directory. Each format (e.g., JSON, CSV, HTML) is implemented as a Python class.
-* Outputs are generated based on findings collected during a scan. Each finding is represented as a structured dictionary containing details like resource IDs, severities, descriptions, and more.
-* Consult the [Prowler Developer Guide](https://docs.prowler.com/projects/prowler-open-source/en/latest/) to understand how Prowler works and the way that you can create it with the desired output!
-* Identify the best approach for the specific output you’re targeting.
-
-## Steps to Create a Custom Output Format
-
-### Schema
-
-* Output Class:
-    * The class must inherit from `Output`. Review the [Output Class](https://github.com/prowler-cloud/prowler/blob/master/prowler/lib/outputs/output.py).
-    * Create a class that encapsulates attributes and methods for the output.
-    The following is the code for the `CSV` class:
-    ```python title="CSV Class"
-    class CSV(Output):
-        def transform(self, findings: List[Finding]) -> None:
-            """Transforms the findings into the CSV format.
-
-            Args:
-                findings (list[Finding]): a list of Finding objects
-
-            """
-        ...
-    ```
-* Transform Method:
-    * This method will transform the findings provided by Prowler to a specific format.
-    The following is the code for the `transform` method for the `CSV` class:
-    ```python title="Transform"
-    def transform(self, findings: List[Finding]) -> None:
-        """Transforms the findings into the CSV format.
-
-        Args:
-            findings (list[Finding]): a list of Finding objects
-
-        """
-        try:
-            for finding in findings:
-                finding_dict = {}
-                finding_dict["AUTH_METHOD"] = finding.auth_method
-                finding_dict["TIMESTAMP"] = finding.timestamp
-                finding_dict["ACCOUNT_UID"] = finding.account_uid
-                finding_dict["ACCOUNT_NAME"] = finding.account_name
-                finding_dict["ACCOUNT_EMAIL"] = finding.account_email
-                finding_dict["ACCOUNT_ORGANIZATION_UID"] = (
-                    finding.account_organization_uid
-                )
-                finding_dict["ACCOUNT_ORGANIZATION_NAME"] = (
-                    finding.account_organization_name
-                )
-                finding_dict["ACCOUNT_TAGS"] = unroll_dict(
-                    finding.account_tags, separator=":"
-                )
-                finding_dict["FINDING_UID"] = finding.uid
-                finding_dict["PROVIDER"] = finding.metadata.Provider
-                finding_dict["CHECK_ID"] = finding.metadata.CheckID
-                finding_dict["CHECK_TITLE"] = finding.metadata.CheckTitle
-                finding_dict["CHECK_TYPE"] = unroll_list(finding.metadata.CheckType)
-                finding_dict["STATUS"] = finding.status.value
-                finding_dict["STATUS_EXTENDED"] = finding.status_extended
-                finding_dict["MUTED"] = finding.muted
-                finding_dict["SERVICE_NAME"] = finding.metadata.ServiceName
-                finding_dict["SUBSERVICE_NAME"] = finding.metadata.SubServiceName
-                finding_dict["SEVERITY"] = finding.metadata.Severity.value
-                finding_dict["RESOURCE_TYPE"] = finding.metadata.ResourceType
-                finding_dict["RESOURCE_UID"] = finding.resource_uid
-                finding_dict["RESOURCE_NAME"] = finding.resource_name
-                finding_dict["RESOURCE_DETAILS"] = finding.resource_details
-                finding_dict["RESOURCE_TAGS"] = unroll_dict(finding.resource_tags)
-                finding_dict["PARTITION"] = finding.partition
-                finding_dict["REGION"] = finding.region
-                finding_dict["DESCRIPTION"] = finding.metadata.Description
-                finding_dict["RISK"] = finding.metadata.Risk
-                finding_dict["RELATED_URL"] = finding.metadata.RelatedUrl
-                finding_dict["REMEDIATION_RECOMMENDATION_TEXT"] = (
-                    finding.metadata.Remediation.Recommendation.Text
-                )
-                finding_dict["REMEDIATION_RECOMMENDATION_URL"] = (
-                    finding.metadata.Remediation.Recommendation.Url
-                )
-                finding_dict["REMEDIATION_CODE_NATIVEIAC"] = (
-                    finding.metadata.Remediation.Code.NativeIaC
-                )
-                finding_dict["REMEDIATION_CODE_TERRAFORM"] = (
-                    finding.metadata.Remediation.Code.Terraform
-                )
-                finding_dict["REMEDIATION_CODE_CLI"] = (
-                    finding.metadata.Remediation.Code.CLI
-                )
-                finding_dict["REMEDIATION_CODE_OTHER"] = (
-                    finding.metadata.Remediation.Code.Other
-                )
-                finding_dict["COMPLIANCE"] = unroll_dict(
-                    finding.compliance, separator=": "
-                )
-                finding_dict["CATEGORIES"] = unroll_list(finding.metadata.Categories)
-                finding_dict["DEPENDS_ON"] = unroll_list(finding.metadata.DependsOn)
-                finding_dict["RELATED_TO"] = unroll_list(finding.metadata.RelatedTo)
-                finding_dict["NOTES"] = finding.metadata.Notes
-                finding_dict["PROWLER_VERSION"] = finding.prowler_version
-                self._data.append(finding_dict)
-        except Exception as error:
-            logger.error(
-                f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
-            )
-    ```
-* Batch Write Data To File Method:
-    * This method will write the modeled object to a file.
-    The following is the code for the `batch_write_data_to_file` method for the `CSV` class:
-    ```python title="Batch Write Data To File"
-    def batch_write_data_to_file(self) -> None:
-        """Writes the findings to a file using the CSV format using the `Output._file_descriptor`."""
-        try:
-            if (
-                getattr(self, "_file_descriptor", None)
-                and not self._file_descriptor.closed
-                and self._data
-            ):
-                csv_writer = DictWriter(
-                    self._file_descriptor,
-                    fieldnames=self._data[0].keys(),
-                    delimiter=";",
-                )
-                csv_writer.writeheader()
-                for finding in self._data:
-                    csv_writer.writerow(finding)
-                self._file_descriptor.close()
-        except Exception as error:
-            logger.error(
-                f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
-            )
-    ```
-
-### Integration With The Current Code
-
-Once that the desired output format is created it has to be integrated with Prowler. Take a look at the the usage from the current supported output in order to add the new one.
-Here is an example of the CSV output creation inside [prowler code](https://github.com/prowler-cloud/prowler/blob/master/prowler/__main__.py):
-```python title="CSV creation"
-if mode == "csv":
-    csv_output = CSV(
-        findings=finding_outputs,
-        create_file_descriptor=True,
-        file_path=f"{filename}{csv_file_suffix}",
-    )
-    generated_outputs["regular"].append(csv_output)
-    # Write CSV Finding Object to file
-    csv_output.batch_write_data_to_file()
-```
-
-### Testing
-
-* Verify that Prowler’s findings are accurately writed in the desired output format.
-* Simulate edge cases to ensure robust error handling.
-
-### Documentation
-
-* Provide clear, detailed documentation for your output:
-    * Setup instructions, including any required dependencies.
-    * Configuration details.
-    * Example use cases and troubleshooting tips.
-* Good documentation ensures maintainability and simplifies onboarding for new users.
+Coming soon ...
@@ -38,19 +38,16 @@ If your IAM entity enforces MFA you can use `--mfa` and Prowler will ask you to

 ## Azure

-Prowler for Azure supports the following authentication types. To use each one you need to pass the proper flag to the execution:
+Prowler for Azure supports the following authentication types:

- [Service principal application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object) (recommended).
- Current az cli credentials stored.
- Interactive browser authentication.
- [Managed identity](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview) authentication.
+- [Service principal application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object) by environment variables (recommended)
+- Current az cli credentials stored
+- Interactive browser authentication
+- [Managed identity](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview) authentication

-???+ warning
-    For Prowler App only the Service Principal authentication method is supported.
+### Service Principal authentication

-### Service Principal Application authentication
-
-To allow Prowler assume the service principal application identity to start the scan it is needed to configure the following environment variables:
+To allow Prowler assume the service principal identity to start the scan it is needed to configure the following environment variables:

 ```console
 export AZURE_CLIENT_ID="XXXXXXXXX"
@@ -59,23 +56,23 @@ export AZURE_CLIENT_SECRET="XXXXXXX"
 ```

 If you try to execute Prowler with the `--sp-env-auth` flag and those variables are empty or not exported, the execution is going to fail.
-Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md#how-to-create-prowler-service-principal) section to create a service principal.
+Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md) section to create a service principal.

 ### AZ CLI / Browser / Managed Identity authentication

 The other three cases does not need additional configuration, `--az-cli-auth` and `--managed-identity-auth` are automated options. To use `--browser-auth`  the user needs to authenticate against Azure using the default browser to start the scan, also `tenant-id` is required.

-### Needed permissions
+### Permissions

-Prowler for Azure needs two types of permission scopes to be set:
+To use each one you need to pass the proper flag to the execution. Prowler for Azure handles two types of permission scopes, which are:

- **Microsoft Entra ID permissions**: used to retrieve metadata from the identity assumed by Prowler and specific Entra checks (not mandatory to have access to execute the tool). The permissions required by the tool are the following:
+- **Microsoft Entra ID permissions**: Used to retrieve metadata from the identity assumed by Prowler and specific Entra checks (not mandatory to have access to execute the tool). The permissions required by the tool are the following:
    - `Directory.Read.All`
    - `Policy.Read.All`
-    - `UserAuthenticationMethod.Read.All` (used only for the Entra checks related with multifactor authentication)
- **Subscription scope permissions**: required to launch the checks against your resources, mandatory to launch the tool. It is required to add the following RBAC builtin roles per subscription to the entity that is going to be assumed by the tool:
+    - `UserAuthenticationMethod.Read.All`
+- **Subscription scope permissions**: Required to launch the checks against your resources, mandatory to launch the tool. It is required to add the following RBAC builtin roles per subscription to the entity that is going to be assumed by the tool:
    - `Reader`
-    - `ProwlerRole` (custom role with minimal permissions defined in [prowler-azure-custom-role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json))
+    - `ProwlerRole` (custom role defined in [prowler-azure-custom-role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json))
    ???+ note
        Please, notice that the field `assignableScopes` in the JSON custom role file must be changed to be the subscription or management group where the role is going to be assigned. The valid formats for the field are `/subscriptions/<subscription-id>` or `/providers/Microsoft.Management/managementGroups/<management-group-id>`.

@@ -83,7 +80,7 @@ To assign the permissions, follow the instructions in the [Microsoft Entra ID pe

 #### Checks that require ProwlerRole

-The following checks require the `ProwlerRole` permissions to be executed, if you want to run them, make sure you have assigned the role to the identity that is going to be assumed by Prowler:
+The following checks require the `ProwlerRole` custom role to be executed, if you want to run them, make sure you have assigned the role to the identity that is going to be assumed by Prowler:

 - `app_function_access_keys_configured`
 - `app_function_ftps_deployment_disabled`
@@ -45,8 +45,6 @@ Prowler App can be installed in different ways, depending on your environment:
    docker compose up -d
    ```

-    > Containers are built for `linux/amd64`. If your workstation's architecture is different, please set `DOCKER_DEFAULT_PLATFORM=linux/amd64` in your environment or use the `--platform linux/amd64` flag in the docker command.
-
    > Enjoy Prowler App at http://localhost:3000 by signing up with your email and password.

    ???+ note
@@ -187,8 +185,6 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),
    * In the command below, change `-v` to your local directory path in order to access the reports.
    * AWS, GCP, Azure and/or Kubernetes credentials

-    > Containers are built for `linux/amd64`. If your workstation's architecture is different, please set `DOCKER_DEFAULT_PLATFORM=linux/amd64` in your environment or use the `--platform linux/amd64` flag in the docker command.
-
    _Commands_:

    ``` bash
@@ -319,14 +315,10 @@ The available versions of Prowler CLI are the following:
 - `v3-stable`: this tag always point to the latest release for v3.

 The container images are available here:
-
 - Prowler CLI:
-
    - [DockerHub](https://hub.docker.com/r/toniblyx/prowler/tags)
    - [AWS Public ECR](https://gallery.ecr.aws/prowler-cloud/prowler)
-
 - Prowler App:
-
    - [DockerHub - Prowler UI](https://hub.docker.com/r/prowlercloud/prowler-ui/tags)
    - [DockerHub - Prowler API](https://hub.docker.com/r/prowlercloud/prowler-api/tags)

@@ -1,10 +1,6 @@
-# How to create Prowler Service Principal Application
+# How to create Prowler Service Principal

-To allow Prowler assume an identity to start the scan with the required privileges is necesary to create a Service Principal. This Service Principal is going to be used to authenticate against Azure and retrieve the metadata needed to perform the checks.
-
-To create a Service Principal Application you can use the Azure Portal or the Azure CLI.
-
-## From Azure Portal
+To allow Prowler assume an identity to start the scan with the required privileges is necesary to create a Service Principal. To create one follow the next steps:

 1. Access to Microsoft Entra ID
 2. In the left menu bar, go to "App registrations"
@@ -17,39 +13,9 @@ To create a Service Principal Application you can use the Azure Portal or the Az

 ![Register an Application page](../img/create-sp.gif)

-## From Azure CLI
+## Assigning the proper permissions

-To create a Service Principal using the Azure CLI, follow the next steps:
-
-1. Open a terminal and execute the following command to create a new Service Principal application:
-```console
-az ad sp create-for-rbac --name "ProwlerApp"
-```
-2. The output of the command is going to be similar to the following:
-```json
-{
-"appId": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-"displayName": "ProwlerApp",
-"password": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
-"tenant": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
-}
-```
-3. Save the values of `appId`, `password` and `tenant` to be used as credentials in Prowler.
-
-# Assigning the proper permissions
-
-To allow Prowler to retrieve metadata from the identity assumed and run specific Entra checks, it is needed to assign the following permissions:
-
- `Directory.Read.All`
- `Policy.Read.All`
- `UserAuthenticationMethod.Read.All` (used only for the Entra checks related with multifactor authentication)
-
-To assign the permissions you can make it from the Azure Portal or using the Azure CLI.
-
-???+ note
-    Once you have created and assigned the proper Entra permissions to the application, you can go to this [tutorial](../azure/subscriptions.md) to add the subscription permissions to the application and start scanning your resources.
-
-## From Azure Portal
+To allow Prowler to retrieve metadata from the identity assumed and specific Entra checks, it is needed to assign the following permissions:

 1. Access to Microsoft Entra ID
 2. In the left menu bar, go to "App registrations"
@@ -62,18 +28,7 @@ To assign the permissions you can make it from the Azure Portal or using the Azu
    - `Policy.Read.All`
    - `UserAuthenticationMethod.Read.All`
 8. Click on "Add permissions" to apply the new permissions.
-9. Finally, an admin should click on "Grant admin consent for [your tenant]" to apply the permissions.
+9. Finally, click on "Grant admin consent for [your tenant]" to apply the permissions.


 ![EntraID Permissions](../../img/AAD-permissions.png)
-
-## From Azure CLI
-
-1. Open a terminal and execute the following command to assign the permissions to the Service Principal:
-```console
-az ad app permission add --id {appId} --api 00000003-0000-0000-c000-000000000000 --api-permissions 7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role 246dd0d5-5bd0-4def-940b-0421030a5b68=Role 38d9df27-64da-44fd-b7c5-a6fbac20248f=Role
-```
-2. The admin consent is needed to apply the permissions, an admin should execute the following command:
-```console
-az ad app permission admin-consent --id {appId}
-```
@@ -1,8 +1,6 @@
 # Azure subscriptions scope

-The main target for performing the scans in Azure is the subscription scope. Prowler needs to have the proper permissions to access the subscription and retrieve the metadata needed to perform the checks.
-
-By default, Prowler is multi-subscription, which means that is going to scan all the subscriptions is able to list. If you only assign permissions to one subscription, it is going to scan a single one.
+By default, Prowler is multisubscription, which means that is going to scan all the subscriptions is able to list. If you only assign permissions to one subscription, it is going to scan a single one.
 Prowler also has the ability to limit the subscriptions to scan to a set passed as input argument, to do so:

 ```console
@@ -11,124 +9,35 @@ prowler azure --az-cli-auth --subscription-ids <subscription ID 1> <subscription

 Where you can pass from 1 up to N subscriptions to be scanned.

-???+ warning
-    The multi-subscription feature is only available for the CLI, in the case of Prowler App is only possible to scan one subscription per scan.
+## Assigning proper permissions

-## Assign the appropriate permissions to the identity that is going to be assumed by Prowler
+Regarding the subscription scope, Prowler by default scans all subscriptions that it is able to list, so it is necessary to add the `Reader` RBAC built-in roles per subscription or management group (recommended for multiple subscriptions, see it in the [next section](#recommendation-for-multiple-subscriptions)) to the entity that will be adopted by the tool:

+To assign this roles, follow the instructions:

-Regarding the subscription scope, Prowler, by default, scans all subscriptions it can access. Therefore, it is necessary to add a `Reader` role assignment for each subscription you want to audit. To make it easier and less repetitive to assign roles in environments with multiple subscriptions check the [following section](#recommendation-for-multiple-subscriptions).
-
-### From Azure Portal
-
-1. Access to the subscription you want to scan with Prowler.
-2. Select "Access control (IAM)" in the left menu.
-3. Click on "+ Add" and select "Add role assignment".
-4. In the search bar, type `Reader`, select it and click on "Next".
-5. In the Members tab, click on "+ Select members" and add the members you want to assign this role.
-6. Click on "Review + assign" to apply the new role.
+1. Access your subscription, then select your subscription.
+2. Select "Access control (IAM)".
+3. In the overview, select "Roles".
+4. Click on "+ Add" and select "Add role assignment".
+5. In the search bar, type `Reader`, select it and click on "Next".
+6. In the Members tab, click on "+ Select members" and add the members you want to assign this role.
+7. Click on "Review + assign" to apply the new role.

 ![Add reader role to subscription](../../img/add-reader-role.gif)

-### From Azure CLI
-
-1. Open a terminal and execute the following command to assign the `Reader` role to the identity that is going to be assumed by Prowler:
-```console
-az role assignment create --role "Reader" --assignee <user, group, or service principal> --scope /subscriptions/<subscription-id>
-```
-2. If the command is executed successfully, the output is going to be similar to the following:
-```json
-{
-    "condition": null,
-    "conditionVersion": null,
-    "createdBy": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "createdOn": "YYYY-MM-DDTHH:MM:SS.SSSSSS+00:00",
-    "delegatedManagedIdentityResourceId": null,
-    "description": null,
-    "id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/providers/Microsoft.Authorization/roleAssignments/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "name": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "principalId": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "principalName": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "principalType": "ServicePrincipal",
-    "roleDefinitionId": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/providers/Microsoft.Authorization/roleDefinitions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "roleDefinitionName": "Reader",
-    "scope": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "type": "Microsoft.Authorization/roleAssignments",
-    "updatedBy": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "updatedOn": "YYYY-MM-DDTHH:MM:SS.SSSSSS+00:00"
-}
-```
-
-### Prowler Custom Role
-
-Moreover, some additional read-only permissions not included in the built-in reader role are needed for some checks, for this kind of checks we use a custom role. This role is defined in [prowler-azure-custom-role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json). Once the custom role is created you can assign it in the same way as the `Reader` role.
-
-The checks that needs the `ProwlerRole` can be consulted in the [requirements section](../../getting-started/requirements.md#checks-that-require-prowlerrole).
-
-#### Create ProwlerRole from Azure Portal
-
-1. Download the [prowler-azure-custom-role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json) file and modify the `assignableScopes` field to be the subscription ID where the role assignment is going to be made, it should be shomething like `/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX`.
-2. Access your subscription.
-3. Select "Access control (IAM)".
-4. Click on "+ Add" and select "Add custom role".
-5. In the "Baseline permissions" select "Start from JSON" and upload the file downloaded and modified in the step 1.
-7. Click on "Review + create" to create the new role.
-
-#### Create ProwlerRole from Azure CLI
-
-1. Open a terminal and execute the following command to create a new custom role:
-```console
-az role definition create --role-definition '{                                                                                                                   640ms  lun 16 dic 17:04:17 2024
-                     "Name": "ProwlerRole",
-                     "IsCustom": true,
-                     "Description": "Role used for checks that require read-only access to Azure resources and are not covered by the Reader role.",
-                     "AssignableScopes": [
-                       "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" // USE YOUR SUBSCRIPTION ID
-                     ],
-                     "Actions": [
-                       "Microsoft.Web/sites/host/listkeys/action",
-                       "Microsoft.Web/sites/config/list/Action"
-                     ]
-                   }'
-```
-3. If the command is executed successfully, the output is going to be similar to the following:
-```json
-{
-    "assignableScopes": [
-        "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
-    ],
-    "createdBy": null,
-    "createdOn": "YYYY-MM-DDTHH:MM:SS.SSSSSS+00:00",
-    "description": "Role used for checks that require read-only access to Azure resources and are not covered by the Reader role.",
-    "id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/providers/Microsoft.Authorization/roleDefinitions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "name": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "permissions": [
-        {
-            "actions": [
-                "Microsoft.Web/sites/host/listkeys/action",
-                "Microsoft.Web/sites/config/list/Action"
-            ],
-            "condition": null,
-            "conditionVersion": null,
-            "dataActions": [],
-            "notActions": [],
-            "notDataActions": []
-        }
-    ],
-    "roleName": "ProwlerRole",
-    "roleType": "CustomRole",
-    "type": "Microsoft.Authorization/roleDefinitions",
-    "updatedBy": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
-    "updatedOn": "YYYY-MM-DDTHH:MM:SS.SSSSSS+00:00"
-}
-```
+Moreover, some additional read-only permissions are needed for some checks, for this kind of checks that are not covered by built-in roles we use a custom role. This role is defined in [prowler-azure-custom-role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json). Once the cusotm role is created, repeat the steps mentioned above to assign the new `ProwlerRole` to an identity.

 ## Recommendation for multiple subscriptions

-Scanning multiple subscriptions can be tedious due to the need to create and assign roles for each one. To simplify this process, we recommend using management groups to organize and audit subscriptions collectively with Prowler.
+While scanning multiple subscriptions could be tedious to create and assign roles for each one. For this reason in Prowler we recommend the usage of *[management groups](https://learn.microsoft.com/en-us/azure/governance/management-groups/overview)* to group all subscriptions that are going to be audited by Prowler.
+
+To do this in a proper way you have to [create a new management group](https://learn.microsoft.com/en-us/azure/governance/management-groups/create-management-group-portal) and add all roles in the same way that have been done for subscription scope.

-1. **Create a Management Group**: Follow the [official guide](https://learn.microsoft.com/en-us/azure/governance/management-groups/create-management-group-portal) to create a new management group.
 ![Create management group](../../img/create-management-group.gif)
-2. **Add all roles**: Assign roles at to the new management group like in the [past section](#assign-the-appropriate-permissions-to-the-identity-that-is-going-to-be-assumed-by-prowler) but at the management group level instead of the subscription level.
-3. **Add subscriptions**: Add all the subscriptions you want to audit to the management group.
+
+Once the management group is properly set you can add all the subscription that you want to audit.
+
 ![Add subscription to management group](../../img/add-sub-to-management-group.gif)
+
+???+ note
+    By default, `prowler` will scan all subscriptions in the Azure tenant, use the flag `--subscription-id` to specify the subscriptions to be scanned.
@@ -45,7 +45,7 @@ Once you’ve selected a provider, you need to provide the Provider UID:
 - **AWS**: Enter your AWS Account ID.
 - **GCP**: Enter your GCP Project ID.
 - **Azure**: Enter your Azure Subscription ID.
- **Kubernetes**: Enter your Kubernetes Cluster context of your kubeconfig file.
+- **Kubernetes**: Enter your Kubernetes Cluster name.

 Optionally, provide a **Provider Alias** for easier identification. Follow the instructions provided to add your credentials:

@@ -74,7 +74,7 @@ For AWS, enter your `AWS Account ID` and choose one of the following methods to
 ---

 ### **Step 4.2: Azure Credentials**
-For Azure, Prowler App uses a service principal application to authenticate, for more information about the process of creating and adding permissions to a service principal check this [section](../getting-started/requirements.md#azure). When you finish creating and adding the [Entra](./azure/create-prowler-service-principal.md#assigning-the-proper-permissions) and [Subscription](./azure/subscriptions.md#assign-the-appropriate-permissions-to-the-identity-that-is-going-to-be-assumed-by-prowler) scope permissions to the service principal, enter the `Tenant ID`, `Client ID` and `Client Secret` of the service principal application.
+For Azure, Prowler App uses a Service Principal to authenticate. See the steps in https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/azure/create-prowler-service-principal/ to create a Service Principal. Then, enter the `Tenant ID`, `Client ID` and `Client Secret` of the Service Principal.

 <img src="../../img/azure-credentials.png" alt="Azure Credentials" width="700"/>

@@ -198,13 +198,13 @@ trio = ["trio (>=0.26.1)"]

 [[package]]
 name = "astroid"
-version = "3.3.8"
+version = "3.3.5"
 description = "An abstract syntax tree for Python with inference support."
 optional = false
 python-versions = ">=3.9.0"
 files = [
-    {file = "astroid-3.3.8-py3-none-any.whl", hash = "sha256:187ccc0c248bfbba564826c26f070494f7bc964fd286b6d9fff4420e55de828c"},
-    {file = "astroid-3.3.8.tar.gz", hash = "sha256:a88c7994f914a4ea8572fac479459f4955eeccc877be3f2d959a33273b0cf40b"},
+    {file = "astroid-3.3.5-py3-none-any.whl", hash = "sha256:a9d1c946ada25098d790e079ba2a1b112157278f3fb7e718ae6a9252f5835dc8"},
+    {file = "astroid-3.3.5.tar.gz", hash = "sha256:5cfc40ae9f68311075d27ef68a4841bdc5cc7f6cf86671b49f00607d30188e2d"},
 ]

 [package.dependencies]
@@ -399,13 +399,13 @@ isodate = ">=0.6.1,<1.0.0"

 [[package]]
 name = "azure-mgmt-compute"
-version = "33.1.0"
+version = "33.0.0"
 description = "Microsoft Azure Compute Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "azure_mgmt_compute-33.1.0-py3-none-any.whl", hash = "sha256:9b119a1b7f621aee951074ef110b16d545d7b45c9cfb303becf04210bd772c91"},
-    {file = "azure_mgmt_compute-33.1.0.tar.gz", hash = "sha256:f5a5e18a5a7a0354562bbfa589b5db4aaf1e8ac3a194a2a910db55900d2535e9"},
+    {file = "azure-mgmt-compute-33.0.0.tar.gz", hash = "sha256:a3cc0fe4f09c8e1d3523c1bfb92620dfe263a0a893b0ac13a33d7057e9ddddd2"},
+    {file = "azure_mgmt_compute-33.0.0-py3-none-any.whl", hash = "sha256:155f8d78a1fdedcea1725fd12b85b2d87fbcb6b53f8e77451c644f45701e3bcf"},
 ]

 [package.dependencies]
@@ -513,13 +513,13 @@ isodate = ">=0.6.1,<1.0.0"

 [[package]]
 name = "azure-mgmt-network"
-version = "28.1.0"
+version = "28.0.0"
 description = "Microsoft Azure Network Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "azure_mgmt_network-28.1.0-py3-none-any.whl", hash = "sha256:8ddb0e9ec8f10c9c152d60fc945908d113e4591f397ea3e40b92290ec2b01658"},
-    {file = "azure_mgmt_network-28.1.0.tar.gz", hash = "sha256:8c84bffb5ec75c6e0244e58ecf07c00d5fc421d616b0cb369c6fe585af33cf87"},
+    {file = "azure_mgmt_network-28.0.0-py3-none-any.whl", hash = "sha256:2ee23c1f2ba75752187bd7f4c3e94ad172282cbf8153694feadc7886ef88493c"},
+    {file = "azure_mgmt_network-28.0.0.tar.gz", hash = "sha256:40356d348ef4838324f19a41cd80340b4f8dd4ac2f0a18a4cbd5cc95ef2974f3"},
 ]

 [package.dependencies]
@@ -775,17 +775,17 @@ files = [

 [[package]]
 name = "boto3"
-version = "1.35.94"
+version = "1.35.81"
 description = "The AWS SDK for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "boto3-1.35.94-py3-none-any.whl", hash = "sha256:516c514fb447d6f216833d06a0781c003fcf43099a4ca2f5a363a8afe0942070"},
-    {file = "boto3-1.35.94.tar.gz", hash = "sha256:5aa606239f0fe0dca0506e0ad6bbe4c589048e7e6c2486cee5ec22b6aa7ec2f8"},
+    {file = "boto3-1.35.81-py3-none-any.whl", hash = "sha256:742941b2424c0223d2d94a08c3485462fa7c58d816b62ca80f08e555243acee1"},
+    {file = "boto3-1.35.81.tar.gz", hash = "sha256:d2e95fa06f095b8e0c545dd678c6269d253809b2997c30f5ce8a956c410b4e86"},
 ]

 [package.dependencies]
-botocore = ">=1.35.94,<1.36.0"
+botocore = ">=1.35.81,<1.36.0"
 jmespath = ">=0.7.1,<2.0.0"
 s3transfer = ">=0.10.0,<0.11.0"

@@ -794,13 +794,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"]

 [[package]]
 name = "botocore"
-version = "1.35.94"
+version = "1.35.81"
 description = "Low-level, data-driven core of boto 3."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "botocore-1.35.94-py3-none-any.whl", hash = "sha256:d784d944865d8279c79d2301fc09ac28b5221d4e7328fb4e23c642c253b9932c"},
-    {file = "botocore-1.35.94.tar.gz", hash = "sha256:2b3309b356541faa4d88bb957dcac1d8004aa44953c0b7d4521a6cc5d3d5d6ba"},
+    {file = "botocore-1.35.81-py3-none-any.whl", hash = "sha256:a7b13bbd959bf2d6f38f681676aab408be01974c46802ab997617b51399239f7"},
+    {file = "botocore-1.35.81.tar.gz", hash = "sha256:564c2478e50179e0b766e6a87e5e0cdd35e1bc37eb375c1cf15511f5dd13600d"},
 ]

 [package.dependencies]
@@ -1099,73 +1099,73 @@ files = [

 [[package]]
 name = "coverage"
-version = "7.6.10"
+version = "7.6.9"
 description = "Code coverage measurement for Python"
 optional = false
 python-versions = ">=3.9"
 files = [
-    {file = "coverage-7.6.10-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:5c912978f7fbf47ef99cec50c4401340436d200d41d714c7a4766f377c5b7b78"},
-    {file = "coverage-7.6.10-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:a01ec4af7dfeb96ff0078ad9a48810bb0cc8abcb0115180c6013a6b26237626c"},
-    {file = "coverage-7.6.10-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a3b204c11e2b2d883946fe1d97f89403aa1811df28ce0447439178cc7463448a"},
-    {file = "coverage-7.6.10-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:32ee6d8491fcfc82652a37109f69dee9a830e9379166cb73c16d8dc5c2915165"},
-    {file = "coverage-7.6.10-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:675cefc4c06e3b4c876b85bfb7c59c5e2218167bbd4da5075cbe3b5790a28988"},
-    {file = "coverage-7.6.10-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:f4f620668dbc6f5e909a0946a877310fb3d57aea8198bde792aae369ee1c23b5"},
-    {file = "coverage-7.6.10-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:4eea95ef275de7abaef630c9b2c002ffbc01918b726a39f5a4353916ec72d2f3"},
-    {file = "coverage-7.6.10-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:e2f0280519e42b0a17550072861e0bc8a80a0870de260f9796157d3fca2733c5"},
-    {file = "coverage-7.6.10-cp310-cp310-win32.whl", hash = "sha256:bc67deb76bc3717f22e765ab3e07ee9c7a5e26b9019ca19a3b063d9f4b874244"},
-    {file = "coverage-7.6.10-cp310-cp310-win_amd64.whl", hash = "sha256:0f460286cb94036455e703c66988851d970fdfd8acc2a1122ab7f4f904e4029e"},
-    {file = "coverage-7.6.10-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:ea3c8f04b3e4af80e17bab607c386a830ffc2fb88a5484e1df756478cf70d1d3"},
-    {file = "coverage-7.6.10-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:507a20fc863cae1d5720797761b42d2d87a04b3e5aeb682ef3b7332e90598f43"},
-    {file = "coverage-7.6.10-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d37a84878285b903c0fe21ac8794c6dab58150e9359f1aaebbeddd6412d53132"},
-    {file = "coverage-7.6.10-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a534738b47b0de1995f85f582d983d94031dffb48ab86c95bdf88dc62212142f"},
-    {file = "coverage-7.6.10-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0d7a2bf79378d8fb8afaa994f91bfd8215134f8631d27eba3e0e2c13546ce994"},
-    {file = "coverage-7.6.10-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:6713ba4b4ebc330f3def51df1d5d38fad60b66720948112f114968feb52d3f99"},
-    {file = "coverage-7.6.10-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:ab32947f481f7e8c763fa2c92fd9f44eeb143e7610c4ca9ecd6a36adab4081bd"},
-    {file = "coverage-7.6.10-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:7bbd8c8f1b115b892e34ba66a097b915d3871db7ce0e6b9901f462ff3a975377"},
-    {file = "coverage-7.6.10-cp311-cp311-win32.whl", hash = "sha256:299e91b274c5c9cdb64cbdf1b3e4a8fe538a7a86acdd08fae52301b28ba297f8"},
-    {file = "coverage-7.6.10-cp311-cp311-win_amd64.whl", hash = "sha256:489a01f94aa581dbd961f306e37d75d4ba16104bbfa2b0edb21d29b73be83609"},
-    {file = "coverage-7.6.10-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:27c6e64726b307782fa5cbe531e7647aee385a29b2107cd87ba7c0105a5d3853"},
-    {file = "coverage-7.6.10-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:c56e097019e72c373bae32d946ecf9858fda841e48d82df7e81c63ac25554078"},
-    {file = "coverage-7.6.10-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c7827a5bc7bdb197b9e066cdf650b2887597ad124dd99777332776f7b7c7d0d0"},
-    {file = "coverage-7.6.10-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:204a8238afe787323a8b47d8be4df89772d5c1e4651b9ffa808552bdf20e1d50"},
-    {file = "coverage-7.6.10-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e67926f51821b8e9deb6426ff3164870976fe414d033ad90ea75e7ed0c2e5022"},
-    {file = "coverage-7.6.10-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:e78b270eadb5702938c3dbe9367f878249b5ef9a2fcc5360ac7bff694310d17b"},
-    {file = "coverage-7.6.10-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:714f942b9c15c3a7a5fe6876ce30af831c2ad4ce902410b7466b662358c852c0"},
-    {file = "coverage-7.6.10-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:abb02e2f5a3187b2ac4cd46b8ced85a0858230b577ccb2c62c81482ca7d18852"},
-    {file = "coverage-7.6.10-cp312-cp312-win32.whl", hash = "sha256:55b201b97286cf61f5e76063f9e2a1d8d2972fc2fcfd2c1272530172fd28c359"},
-    {file = "coverage-7.6.10-cp312-cp312-win_amd64.whl", hash = "sha256:e4ae5ac5e0d1e4edfc9b4b57b4cbecd5bc266a6915c500f358817a8496739247"},
-    {file = "coverage-7.6.10-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:05fca8ba6a87aabdd2d30d0b6c838b50510b56cdcfc604d40760dae7153b73d9"},
-    {file = "coverage-7.6.10-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:9e80eba8801c386f72e0712a0453431259c45c3249f0009aff537a517b52942b"},
-    {file = "coverage-7.6.10-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a372c89c939d57abe09e08c0578c1d212e7a678135d53aa16eec4430adc5e690"},
-    {file = "coverage-7.6.10-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ec22b5e7fe7a0fa8509181c4aac1db48f3dd4d3a566131b313d1efc102892c18"},
-    {file = "coverage-7.6.10-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:26bcf5c4df41cad1b19c84af71c22cbc9ea9a547fc973f1f2cc9a290002c8b3c"},
-    {file = "coverage-7.6.10-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:4e4630c26b6084c9b3cb53b15bd488f30ceb50b73c35c5ad7871b869cb7365fd"},
-    {file = "coverage-7.6.10-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2396e8116db77789f819d2bc8a7e200232b7a282c66e0ae2d2cd84581a89757e"},
-    {file = "coverage-7.6.10-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:79109c70cc0882e4d2d002fe69a24aa504dec0cc17169b3c7f41a1d341a73694"},
-    {file = "coverage-7.6.10-cp313-cp313-win32.whl", hash = "sha256:9e1747bab246d6ff2c4f28b4d186b205adced9f7bd9dc362051cc37c4a0c7bd6"},
-    {file = "coverage-7.6.10-cp313-cp313-win_amd64.whl", hash = "sha256:254f1a3b1eef5f7ed23ef265eaa89c65c8c5b6b257327c149db1ca9d4a35f25e"},
-    {file = "coverage-7.6.10-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:2ccf240eb719789cedbb9fd1338055de2761088202a9a0b73032857e53f612fe"},
-    {file = "coverage-7.6.10-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:0c807ca74d5a5e64427c8805de15b9ca140bba13572d6d74e262f46f50b13273"},
-    {file = "coverage-7.6.10-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2bcfa46d7709b5a7ffe089075799b902020b62e7ee56ebaed2f4bdac04c508d8"},
-    {file = "coverage-7.6.10-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4e0de1e902669dccbf80b0415fb6b43d27edca2fbd48c74da378923b05316098"},
-    {file = "coverage-7.6.10-cp313-cp313t-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3f7b444c42bbc533aaae6b5a2166fd1a797cdb5eb58ee51a92bee1eb94a1e1cb"},
-    {file = "coverage-7.6.10-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:b330368cb99ef72fcd2dc3ed260adf67b31499584dc8a20225e85bfe6f6cfed0"},
-    {file = "coverage-7.6.10-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:9a7cfb50515f87f7ed30bc882f68812fd98bc2852957df69f3003d22a2aa0abf"},
-    {file = "coverage-7.6.10-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:6f93531882a5f68c28090f901b1d135de61b56331bba82028489bc51bdd818d2"},
-    {file = "coverage-7.6.10-cp313-cp313t-win32.whl", hash = "sha256:89d76815a26197c858f53c7f6a656686ec392b25991f9e409bcef020cd532312"},
-    {file = "coverage-7.6.10-cp313-cp313t-win_amd64.whl", hash = "sha256:54a5f0f43950a36312155dae55c505a76cd7f2b12d26abeebbe7a0b36dbc868d"},
-    {file = "coverage-7.6.10-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:656c82b8a0ead8bba147de9a89bda95064874c91a3ed43a00e687f23cc19d53a"},
-    {file = "coverage-7.6.10-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:ccc2b70a7ed475c68ceb548bf69cec1e27305c1c2606a5eb7c3afff56a1b3b27"},
-    {file = "coverage-7.6.10-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a5e37dc41d57ceba70956fa2fc5b63c26dba863c946ace9705f8eca99daecdc4"},
-    {file = "coverage-7.6.10-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0aa9692b4fdd83a4647eeb7db46410ea1322b5ed94cd1715ef09d1d5922ba87f"},
-    {file = "coverage-7.6.10-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:aa744da1820678b475e4ba3dfd994c321c5b13381d1041fe9c608620e6676e25"},
-    {file = "coverage-7.6.10-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:c0b1818063dc9e9d838c09e3a473c1422f517889436dd980f5d721899e66f315"},
-    {file = "coverage-7.6.10-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:59af35558ba08b758aec4d56182b222976330ef8d2feacbb93964f576a7e7a90"},
-    {file = "coverage-7.6.10-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:7ed2f37cfce1ce101e6dffdfd1c99e729dd2ffc291d02d3e2d0af8b53d13840d"},
-    {file = "coverage-7.6.10-cp39-cp39-win32.whl", hash = "sha256:4bcc276261505d82f0ad426870c3b12cb177752834a633e737ec5ee79bbdff18"},
-    {file = "coverage-7.6.10-cp39-cp39-win_amd64.whl", hash = "sha256:457574f4599d2b00f7f637a0700a6422243b3565509457b2dbd3f50703e11f59"},
-    {file = "coverage-7.6.10-pp39.pp310-none-any.whl", hash = "sha256:fd34e7b3405f0cc7ab03d54a334c17a9e802897580d964bd8c2001f4b9fd488f"},
-    {file = "coverage-7.6.10.tar.gz", hash = "sha256:7fb105327c8f8f0682e29843e2ff96af9dcbe5bab8eeb4b398c6a33a16d80a23"},
+    {file = "coverage-7.6.9-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:85d9636f72e8991a1706b2b55b06c27545448baf9f6dbf51c4004609aacd7dcb"},
+    {file = "coverage-7.6.9-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:608a7fd78c67bee8936378299a6cb9f5149bb80238c7a566fc3e6717a4e68710"},
+    {file = "coverage-7.6.9-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:96d636c77af18b5cb664ddf12dab9b15a0cfe9c0bde715da38698c8cea748bfa"},
+    {file = "coverage-7.6.9-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d75cded8a3cff93da9edc31446872d2997e327921d8eed86641efafd350e1df1"},
+    {file = "coverage-7.6.9-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f7b15f589593110ae767ce997775d645b47e5cbbf54fd322f8ebea6277466cec"},
+    {file = "coverage-7.6.9-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:44349150f6811b44b25574839b39ae35291f6496eb795b7366fef3bd3cf112d3"},
+    {file = "coverage-7.6.9-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:d891c136b5b310d0e702e186d70cd16d1119ea8927347045124cb286b29297e5"},
+    {file = "coverage-7.6.9-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:db1dab894cc139f67822a92910466531de5ea6034ddfd2b11c0d4c6257168073"},
+    {file = "coverage-7.6.9-cp310-cp310-win32.whl", hash = "sha256:41ff7b0da5af71a51b53f501a3bac65fb0ec311ebed1632e58fc6107f03b9198"},
+    {file = "coverage-7.6.9-cp310-cp310-win_amd64.whl", hash = "sha256:35371f8438028fdccfaf3570b31d98e8d9eda8bb1d6ab9473f5a390969e98717"},
+    {file = "coverage-7.6.9-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:932fc826442132dde42ee52cf66d941f581c685a6313feebed358411238f60f9"},
+    {file = "coverage-7.6.9-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:085161be5f3b30fd9b3e7b9a8c301f935c8313dcf928a07b116324abea2c1c2c"},
+    {file = "coverage-7.6.9-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ccc660a77e1c2bf24ddbce969af9447a9474790160cfb23de6be4fa88e3951c7"},
+    {file = "coverage-7.6.9-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c69e42c892c018cd3c8d90da61d845f50a8243062b19d228189b0224150018a9"},
+    {file = "coverage-7.6.9-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0824a28ec542a0be22f60c6ac36d679e0e262e5353203bea81d44ee81fe9c6d4"},
+    {file = "coverage-7.6.9-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:4401ae5fc52ad8d26d2a5d8a7428b0f0c72431683f8e63e42e70606374c311a1"},
+    {file = "coverage-7.6.9-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:98caba4476a6c8d59ec1eb00c7dd862ba9beca34085642d46ed503cc2d440d4b"},
+    {file = "coverage-7.6.9-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:ee5defd1733fd6ec08b168bd4f5387d5b322f45ca9e0e6c817ea6c4cd36313e3"},
+    {file = "coverage-7.6.9-cp311-cp311-win32.whl", hash = "sha256:f2d1ec60d6d256bdf298cb86b78dd715980828f50c46701abc3b0a2b3f8a0dc0"},
+    {file = "coverage-7.6.9-cp311-cp311-win_amd64.whl", hash = "sha256:0d59fd927b1f04de57a2ba0137166d31c1a6dd9e764ad4af552912d70428c92b"},
+    {file = "coverage-7.6.9-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:99e266ae0b5d15f1ca8d278a668df6f51cc4b854513daab5cae695ed7b721cf8"},
+    {file = "coverage-7.6.9-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:9901d36492009a0a9b94b20e52ebfc8453bf49bb2b27bca2c9706f8b4f5a554a"},
+    {file = "coverage-7.6.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:abd3e72dd5b97e3af4246cdada7738ef0e608168de952b837b8dd7e90341f015"},
+    {file = "coverage-7.6.9-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ff74026a461eb0660366fb01c650c1d00f833a086b336bdad7ab00cc952072b3"},
+    {file = "coverage-7.6.9-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:65dad5a248823a4996724a88eb51d4b31587aa7aa428562dbe459c684e5787ae"},
+    {file = "coverage-7.6.9-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:22be16571504c9ccea919fcedb459d5ab20d41172056206eb2994e2ff06118a4"},
+    {file = "coverage-7.6.9-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f957943bc718b87144ecaee70762bc2bc3f1a7a53c7b861103546d3a403f0a6"},
+    {file = "coverage-7.6.9-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:0ae1387db4aecb1f485fb70a6c0148c6cdaebb6038f1d40089b1fc84a5db556f"},
+    {file = "coverage-7.6.9-cp312-cp312-win32.whl", hash = "sha256:1a330812d9cc7ac2182586f6d41b4d0fadf9be9049f350e0efb275c8ee8eb692"},
+    {file = "coverage-7.6.9-cp312-cp312-win_amd64.whl", hash = "sha256:b12c6b18269ca471eedd41c1b6a1065b2f7827508edb9a7ed5555e9a56dcfc97"},
+    {file = "coverage-7.6.9-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:899b8cd4781c400454f2f64f7776a5d87bbd7b3e7f7bda0cb18f857bb1334664"},
+    {file = "coverage-7.6.9-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:61f70dc68bd36810972e55bbbe83674ea073dd1dcc121040a08cdf3416c5349c"},
+    {file = "coverage-7.6.9-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8a289d23d4c46f1a82d5db4abeb40b9b5be91731ee19a379d15790e53031c014"},
+    {file = "coverage-7.6.9-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:7e216d8044a356fc0337c7a2a0536d6de07888d7bcda76febcb8adc50bdbbd00"},
+    {file = "coverage-7.6.9-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3c026eb44f744acaa2bda7493dad903aa5bf5fc4f2554293a798d5606710055d"},
+    {file = "coverage-7.6.9-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:e77363e8425325384f9d49272c54045bbed2f478e9dd698dbc65dbc37860eb0a"},
+    {file = "coverage-7.6.9-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:777abfab476cf83b5177b84d7486497e034eb9eaea0d746ce0c1268c71652077"},
+    {file = "coverage-7.6.9-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:447af20e25fdbe16f26e84eb714ba21d98868705cb138252d28bc400381f6ffb"},
+    {file = "coverage-7.6.9-cp313-cp313-win32.whl", hash = "sha256:d872ec5aeb086cbea771c573600d47944eea2dcba8be5f3ee649bfe3cb8dc9ba"},
+    {file = "coverage-7.6.9-cp313-cp313-win_amd64.whl", hash = "sha256:fd1213c86e48dfdc5a0cc676551db467495a95a662d2396ecd58e719191446e1"},
+    {file = "coverage-7.6.9-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:ba9e7484d286cd5a43744e5f47b0b3fb457865baf07bafc6bee91896364e1419"},
+    {file = "coverage-7.6.9-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:e5ea1cf0872ee455c03e5674b5bca5e3e68e159379c1af0903e89f5eba9ccc3a"},
+    {file = "coverage-7.6.9-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2d10e07aa2b91835d6abec555ec8b2733347956991901eea6ffac295f83a30e4"},
+    {file = "coverage-7.6.9-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:13a9e2d3ee855db3dd6ea1ba5203316a1b1fd8eaeffc37c5b54987e61e4194ae"},
+    {file = "coverage-7.6.9-cp313-cp313t-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9c38bf15a40ccf5619fa2fe8f26106c7e8e080d7760aeccb3722664c8656b030"},
+    {file = "coverage-7.6.9-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:d5275455b3e4627c8e7154feaf7ee0743c2e7af82f6e3b561967b1cca755a0be"},
+    {file = "coverage-7.6.9-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:8f8770dfc6e2c6a2d4569f411015c8d751c980d17a14b0530da2d7f27ffdd88e"},
+    {file = "coverage-7.6.9-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:8d2dfa71665a29b153a9681edb1c8d9c1ea50dfc2375fb4dac99ea7e21a0bcd9"},
+    {file = "coverage-7.6.9-cp313-cp313t-win32.whl", hash = "sha256:5e6b86b5847a016d0fbd31ffe1001b63355ed309651851295315031ea7eb5a9b"},
+    {file = "coverage-7.6.9-cp313-cp313t-win_amd64.whl", hash = "sha256:97ddc94d46088304772d21b060041c97fc16bdda13c6c7f9d8fcd8d5ae0d8611"},
+    {file = "coverage-7.6.9-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:adb697c0bd35100dc690de83154627fbab1f4f3c0386df266dded865fc50a902"},
+    {file = "coverage-7.6.9-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:be57b6d56e49c2739cdf776839a92330e933dd5e5d929966fbbd380c77f060be"},
+    {file = "coverage-7.6.9-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f1592791f8204ae9166de22ba7e6705fa4ebd02936c09436a1bb85aabca3e599"},
+    {file = "coverage-7.6.9-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4e12ae8cc979cf83d258acb5e1f1cf2f3f83524d1564a49d20b8bec14b637f08"},
+    {file = "coverage-7.6.9-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bb5555cff66c4d3d6213a296b360f9e1a8e323e74e0426b6c10ed7f4d021e464"},
+    {file = "coverage-7.6.9-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:b9389a429e0e5142e69d5bf4a435dd688c14478a19bb901735cdf75e57b13845"},
+    {file = "coverage-7.6.9-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:592ac539812e9b46046620341498caf09ca21023c41c893e1eb9dbda00a70cbf"},
+    {file = "coverage-7.6.9-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:a27801adef24cc30871da98a105f77995e13a25a505a0161911f6aafbd66e678"},
+    {file = "coverage-7.6.9-cp39-cp39-win32.whl", hash = "sha256:8e3c3e38930cfb729cb8137d7f055e5a473ddaf1217966aa6238c88bd9fd50e6"},
+    {file = "coverage-7.6.9-cp39-cp39-win_amd64.whl", hash = "sha256:e28bf44afa2b187cc9f41749138a64435bf340adfcacb5b2290c070ce99839d4"},
+    {file = "coverage-7.6.9-pp39.pp310-none-any.whl", hash = "sha256:f3ca78518bc6bc92828cd11867b121891d75cae4ea9e908d72030609b996db1b"},
+    {file = "coverage-7.6.9.tar.gz", hash = "sha256:4a8d8977b0c6ef5aeadcb644da9e69ae0dcfe66ec7f368c89c72e058bd71164d"},
 ]

 [package.dependencies]
@@ -1719,13 +1719,13 @@ grpcio-gcp = ["grpcio-gcp (>=0.2.2,<1.0.dev0)"]

 [[package]]
 name = "google-api-python-client"
-version = "2.158.0"
+version = "2.155.0"
 description = "Google API Client Library for Python"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "google_api_python_client-2.158.0-py2.py3-none-any.whl", hash = "sha256:36f8c8d2e79e50f76790ca5946d2f3f8333e210dc8539a6c88e0742416474ad2"},
-    {file = "google_api_python_client-2.158.0.tar.gz", hash = "sha256:b6664597a9955e04977a62752e33fe44cb35c580e190c1cb08a041893172bd67"},
+    {file = "google_api_python_client-2.155.0-py2.py3-none-any.whl", hash = "sha256:83fe9b5aa4160899079d7c93a37be306546a17e6686e2549bcc9584f1a229747"},
+    {file = "google_api_python_client-2.155.0.tar.gz", hash = "sha256:25529f89f0d13abcf3c05c089c423fb2858ac16e0b3727543393468d0d7af67c"},
 ]

 [package.dependencies]
@@ -2403,13 +2403,13 @@ files = [

 [[package]]
 name = "microsoft-kiota-abstractions"
-version = "1.6.8"
+version = "1.6.6"
 description = "Core abstractions for kiota generated libraries in Python"
 optional = false
 python-versions = "<4.0,>=3.8"
 files = [
-    {file = "microsoft_kiota_abstractions-1.6.8-py3-none-any.whl", hash = "sha256:12819dee24d5aaa31e99683d938f65e50cbc446de087df244cd26c3326ec4e15"},
-    {file = "microsoft_kiota_abstractions-1.6.8.tar.gz", hash = "sha256:7070affabfa7182841646a0c8491cbb240af366aff2b9132f0caa45c4837dd78"},
+    {file = "microsoft_kiota_abstractions-1.6.6-py3-none-any.whl", hash = "sha256:29071715baf0d604c381c5d17be47f35e6e63a441dcfb5e9141963406b469d50"},
+    {file = "microsoft_kiota_abstractions-1.6.6.tar.gz", hash = "sha256:2554495b00c9c25b43f6964a71b65c89a277bd6b50f4d0028a7febcec6c4fd67"},
 ]

 [package.dependencies]
@@ -2769,13 +2769,13 @@ dev = ["bumpver", "isort", "mypy", "pylint", "pytest", "yapf"]

 [[package]]
 name = "msgraph-sdk"
-version = "1.16.0"
+version = "1.14.0"
 description = "The Microsoft Graph Python SDK"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "msgraph_sdk-1.16.0-py3-none-any.whl", hash = "sha256:1dd26ece74c43167818e2ff58b062180233ce7187ad2a061057af1195395c56c"},
-    {file = "msgraph_sdk-1.16.0.tar.gz", hash = "sha256:980d19617d8d8b20545ef77fa5629fef768ce4ea1f2d1a124c5a9dd88d77940c"},
+    {file = "msgraph_sdk-1.14.0-py3-none-any.whl", hash = "sha256:1a2f327dc8fbe5a5e6d0d84cf71d605e7b118b3066b1e16f011ccd8fd927bb03"},
+    {file = "msgraph_sdk-1.14.0.tar.gz", hash = "sha256:5bbda80941c5d1794682753b8b291bd2ebed719a43d6de949fd0cd613b6dfbbd"},
 ]

 [package.dependencies]
@@ -3043,18 +3043,18 @@ signedtoken = ["cryptography (>=3.0.0)", "pyjwt (>=2.0.0,<3)"]

 [[package]]
 name = "openapi-schema-validator"
-version = "0.6.3"
+version = "0.6.2"
 description = "OpenAPI schema validation for Python"
 optional = false
-python-versions = "<4.0.0,>=3.8.0"
+python-versions = ">=3.8.0,<4.0.0"
 files = [
-    {file = "openapi_schema_validator-0.6.3-py3-none-any.whl", hash = "sha256:f3b9870f4e556b5a62a1c39da72a6b4b16f3ad9c73dc80084b1b11e74ba148a3"},
-    {file = "openapi_schema_validator-0.6.3.tar.gz", hash = "sha256:f37bace4fc2a5d96692f4f8b31dc0f8d7400fd04f3a937798eaf880d425de6ee"},
+    {file = "openapi_schema_validator-0.6.2-py3-none-any.whl", hash = "sha256:c4887c1347c669eb7cded9090f4438b710845cd0f90d1fb9e1b3303fb37339f8"},
+    {file = "openapi_schema_validator-0.6.2.tar.gz", hash = "sha256:11a95c9c9017912964e3e5f2545a5b11c3814880681fcacfb73b1759bb4f2804"},
 ]

 [package.dependencies]
 jsonschema = ">=4.19.1,<5.0.0"
-jsonschema-specifications = ">=2023.5.2"
+jsonschema-specifications = ">=2023.5.2,<2024.0.0"
 rfc3339-validator = "*"

 [[package]]
@@ -3796,17 +3796,17 @@ tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"]

 [[package]]
 name = "pylint"
-version = "3.3.3"
+version = "3.3.2"
 description = "python code static checker"
 optional = false
 python-versions = ">=3.9.0"
 files = [
-    {file = "pylint-3.3.3-py3-none-any.whl", hash = "sha256:26e271a2bc8bce0fc23833805a9076dd9b4d5194e2a02164942cb3cdc37b4183"},
-    {file = "pylint-3.3.3.tar.gz", hash = "sha256:07c607523b17e6d16e2ae0d7ef59602e332caa762af64203c24b41c27139f36a"},
+    {file = "pylint-3.3.2-py3-none-any.whl", hash = "sha256:77f068c287d49b8683cd7c6e624243c74f92890f767f106ffa1ddf3c0a54cb7a"},
+    {file = "pylint-3.3.2.tar.gz", hash = "sha256:9ec054ec992cd05ad30a6df1676229739a73f8feeabf3912c995d17601052b01"},
 ]

 [package.dependencies]
-astroid = ">=3.3.8,<=3.4.0-dev0"
+astroid = ">=3.3.5,<=3.4.0-dev0"
 colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""}
 dill = [
    {version = ">=0.2", markers = "python_version < \"3.11\""},
@@ -4643,13 +4643,13 @@ files = [

 [[package]]
 name = "slack-sdk"
-version = "3.34.0"
+version = "3.33.5"
 description = "The Slack API Platform SDK for Python"
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "slack_sdk-3.34.0-py2.py3-none-any.whl", hash = "sha256:c61f57f310d85be83466db5a98ab6ae3bb2e5587437b54fa0daa8fae6a0feffa"},
-    {file = "slack_sdk-3.34.0.tar.gz", hash = "sha256:ff61db7012160eed742285ea91f11c72b7a38a6500a7f6c5335662b4bc6b853d"},
+    {file = "slack_sdk-3.33.5-py2.py3-none-any.whl", hash = "sha256:b8cccadfa3d4005a5e6529f52000d25c583f46173fda8e9136fdd2bc58923ff6"},
+    {file = "slack_sdk-3.33.5.tar.gz", hash = "sha256:a5e74c00c99dc844ad93e501ab764a20d86fa8184bbc9432af217496f632c4ee"},
 ]

 [package.extras]
@@ -5199,4 +5199,4 @@ type = ["pytest-mypy"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.9,<3.13"
-content-hash = "08f577e54ba3af2dba39393521c3596c614cc6432278be4e0b001fa706c6dccc"
+content-hash = "aff89cb4b5b66d79efcf4e1f16fdc76e4a1019e4196cd8961299d479b99cf7fa"
@@ -455,8 +455,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides a variety of no, or low, cost encryption options to protect data at rest.",
@@ -477,8 +476,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "At the Amazon S3 bucket level, you can configure permissions through a bucket policy making the objects accessible only through HTTPS.",
@@ -499,8 +497,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Once MFA Delete is enabled on your sensitive and classified S3 bucket it requires the user to have two forms of authentication.",
@@ -521,8 +518,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Amazon S3 buckets can contain sensitive data, that for security purposes should be discovered, monitored, classified and protected. Macie along with other 3rd party tools can automatically provide an inventory of Amazon S3 buckets.",
@@ -544,8 +540,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides `Block public access (bucket settings)` and `Block public access (account settings)` to help you manage public access to Amazon S3 resources. By default, S3 buckets and objects are created with public access disabled. However, an IAM principal with sufficient S3 permissions can enable public access at the bucket and/or object level. While enabled, `Block public access (bucket settings)` prevents an individual bucket, and its contained objects, from becoming publicly accessible. Similarly, `Block public access (account settings)` prevents all buckets, and contained objects, from becoming publicly accessible across the entire account.",
@@ -566,8 +561,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.2. Elastic Compute Cloud (EC2)",
+          "Section": "2.2. Elastic Compute Cloud (EC2)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Elastic Compute Cloud (EC2) supports encryption at rest when using the Elastic Block Store (EBS) service. While disabled by default, forcing encryption at EBS volume creation is supported.",
@@ -588,8 +582,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon RDS encrypted DB instances use the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS DB instances. After your data is encrypted, Amazon RDS handles authentication of access and decryption of your data transparently with a minimal impact on performance.",
@@ -455,8 +455,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides a variety of no, or low, cost encryption options to protect data at rest.",
@@ -477,8 +476,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "At the Amazon S3 bucket level, you can configure permissions through a bucket policy making the objects accessible only through HTTPS.",
@@ -499,8 +497,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Once MFA Delete is enabled on your sensitive and classified S3 bucket it requires the user to have two forms of authentication.",
@@ -521,8 +518,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Amazon S3 buckets can contain sensitive data, that for security purposes should be discovered, monitored, classified and protected. Macie along with other 3rd party tools can automatically provide an inventory of Amazon S3 buckets.",
@@ -544,8 +540,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides `Block public access (bucket settings)` and `Block public access (account settings)` to help you manage public access to Amazon S3 resources. By default, S3 buckets and objects are created with public access disabled. However, an IAM principal with sufficient S3 permissions can enable public access at the bucket and/or object level. While enabled, `Block public access (bucket settings)` prevents an individual bucket, and its contained objects, from becoming publicly accessible. Similarly, `Block public access (account settings)` prevents all buckets, and contained objects, from becoming publicly accessible across the entire account.",
@@ -566,8 +561,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.2. Elastic Compute Cloud (EC2)",
+          "Section": "2.2. Elastic Compute Cloud (EC2)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Elastic Compute Cloud (EC2) supports encryption at rest when using the Elastic Block Store (EBS) service. While disabled by default, forcing encryption at EBS volume creation is supported.",
@@ -588,8 +582,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon RDS encrypted DB instances use the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS DB instances. After your data is encrypted, Amazon RDS handles authentication of access and decryption of your data transparently with a minimal impact on performance.",
@@ -610,8 +603,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that RDS database instances have the Auto Minor Version Upgrade flag enabled in order to receive automatically minor engine upgrades during the specified maintenance window. So, RDS instances can get the new features, bug fixes, and security patches for their database engines.",
@@ -632,8 +624,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure and verify that RDS database instances provisioned in your AWS account do restrict unauthorized access in order to minimize security risks. To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.",
@@ -654,8 +645,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.4 Elastic File System (EFS)",
+          "Section": "2.4 Elastic File System (EFS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "EFS data should be encrypted at rest using AWS KMS (Key Management Service).",
@@ -474,8 +474,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "At the Amazon S3 bucket level, you can configure permissions through a bucket policy making the objects accessible only through HTTPS.",
@@ -496,8 +495,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Once MFA Delete is enabled on your sensitive and classified S3 bucket it requires the user to have two forms of authentication.",
@@ -518,8 +516,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Amazon S3 buckets can contain sensitive data, that for security purposes should be discovered, monitored, classified and protected. Macie along with other 3rd party tools can automatically provide an inventory of Amazon S3 buckets.",
@@ -541,8 +538,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides `Block public access (bucket settings)` and `Block public access (account settings)` to help you manage public access to Amazon S3 resources. By default, S3 buckets and objects are created with public access disabled. However, an IAM principal with sufficient S3 permissions can enable public access at the bucket and/or object level. While enabled, `Block public access (bucket settings)` prevents an individual bucket, and its contained objects, from becoming publicly accessible. Similarly, `Block public access (account settings)` prevents all buckets, and contained objects, from becoming publicly accessible across the entire account.",
@@ -563,8 +559,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.2. Elastic Compute Cloud (EC2)",
+          "Section": "2.2. Elastic Compute Cloud (EC2)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Elastic Compute Cloud (EC2) supports encryption at rest when using the Elastic Block Store (EBS) service. While disabled by default, forcing encryption at EBS volume creation is supported.",
@@ -585,8 +580,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon RDS encrypted DB instances use the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS DB instances. After your data is encrypted, Amazon RDS handles authentication of access and decryption of your data transparently with a minimal impact on performance.",
@@ -607,8 +601,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that RDS database instances have the Auto Minor Version Upgrade flag enabled in order to receive automatically minor engine upgrades during the specified maintenance window. So, RDS instances can get the new features, bug fixes, and security patches for their database engines.",
@@ -629,8 +622,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure and verify that RDS database instances provisioned in your AWS account do restrict unauthorized access in order to minimize security risks. To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.",
@@ -651,8 +643,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.4 Elastic File System (EFS)",
+          "Section": "2.4 Elastic File System (EFS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "EFS data should be encrypted at rest using AWS KMS (Key Management Service).",
@@ -474,8 +474,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "At the Amazon S3 bucket level, you can configure permissions through a bucket policy making the objects accessible only through HTTPS.",
@@ -496,8 +495,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Once MFA Delete is enabled on your sensitive and classified S3 bucket it requires the user to have two forms of authentication.",
@@ -518,8 +516,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Amazon S3 buckets can contain sensitive data, that for security purposes should be discovered, monitored, classified and protected. Macie along with other 3rd party tools can automatically provide an inventory of Amazon S3 buckets.",
@@ -541,8 +538,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.1. Simple Storage Service (S3)",
+          "Section": "2.1. Simple Storage Service (S3)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon S3 provides `Block public access (bucket settings)` and `Block public access (account settings)` to help you manage public access to Amazon S3 resources. By default, S3 buckets and objects are created with public access disabled. However, an IAM principal with sufficient S3 permissions can enable public access at the bucket and/or object level. While enabled, `Block public access (bucket settings)` prevents an individual bucket, and its contained objects, from becoming publicly accessible. Similarly, `Block public access (account settings)` prevents all buckets, and contained objects, from becoming publicly accessible across the entire account.",
@@ -563,8 +559,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.2. Elastic Compute Cloud (EC2)",
+          "Section": "2.2. Elastic Compute Cloud (EC2)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Elastic Compute Cloud (EC2) supports encryption at rest when using the Elastic Block Store (EBS) service. While disabled by default, forcing encryption at EBS volume creation is supported.",
@@ -585,8 +580,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Amazon RDS encrypted DB instances use the industry standard AES-256 encryption algorithm to encrypt your data on the server that hosts your Amazon RDS DB instances. After your data is encrypted, Amazon RDS handles authentication of access and decryption of your data transparently with a minimal impact on performance.",
@@ -607,8 +601,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that RDS database instances have the Auto Minor Version Upgrade flag enabled in order to receive automatically minor engine upgrades during the specified maintenance window. So, RDS instances can get the new features, bug fixes, and security patches for their database engines.",
@@ -629,8 +622,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.3. Relational Database Service (RDS)",
+          "Section": "2.3. Relational Database Service (RDS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure and verify that RDS database instances provisioned in your AWS account do restrict unauthorized access in order to minimize security risks. To restrict access to anypublicly accessible RDS database instance, you must disable the database PubliclyAccessible flag and update the VPC security group associated with the instance",
@@ -651,8 +643,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Storage",
-          "SubSection": "2.4 Elastic File System (EFS)",
+          "Section": "2.4 Elastic File System (EFS)",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "EFS data should be encrypted at rest using AWS KMS (Key Management Service).",
@@ -12,8 +12,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.1 Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Security defaults in Azure Active Directory (Azure AD) make it easier to be secure and help protect your organization. Security defaults contain preconfigured security settings for common attacks. Security defaults is available to everyone. The goal is to ensure that all organizations have a basic level of security",
@@ -35,8 +34,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.1 Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Enable multi-factor authentication for all roles, groups, and users that have write access or permissions to Azure resources. These include custom created objects or built-in roles such as; • Service Co-Administrators • Subscription Owners • Contributors",
@@ -58,8 +56,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.1 Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable multi-factor authentication for all non-privileged users.",
@@ -79,8 +76,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.1 Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Do not allow users to remember multi-factor authentication on devices.",
@@ -102,8 +98,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Azure Active Directory Conditional Access allows an organization to configure Named locations and configure whether those locations are trusted or untrusted. These settings provide organizations the means to specify Geographical locations for use in conditional access policies, or define actual IP addresses and IP ranges and whether or not those IP addresses and/or ranges are trusted by the organization.",
@@ -123,8 +118,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "CAUTION: If these policies are created without first auditing and testing the result, misconfiguration can potentially lock out administrators or create undesired access issues. Conditional Access Policies can be used to block access from geographic locations that are deemed out-of-scope for your organization or application. The scope and variables for this policy should be carefully examined and defined.",
@@ -144,8 +138,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on login.",
@@ -165,8 +158,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on logins.",
@@ -186,8 +178,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on login.",
@@ -207,8 +198,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on logins.",
@@ -230,7 +220,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Require administrators or appropriately delegated users to create new tenants.",
@@ -250,7 +240,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "This recommendation extends guest access review by utilizing the Azure AD Privileged Identity Management feature provided in Azure AD Premium P2. Azure AD is extended to include Azure AD B2B collaboration, allowing you to invite people from outside your organization to be guest users in your cloud account and sign in with their own work, school, or social identities. Guest users allow you to share your company's applications and services with users from any other organization, while maintaining control over your own corporate data. Work with external partners, large or small, even if they don't have Azure AD or an IT department. A simple invitation and redemption process lets partners use their own credentials to access your company's resources a a guest user.",
@@ -270,7 +260,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Azure AD is extended to include Azure AD B2B collaboration, allowing you to invite people from outside your organization to be guest users in your cloud account and sign in with their own work, school, or social identities. Guest users allow you to share your company's applications and services with users from any other organization, while maintaining control over your own corporate data. Work with external partners, large or small, even if they don't have Azure AD or an IT department. A simple invitation and redemption process lets partners use their own credentials to access your company's resources as a guest user. Guest users in every subscription should be review on a regular basis to ensure that inactive and unneeded accounts are removed.",
@@ -290,7 +280,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Ensures that two alternate forms of identification are provided before allowing a password reset.",
@@ -310,7 +300,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Azure provides a Global Banned Password policy that applies to Azure administrative and normal user accounts. This is not applied to user accounts that are synced from an on-premise Active Directory unless Azure AD Connect is used and you enable EnforceCloudPasswordPolicyForPasswordSyncedUsers. Please see the list in default values on the specifics of this policy. To further password security, it is recommended to further define a custom banned password policy.",
@@ -330,7 +320,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that the number of days before users are asked to re-confirm their authentication information is not set to 0.",
@@ -350,7 +340,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that users are notified on their primary and secondary emails on password resets.",
@@ -370,7 +360,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that all Global Administrators are notified if any other administrator resets their password.",
@@ -392,7 +382,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Require administrators to provide consent for applications before use.",
@@ -414,7 +404,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Allow users to provide consent for selected permissions when a request is coming from a verified publisher.",
@@ -434,7 +424,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Require administrators to provide consent for the apps before use.",
@@ -456,7 +446,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Require administrators or appropriately delegated users to register third-party applications.",
@@ -478,7 +468,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Limit guest user permissions.",
@@ -500,7 +490,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Restrict invitations to users with specific administrative roles only.",
@@ -520,7 +510,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Restrict access to the Azure AD administration portal to administrators only. NOTE: This only affects access to the Azure AD administrator's web portal. This setting does not prohibit privileged users from using other methods such as Rest API or Powershell to obtain sensitive information from Azure AD.",
@@ -540,7 +530,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Restricts group creation to administrators with permissions only.",
@@ -562,7 +552,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Restrict security group creation to administrators only.",
@@ -582,7 +572,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Restrict security group management to administrators only.",
@@ -604,7 +594,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Restrict Microsoft 365 group creation to administrators only.",
@@ -624,7 +614,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Joining or registering devices to the active directory should require Multi-factor authentication.",
@@ -646,7 +636,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "The principle of least privilege should be followed and only necessary privileges should be assigned instead of allowing full administrative access.",
@@ -668,7 +658,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Resource locking is a powerful protection mechanism that can prevent inadvertent modification/deletion of resources within Azure subscriptions/Resource Groups and is a recommended NIST configuration.",
@@ -688,7 +678,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1. Identity and Access Management",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Users who are set as subscription owners are able to make administrative changes to the subscriptions and move them into and out of Azure Active Directories.",
@@ -710,8 +700,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Servers enables threat detection for Servers, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -733,8 +722,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for App Service enables threat detection for App Service, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -756,8 +744,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Databases enables threat detection for the instances running your database software. This provides threat intelligence, anomaly detection, and behavior analytics in the Azure Microsoft Defender for Cloud. Instead of being enabled on services like Platform as a Service (PaaS), this implementation will run within your instances as Infrastructure as a Service (IaaS) on the Operating Systems hosting your databases.",
@@ -779,8 +766,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Azure SQL Databases  enables threat detection for Azure SQL database servers, providing threat intelligence, anomaly detection, andbehavior analytics in the Microsoft Defender for Cloud.",
@@ -802,8 +788,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for SQL servers on machines enables threat detection for SQL servers on machines, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -825,8 +810,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -848,8 +832,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Storage enables threat detection for Storage, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -871,8 +854,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Containers enables threat detection for Container Registries including Kubernetes, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -894,8 +876,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Defender for Azure Cosmos DB scans all incoming network requests for threats to your Azure Cosmos DB resources.",
@@ -917,8 +898,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Turning on Microsoft Defender for Key Vault enables threat detection for Key Vault, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -940,8 +920,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Defender for DNS scans all network traffic exiting from within a subscription.",
@@ -963,8 +942,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Defender for Resource Manager scans incoming administrative requests to change your infrastructure from both CLI and the Azure portal.",
@@ -986,8 +964,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that the latest OS patches for all virtual machines are applied.",
@@ -1009,8 +986,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "None of the settings offered by ASC Default policy should be set to effect Disabled.",
@@ -1032,8 +1008,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Enable automatic provisioning of the monitoring agent to collect security data.",
@@ -1055,8 +1030,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable automatic provisioning of vulnerability assessment for machines on both Azure and hybrid (Arc enabled) machines.",
@@ -1076,8 +1050,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable automatic provisioning of the Microsoft Defender for Containers components.",
@@ -1099,8 +1072,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Enable security alert emails to subscription owners.",
@@ -1122,8 +1094,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Microsoft Defender for Cloud emails the subscription owners whenever a high-severity alert is triggered for their subscription. You should provide a security contact email address as an additional email address.",
@@ -1145,8 +1116,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enables emailing security alerts to the subscription owner or other designated security contact.",
@@ -1168,8 +1138,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "This integration setting enables Microsoft Defender for Cloud Apps (formerly 'Microsoft Cloud App Security' or 'MCAS' - see additional info) to communicate with Microsoft Defender for Cloud.",
@@ -1191,8 +1160,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "This integration setting enables Microsoft Defender for Endpoint (formerly 'Advanced Threat Protection' or 'ATP' or 'WDATP' - see additional info) to communicate with Microsoft Defender for Cloud. IMPORTANT: When enabling integration between DfE & DfC it needs to be taken into account that this will have some side effects that may be undesirable. 1. For server 2019 & above if defender is installed (default for these server SKU's) this will trigger a deployment of the new unified agent and link to any of the extended configuration in the Defender portal. 2. If the new unified agent is required for server SKU's of Win 2016 or Linux and lower there is additional integration that needs to be switched on and agents need to be aligned.",
@@ -1214,8 +1182,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.2 Microsoft Defender for IoT",
+          "Section": "2.2 Microsoft Defender for IoT",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Defender for IoT acts as a central security hub for IoT devices within your organization.",
@@ -1557,8 +1524,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable auditing on SQL Servers.",
@@ -1580,8 +1546,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP).",
@@ -1603,8 +1568,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Transparent Data Encryption (TDE) with Customer-managed key support provides increased transparency and control over the TDE Protector, increased security with an HSM-backed external service, and promotion of separation of duties. With TDE, data is encrypted at rest with a symmetric key (called the database encryption key) stored in the database or data warehouse distribution. To protect this data encryption key (DEK) in the past, only a certificate that the Azure SQL Service managed could be used. Now, with Customer-managed key support for TDE, the DEK can be protected with an asymmetric key that is stored in the Azure Key Vault. The Azure Key Vault is a highly available and scalable cloud-based key store which offers central key management, leverages FIPS 140-2 Level 2 validated hardware security modules (HSMs), and allows separation of management of keys and data for additional security. Based on business needs or criticality of data/databases hosted on a SQL server, it is recommended that the TDE protector is encrypted by a key that is managed by the data owner (Customer-managed key).",
@@ -1626,8 +1590,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Use Azure Active Directory Authentication for authentication with SQL Database to manage credentials in a single place.",
@@ -1649,8 +1612,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable Transparent Data Encryption on every SQL server.",
@@ -1672,8 +1634,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "SQL Server Audit Retention should be configured to be greater than 90 days.",
@@ -1695,8 +1656,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.2 SQL Server - Microsoft Defender for SQL",
+          "Section": "4.2 SQL Server - Microsoft Defender for SQL",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Enable 'Microsoft Defender for SQL' on critical SQL Servers.",
@@ -1718,8 +1678,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.2 SQL Server - Microsoft Defender for SQL",
+          "Section": "4.2 SQL Server - Microsoft Defender for SQL",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Enable Vulnerability Assessment (VA) service scans for critical SQL servers and corresponding SQL databases.",
@@ -1741,8 +1700,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.2 SQL Server - Microsoft Defender for SQL",
+          "Section": "4.2 SQL Server - Microsoft Defender for SQL",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Enable Vulnerability Assessment (VA) service scans for critical SQL servers and corresponding SQL databases.",
@@ -1764,8 +1722,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.2 SQL Server - Microsoft Defender for SQL",
+          "Section": "4.2 SQL Server - Microsoft Defender for SQL",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Configure 'Send scan reports to' with email addresses of concerned data owners/stakeholders for a critical SQL servers",
@@ -1787,8 +1744,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.2 SQL Server - Microsoft Defender for SQL",
+          "Section": "4.2 SQL Server - Microsoft Defender for SQL",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable Vulnerability Assessment (VA) setting 'Also send email notifications to admins and subscription owners'.",
@@ -1810,8 +1766,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable SSL connection on PostgreSQL Servers.",
@@ -1833,8 +1788,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable log_checkpoints on PostgreSQL Servers.",
@@ -1856,8 +1810,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable log_connections on PostgreSQL Servers.",
@@ -1879,8 +1832,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable log_disconnections on PostgreSQL Servers.",
@@ -1902,8 +1854,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable connection_throttling on PostgreSQL Servers.",
@@ -1925,8 +1876,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure log_retention_days on PostgreSQL Servers is set to an appropriate value.",
@@ -1948,8 +1898,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Disable access from Azure services to PostgreSQL Database Server.",
@@ -1969,8 +1918,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server",
+          "Section": "4.3 PostgreSQL Database Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Azure Database for PostgreSQL servers should be created with 'infrastructure double encryption' enabled.",
@@ -1992,8 +1940,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable SSL connection on MYSQL Servers.",
@@ -2015,8 +1962,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure TLS version on MySQL flexible servers is set to the default value.",
@@ -2038,8 +1984,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable audit_log_enabled on MySQL Servers.",
@@ -2061,8 +2006,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Set audit_log_enabled to include CONNECTION on MySQL Servers.",
@@ -2084,8 +2028,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Limiting your Cosmos DB to only communicate on whitelisted networks lowers its attack footprint.",
@@ -2107,8 +2050,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Private endpoints limit network traffic to approved sources.",
@@ -2130,8 +2072,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Cosmos DB can use tokens or AAD for client authentication which in turn will use Azure RBAC for authorization. Using AAD is significantly more secure because AAD handles the credentials and allows for MFA and centralized management, and the Azure RBAC better integrated with the rest of Azure.",
@@ -2153,8 +2094,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Enable Diagnostic settings for exporting activity logs. Diagnos tic settings are available for each individual resource within a subscription. Settings should be configured for allappropriate resources for your environment.",
@@ -2176,8 +2116,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Prerequisite: A Diagnostic Setting must exist. If a Diagnostic Setting does not exist, the navigation and options within this recommendation will not be available. Please review the recommendation at the beginning of this subsection titled: 'Ensure that a 'Diagnostic Setting' exists.' The diagnostic setting should be configured to log the appropriate activities from the control/management plane.",
@@ -2199,8 +2138,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "The storage account container containing the activity log export should not be publicly accessible.",
@@ -2222,8 +2160,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Storage accounts with the activity log exports can be configured to use Customer Managed Keys (CMK).",
@@ -2245,8 +2182,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable AuditEvent logging for key vault instances to ensure interactions with key vaults are logged and available.",
@@ -2268,8 +2204,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that network flow logs are captured and fed into a central log analytics workspace.",
@@ -2291,8 +2226,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable AppServiceHTTPLogs diagnostic log category for Azure App Service instances to ensure all http requests are captured and centrally logged.",
@@ -2314,8 +2248,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create Policy Assignment event.",
@@ -2337,8 +2270,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Policy Assignment event.",
@@ -2360,8 +2292,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an Activity Log Alert for the Create or Update Network Security Group event.",
@@ -2383,8 +2314,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Network Security Group event.",
@@ -2406,8 +2336,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update Security Solution event.",
@@ -2429,8 +2358,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Security Solution event.",
@@ -2452,8 +2380,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update SQL Server Firewall Rule event.",
@@ -2475,8 +2402,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the 'Delete SQL Server Firewall Rule.'",
@@ -2498,8 +2424,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update Public IP Addresses rule.",
@@ -2521,8 +2446,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Public IP Address rule.",
@@ -2542,7 +2466,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
+          "Section": "5.3 Configuring Application Insights",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Resource Logs capture activity to the data access plane while the Activity log is a subscription-level log for the control plane. Resource-level diagnostic logs provide insight into operations that were performed within that resource itself; for example, reading or updating a secret from a Key Vault. Currently, 95 Azure resources support Azure Monitoring (See the more information section for a complete list), including Network Security Groups, Load Balancers, Key Vault, AD, Logic Apps, and CosmosDB. The content of these logs varies by resource type. A number of back-end services were not configured to log and store Resource Logs for certain activities or for a sufficient length. It is crucial that monitoring is correctly configured to log all relevant activities and retain those logs for a sufficient length of time. Given that the mean time to detection in an enterprise is 240 days, a minimum retention period of two years is recommended.",
@@ -2562,7 +2486,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
+          "Section": "5.3 Configuring Application Insights",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "The use of Basic or Free SKUs in Azure whilst cost effective have significant limitations in terms of what can be monitored and what support can be realized from Microsoft. Typically, these SKU’s do not have a service SLA and Microsoft will usually refuse to provide support for them. Consequently Basic/Free SKUs should never be used for production workloads.",
@@ -2584,8 +2508,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.3 Configuring Application Insights",
+          "Section": "5.3 Configuring Application Insights",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Application Insights within Azure act as an Application Performance Monitoring solution providing valuable data into how well an application performs and additional information when performing incident response. The types of log data collected include application metrics, telemetry data, and application trace logging data providing organizations with detailed information about application activity and application transactions. Both data sets help organizations adopt a proactive and retroactive means to handle security and performance related metrics within their modern applications.",
@@ -494,8 +494,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.1 Security Defaults Security Defaults",
+          "Section": "1.1 Security Defaults Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Security defaults in Microsoft Entra ID make it easier to be secure and help protect your organization. Security defaults contain preconfigured security settings for common attacks.  Security defaults is available to everyone. The goal is to ensure that all organizations have a basic level of security enabled at no extra cost. You may turn on security defaults in the Azure portal.",
@@ -517,8 +516,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.1 Security Defaults Security Defaults",
+          "Section": "1.1 Security Defaults Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Enable multi-factor authentication for all roles, groups, and users that have write access or permissions to Azure resources. These include custom created objects or built-in roles such as; - Service Co-Administrators - Subscription Owners - Contributors",
@@ -540,8 +538,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.1 Security Defaults Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable multi-factor authentication for all non-privileged users.",
@@ -561,8 +558,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.1 Security Defaults Security Defaults",
+          "Section": "1.1 Security Defaults",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Do not allow users to remember multi-factor authentication on devices.",
@@ -584,8 +580,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Entra ID Conditional Access allows an organization to configure `Named locations` and configure whether those locations are trusted or untrusted. These settings provide organizations the means to specify Geographical locations for use in conditional access policies, or define actual IP addresses and IP ranges and whether or not those IP addresses and/or ranges are trusted by the organization.",
@@ -605,8 +600,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "**CAUTION**: If these policies are created without first auditing and testing the result, misconfiguration can potentially lock out administrators or create undesired access issues.  Conditional Access Policies can be used to block access from geographic locations that are deemed out-of-scope for your organization or application. The scope and variables for this policy should be carefully examined and defined.",
@@ -626,8 +620,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on login.",
@@ -647,8 +640,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on logins.",
@@ -668,8 +660,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "For designated users, they will be prompted to use their multi-factor authentication (MFA) process on login.",
@@ -691,8 +682,7 @@
      ],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "This recommendation ensures that users accessing the Windows Azure Service Management API (i.e. Azure Powershell, Azure CLI, Azure Resource Manager API, etc.) are required to use multifactor authentication (MFA) credentials when accessing resources through the Windows Azure Service Management API.",
@@ -712,8 +702,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "1.Identity and Access Management",
-          "SubSection": "1.2 Conditional Access",
+          "Section": "1.2 Conditional Access",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "This recommendation ensures that users accessing Microsoft Admin Portals (i.e. Microsoft 365 Admin, Microsoft 365 Defender, Exchange Admin Center, Azure Portal, etc.) are required to use multifactor authentication (MFA) credentials when logging into an Admin Portal.",
@@ -735,8 +724,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Servers enables threat detection for Servers, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -758,8 +746,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for App Service enables threat detection for App Service, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -781,8 +768,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Azure SQL Databases enables threat detection for Managed Instance Azure SQL databases, providing threat intelligence, anomaly detection, and behavior analytics in Microsoft Defender for Cloud.",
@@ -804,8 +790,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for SQL servers on machines enables threat detection for SQL servers on machines, providing threat intelligence, anomaly detection, and behavior analytics in Microsoft Defender for Cloud.",
@@ -827,8 +812,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Open-source relational databases enables threat detection for Open-source relational databases, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -850,8 +834,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Microsoft Defender for Azure Cosmos DB scans all incoming network requests for threats to your Azure Cosmos DB resources.",
@@ -873,8 +856,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Storage enables threat detection for Storage, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -896,8 +878,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Containers enables threat detection for Container Registries including Kubernetes, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud. The following services will be enabled for container instances: - Defender agent in Azure - Azure Policy for Kubernetes - Agentless discovery for Kubernetes - Agentless container vulnerability assessment",
@@ -919,8 +900,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Turning on Microsoft Defender for Key Vault enables threat detection for Key Vault, providing threat intelligence, anomaly detection, and behavior analytics in the Microsoft Defender for Cloud.",
@@ -942,8 +922,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "[**NOTE:** As of August 1, customers with an existing subscription to Defender for DNS can continue to use the service, but new subscribers will receive alerts about suspicious DNS activity as part of Defender for Servers P2.]  Microsoft Defender for DNS scans all network traffic exiting from within a subscription.",
@@ -965,8 +944,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Microsoft Defender for Resource Manager scans incoming administrative requests to change your infrastructure from both CLI and the Azure portal.",
@@ -988,8 +966,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that the latest OS patches for all virtual machines are applied.",
@@ -1011,8 +988,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "The Microsoft Cloud Security Benchmark (or MCSB) is an Azure Policy Initiative containing many security policies to evaluate resource configuration against best practice recommendations. If a policy in the MCSB is set with effect type `Disabled`, it is not evaluated and may prevent administrators from being informed of valuable security recommendations.",
@@ -1034,8 +1010,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable automatic provisioning of the monitoring agent to collect security data.",
@@ -1057,8 +1032,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable automatic provisioning of vulnerability assessment for machines on both Azure and hybrid (Arc enabled) machines.",
@@ -1078,8 +1052,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Enable automatic provisioning of the Microsoft Defender for Containers components.",
@@ -1101,8 +1074,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable security alert emails to subscription owners.",
@@ -1124,8 +1096,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Microsoft Defender for Cloud emails the subscription owners whenever a high-severity alert is triggered for their subscription. You should provide a security contact email address as an additional email address.",
@@ -1147,8 +1118,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enables emailing security alerts to the subscription owner or other designated security contact.",
@@ -1170,8 +1140,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "This integration setting enables Microsoft Defender for Cloud Apps (formerly 'Microsoft Cloud App Security' or 'MCAS' - see additional info) to communicate with Microsoft Defender for Cloud.",
@@ -1193,8 +1162,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "This integration setting enables Microsoft Defender for Endpoint (formerly 'Advanced Threat Protection' or 'ATP' or 'WDATP' - see additional info) to communicate with Microsoft Defender for Cloud.  **IMPORTANT:** When enabling integration between DfE & DfC it needs to be taken into account that this will have some side effects that may be undesirable. 1. For server 2019 & above if defender is installed (default for these server SKU's) this will trigger a deployment of the new unified agent and link to any of the extended configuration in the Defender portal. 1. If the new unified agent is required for server SKU's of Win 2016 or Linux and lower there is additional integration that needs to be switched on and agents need to be aligned.",
@@ -1214,8 +1182,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.1 Microsoft Defender for Cloud",
+          "Section": "2.1 Microsoft Defender for Cloud",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "An organization's attack surface is the collection of assets with a public network identifier or URI that an external threat actor can see or access from outside your cloud. It is the set of points on the boundary of a system, a system element, system component, or an environment where an attacker can try to enter, cause an effect on, or extract data from, that system, system element, system component, or environment. The larger the attack surface, the harder it is to protect.  This tool can be configured to scan your organization's online infrastructure such as specified domains, hosts, CIDR blocks, and SSL certificates, and store them in an Inventory. Inventory items can be added, reviewed, approved, and removed, and may contain enrichments (insights) and additional information collected from the tool's different scan engines and open-source intelligence sources.  A Defender EASM workspace will generate an Inventory of publicly exposed assets by crawling and scanning the internet using _Seeds_ you provide when setting up the tool. Seeds can be FQDNs, IP CIDR blocks, and WHOIS records.  Defender EASM will generate Insights within 24-48 hours after Seeds are provided, and these insights include vulnerability data (CVEs), ports and protocols, and weak or expired SSL certificates that could be used by an attacker for reconnaisance or exploitation.  Results are classified High/Medium/Low and some of them include proposed mitigations.",
@@ -1237,8 +1204,7 @@
      ],
      "Attributes": [
        {
-          "Section": "2. Microsoft Defender",
-          "SubSection": "2.2 Microsoft Defender for IoT",
+          "Section": "2.2 Microsoft Defender for IoT",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Microsoft Defender for IoT acts as a central security hub for IoT devices within your organization.",
@@ -1620,8 +1586,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable auditing on SQL Servers.",
@@ -1643,8 +1608,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure that no SQL Databases allow ingress from 0.0.0.0/0 (ANY IP).",
@@ -1666,8 +1630,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Transparent Data Encryption (TDE) with Customer-managed key support provides increased transparency and control over the TDE Protector, increased security with an HSM-backed external service, and promotion of separation of duties.  With TDE, data is encrypted at rest with a symmetric key (called the database encryption key) stored in the database or data warehouse distribution. To protect this data encryption key (DEK) in the past, only a certificate that the Azure SQL Service managed could be used. Now, with Customer-managed key support for TDE, the DEK can be protected with an asymmetric key that is stored in the Azure Key Vault. The Azure Key Vault is a highly available and scalable cloud-based key store which offers central key management, leverages FIPS 140-2 Level 2 validated hardware security modules (HSMs), and allows separation of management of keys and data for additional security.  Based on business needs or criticality of data/databases hosted on a SQL server, it is recommended that the TDE protector is encrypted by a key that is managed by the data owner (Customer-managed key).",
@@ -1689,8 +1652,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Use Microsoft Entra authentication for authentication with SQL Database to manage credentials in a single place.",
@@ -1712,8 +1674,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable Transparent Data Encryption on every SQL server.",
@@ -1735,8 +1696,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.1 SQL Server - Auditing",
+          "Section": "4.1 SQL Server - Auditing",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "SQL Server Audit Retention should be configured to be greater than 90 days.",
@@ -1758,8 +1718,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `SSL connection` on `PostgreSQL` Servers.",
@@ -1781,8 +1740,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `log_checkpoints` on `PostgreSQL Servers`.",
@@ -1804,8 +1762,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `log_connections` on `PostgreSQL Servers`.",
@@ -1827,8 +1784,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `log_disconnections` on `PostgreSQL Servers`.",
@@ -1850,8 +1806,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `connection_throttling` on `PostgreSQL Servers`.",
@@ -1873,8 +1828,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure `log_retention_days` on `PostgreSQL Servers` is set to an appropriate value.",
@@ -1896,8 +1850,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Disable access from Azure services to PostgreSQL Database Server.",
@@ -1917,8 +1870,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.3 PostgreSQL Database Server. Storage Accounts",
+          "Section": "4.3 PostgreSQL Database Server. Storage Accounts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Azure Database for PostgreSQL servers should be created with 'infrastructure double encryption' enabled.",
@@ -1940,8 +1892,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable `SSL connection` on `MYSQL` Servers.",
@@ -1963,8 +1914,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure `TLS version` on `MySQL flexible` servers is set to use TLS version 1.2 or higher.",
@@ -1986,8 +1936,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable audit_log_enabled on MySQL Servers.",
@@ -2009,8 +1958,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.4 MySQL Database",
+          "Section": "4.4 MySQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Set `audit_log_enabled` to include CONNECTION on MySQL Servers.",
@@ -2032,8 +1980,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Limiting your Cosmos DB to only communicate on whitelisted networks lowers its attack footprint.",
@@ -2055,8 +2002,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Private endpoints limit network traffic to approved sources.",
@@ -2078,8 +2024,7 @@
      ],
      "Attributes": [
        {
-          "Section": "4. Database Services",
-          "SubSection": "4.5 Cosmos DB",
+          "Section": "4.5 Cosmos DB",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Cosmos DB can use tokens or Entra ID for client authentication which in turn will use Azure RBAC for authorization. Using Entra ID is significantly more secure because Entra ID handles the credentials and allows for MFA and centralized management, and the Azure RBAC better integrated with the rest of Azure.",
@@ -2141,8 +2086,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "Enable Diagnostic settings for exporting activity logs. Diagnostic settings are available for each individual resource within a subscription. Settings should be configured for all appropriate resources for your environment.",
@@ -2164,8 +2108,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "**Prerequisite**: A Diagnostic Setting must exist. If a Diagnostic Setting does not exist, the navigation and options within this recommendation will not be available. Please review the recommendation at the beginning of this subsection titled: Ensure that a 'Diagnostic Setting' exists.  The diagnostic setting should be configured to log the appropriate activities from the control/management plane.",
@@ -2187,8 +2130,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Storage accounts with the activity log exports can be configured to use Customer Managed Keys (CMK).",
@@ -2210,8 +2152,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enable AuditEvent logging for key vault instances to ensure interactions with key vaults are logged and available.",
@@ -2233,8 +2174,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Ensure that network flow logs are captured and fed into a central log analytics workspace.",
@@ -2256,8 +2196,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.1 Configuring Diagnostic Settings",
+          "Section": "5.1 Configuring Diagnostic Settings",
          "Profile": "Level 2",
          "AssessmentStatus": "Manual",
          "Description": "Enable AppServiceHTTPLogs diagnostic log category for Azure App Service instances to ensure all http requests are captured and centrally logged.",
@@ -2279,8 +2218,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create Policy Assignment event.",
@@ -2302,8 +2240,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Policy Assignment event.",
@@ -2325,8 +2262,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an Activity Log Alert for the Create or Update Network Security Group event.",
@@ -2348,8 +2284,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Network Security Group event.",
@@ -2371,8 +2306,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update Security Solution event.",
@@ -2394,8 +2328,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Security Solution event.",
@@ -2417,8 +2350,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update SQL Server Firewall Rule event.",
@@ -2440,8 +2372,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete SQL Server Firewall Rule.",
@@ -2463,8 +2394,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Create or Update Public IP Addresses rule.",
@@ -2486,8 +2416,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.2 Monitoring using Activity Log Alerts",
+          "Section": "5.2 Monitoring using Activity Log Alerts",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Create an activity log alert for the Delete Public IP Address rule.",
@@ -2509,8 +2438,7 @@
      ],
      "Attributes": [
        {
-          "Section": "5. Logging and Monitoring",
-          "SubSection": "5.3 Configuring Application Insights. Storage Accounts",
+          "Section": "5.3 Configuring Application Insights. Storage Accounts",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "Application Insights within Azure act as an Application Performance Monitoring solution providing valuable data into how well an application performs and additional information when performing incident response. The types of log data collected include application metrics, telemetry data, and application trace logging data providing organizations with detailed information about application activity and application transactions. Both data sets help organizations adopt a proactive and retroactive means to handle security and performance related metrics within their modern applications.",
@@ -3115,9 +3043,7 @@
    {
      "Id": "9.4",
      "Description": "Ensure that Register with Entra ID is enabled on App Service",
-      "Checks": [
-        "app_register_with_identity"
-      ],
+      "Checks": [],
      "Attributes": [
        {
          "Section": "9. AppService",
@@ -1292,8 +1292,7 @@
      "Checks": [],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.1. MySQL Database",
+          "Section": "6.1. MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Manual",
          "Description": "It is recommended to set a password for the administrative user (`root` by default) to prevent unauthorized access to the SQL database instances.  This recommendation is applicable only for MySQL Instances. PostgreSQL does not offer any setting for No Password from the cloud console.",
@@ -1314,8 +1313,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.1. MySQL Database",
+          "Section": "6.1. MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `skip_show_database` database flag for Cloud SQL Mysql instance to `on`",
@@ -1336,8 +1334,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.1. MySQL Database",
+          "Section": "6.1. MySQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set the `local_infile` database flag for a Cloud SQL MySQL instance to `off`.",
@@ -1358,8 +1355,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "The `log_error_verbosity` flag controls the verbosity/details of messages logged. Valid values are: - `TERSE` - `DEFAULT` - `VERBOSE`  `TERSE` excludes the logging of `DETAIL`, `HINT`, `QUERY`, and `CONTEXT` error information.  `VERBOSE` output includes the `SQLSTATE` error code, source code file name, function name, and line number that generated the error.  Ensure an appropriate value is set to 'DEFAULT' or stricter.",
@@ -1380,8 +1376,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "The `log_min_error_statement` flag defines the minimum message severity level that are considered as an error statement. Messages for error statements are logged with the SQL statement. Valid values include `DEBUG5`, `DEBUG4`, `DEBUG3`, `DEBUG2`, `DEBUG1`, `INFO`, `NOTICE`, `WARNING`, `ERROR`, `LOG`, `FATAL`, and `PANIC`. Each severity level includes the subsequent levels mentioned above. Ensure a value of `ERROR` or stricter is set.",
@@ -1402,8 +1397,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 2",
          "AssessmentStatus": "Automated",
          "Description": "The value of `log_statement` flag determined the SQL statements that are logged. Valid values are: - `none` - `ddl` - `mod` - `all`  The value `ddl` logs all data definition statements. The value `mod` logs all ddl statements, plus data-modifying statements.  The statements are logged after a basic parsing is done and statement type is determined, thus this does not logs statements with errors. When using extended query protocol, logging occurs after an Execute message is received and values of the Bind parameters are included.  A value of 'ddl' is recommended unless otherwise directed by your organization's logging policy.",
@@ -1424,8 +1418,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Instance addresses can be public IP or private IP. Public IP means that the instance is accessible through the public internet. In contrast, instances using only private IP are not accessible through the public internet, but are accessible through a Virtual Private Cloud (VPC).  Limiting network access to your database will limit potential attacks.",
@@ -1446,8 +1439,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Ensure `cloudsql.enable_pgaudit` database flag for Cloud SQL PostgreSQL instance is set to `on` to allow for centralized logging.",
@@ -1468,8 +1460,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enabling the `log_connections` setting causes each attempted connection to the server to be logged, along with successful completion of client authentication. This parameter cannot be changed after the session starts.",
@@ -1490,8 +1481,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "Enabling the `log_disconnections` setting logs the end of each session, including the session duration.",
@@ -1512,8 +1502,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "The `log_min_duration_statement` flag defines the minimum amount of execution time of a statement in milliseconds where the total duration of the statement is logged. Ensure that `log_min_duration_statement` is disabled, i.e., a value of `-1` is set.",
@@ -1534,8 +1523,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.2. PostgreSQL Database",
+          "Section": "6.2. PostgreSQL Database",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "The `log_min_messages` flag defines the minimum message severity level that is considered as an error statement. Messages for error statements are logged with the SQL statement. Valid values include `DEBUG5`, `DEBUG4`, `DEBUG3`, `DEBUG2`, `DEBUG1`, `INFO`, `NOTICE`, `WARNING`, `ERROR`, `LOG`, `FATAL`, and `PANIC`. Each severity level includes the subsequent levels mentioned above. ERROR is considered the best practice setting. Changes should only be made in accordance with the organization's logging policy.",
@@ -1556,8 +1544,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `3625 (trace flag)` database flag for Cloud SQL SQL Server instance to `on`.",
@@ -1578,8 +1565,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `external scripts enabled` database flag for Cloud SQL SQL Server instance to `off`",
@@ -1600,8 +1586,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `remote access` database flag for Cloud SQL SQL Server instance to `off`.",
@@ -1622,8 +1607,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to check the `user connections` for a Cloud SQL SQL Server instance to ensure that it is not artificially limiting connections.",
@@ -1644,8 +1628,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended that, `user options` database flag for Cloud SQL SQL Server instance should not be configured.",
@@ -1666,8 +1649,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `contained database authentication` database flag for Cloud SQL on the SQL Server instance to `off`.",
@@ -1688,8 +1670,7 @@
      ],
      "Attributes": [
        {
-          "Section": "6. Cloud SQL Database Services",
-          "SubSection": "6.3. SQL Server",
+          "Section": "6.3. SQL Server",
          "Profile": "Level 1",
          "AssessmentStatus": "Automated",
          "Description": "It is recommended to set `cross db ownership chaining` database flag for Cloud SQL SQL Server instance to `off`.",
@@ -12,7 +12,7 @@ from prowler.lib.logger import logger

 timestamp = datetime.today()
 timestamp_utc = datetime.now(timezone.utc).replace(tzinfo=timezone.utc)
-prowler_version = "5.1.5"
+prowler_version = "5.1.0"
 html_logo_url = "https://github.com/prowler-cloud/prowler/"
 square_logo_img = "https://prowler.com/wp-content/uploads/logo-html.png"
 aws_logo = "https://user-images.githubusercontent.com/38561120/235953920-3e3fba08-0795-41dc-b480-9bea57db9f2e.png"
@@ -73,10 +73,6 @@ aws:
  # aws.cloudwatch_log_group_retention_policy_specific_days_enabled --> by default is 365 days
  log_group_retention_days: 365

-  # AWS CloudFormation Configuration
-  # cloudformation_stack_cdktoolkit_bootstrap_version --> by default is 21
-  recommended_cdk_bootstrap_version: 21
-
  # AWS AppStream Session Configuration
  # aws.appstream_fleet_session_idle_disconnect_timeout
  max_idle_disconnect_timeout_in_seconds: 600 # 10 Minutes
@@ -318,12 +314,10 @@ aws:
  # AWS ACM Configuration
  # aws.acm_certificates_expiration_check
  days_to_expire_threshold: 7
-  # aws.acm_certificates_with_secure_key_algorithms
+  # aws.acm_certificates_rsa_key_length
  insecure_key_algorithms:
    [
      "RSA-1024",
-      "P-192",
-      "SHA-1",
    ]

  # AWS EKS Configuration
@@ -83,7 +83,6 @@ class CIS_Requirement_Attribute(BaseModel):
    """CIS Requirement Attribute"""

    Section: str
-    SubSection: Optional[str]
    Profile: CIS_Requirement_Attribute_Profile
    AssessmentStatus: CIS_Requirement_Attribute_AssessmentStatus
    Description: str
@@ -405,18 +405,16 @@ class Check_Report:
    status: str
    status_extended: str
    check_metadata: CheckMetadata
-    resource_metadata: dict
    resource_details: str
    resource_tags: list
    muted: bool

-    def __init__(self, metadata, resource=None):
+    def __init__(self, metadata):
        self.status = ""
        self.check_metadata = CheckMetadata.parse_raw(metadata)
-        self.resource_metadata = resource.dict() if resource else {}
        self.status_extended = ""
        self.resource_details = ""
-        self.resource_tags = getattr(resource, "tags", []) if resource else []
+        self.resource_tags = []
        self.muted = False


@@ -428,20 +426,11 @@ class Check_Report_AWS(Check_Report):
    resource_arn: str
    region: str

-    def __init__(self, metadata, resource_metadata=None):
-        super().__init__(metadata, resource_metadata)
-        if resource_metadata:
-            self.resource_id = (
-                getattr(resource_metadata, "id", None)
-                or getattr(resource_metadata, "name", None)
-                or ""
-            )
-            self.resource_arn = getattr(resource_metadata, "arn", "")
-            self.region = getattr(resource_metadata, "region", "")
-        else:
-            self.resource_id = ""
-            self.resource_arn = ""
-            self.region = ""
+    def __init__(self, metadata):
+        super().__init__(metadata)
+        self.resource_id = ""
+        self.resource_arn = ""
+        self.region = ""


@dataclass
@@ -0,0 +1,24 @@
+from schema import Optional, Schema
+
+mutelist_schema = Schema(
+    {
+        "Accounts": {
+            str: {
+                "Checks": {
+                    str: {
+                        "Regions": list,
+                        "Resources": list,
+                        Optional("Tags"): list,
+                        Optional("Exceptions"): {
+                            Optional("Accounts"): list,
+                            Optional("Regions"): list,
+                            Optional("Resources"): list,
+                            Optional("Tags"): list,
+                        },
+                        Optional("Description"): str,
+                    }
+                }
+            }
+        }
+    }
+)
@@ -2,86 +2,12 @@ import re
 from abc import ABC, abstractmethod

 import yaml
-from jsonschema import validate

 from prowler.lib.logger import logger
+from prowler.lib.mutelist.models import mutelist_schema
 from prowler.lib.outputs.common import Status
 from prowler.lib.outputs.utils import unroll_dict, unroll_tags

-mutelist_schema = {
-    "type": "object",
-    "properties": {
-        "Accounts": {
-            "type": "object",
-            "patternProperties": {
-                ".*": {  # Match any account
-                    "type": "object",
-                    "properties": {
-                        "Checks": {
-                            "type": "object",
-                            "patternProperties": {
-                                ".*": {  # Match any check
-                                    "type": "object",
-                                    "properties": {
-                                        "Regions": {
-                                            "type": "array",
-                                            "items": {"type": "string"},
-                                        },
-                                        "Resources": {
-                                            "type": "array",
-                                            "items": {"type": "string"},
-                                        },
-                                        "Tags": {  # Optional field
-                                            "type": "array",
-                                            "items": {"type": "string"},
-                                        },
-                                        "Exceptions": {  # Optional field
-                                            "type": "object",
-                                            "properties": {
-                                                "Accounts": {  # Optional field
-                                                    "type": "array",
-                                                    "items": {"type": "string"},
-                                                },
-                                                "Regions": {  # Optional field
-                                                    "type": "array",
-                                                    "items": {"type": "string"},
-                                                },
-                                                "Resources": {  # Optional field
-                                                    "type": "array",
-                                                    "items": {"type": "string"},
-                                                },
-                                                "Tags": {  # Optional field
-                                                    "type": "array",
-                                                    "items": {"type": "string"},
-                                                },
-                                            },
-                                            "additionalProperties": False,
-                                        },
-                                        "Description": {  # Optional field
-                                            "type": "string",
-                                        },
-                                    },
-                                    "required": [
-                                        "Regions",
-                                        "Resources",
-                                    ],  # Mandatory within a check
-                                    "additionalProperties": False,
-                                }
-                            },
-                            "additionalProperties": False,
-                        },
-                    },
-                    "required": ["Checks"],  # Mandatory within an account
-                    "additionalProperties": False,
-                }
-            },
-            "additionalProperties": False,
-        }
-    },
-    "required": ["Accounts"],  # Accounts is mandatory at the root level
-    "additionalProperties": False,
-}
-

 class Mutelist(ABC):
    """
@@ -144,7 +70,7 @@ class Mutelist(ABC):

    def validate_mutelist(self) -> bool:
        try:
-            validate(self._mutelist, schema=mutelist_schema)
+            self._mutelist = mutelist_schema.validate(self._mutelist)
            return True
        except Exception as error:
            logger.error(
@@ -14,7 +14,6 @@ def fill_common_finding_data(finding: dict, unix_timestamp: bool) -> dict:
        "status_extended": finding.status_extended,
        "muted": finding.muted,
        "resource_details": finding.resource_details,
-        # "resource_metadata": finding.resource_metadata, TODO: add resource_metadata to the finding
        "resource_tags": unroll_tags(finding.resource_tags),
    }
    return finding_data
@@ -48,7 +48,6 @@ class AWSCIS(ComplianceOutput):
                            Requirements_Id=requirement.Id,
                            Requirements_Description=requirement.Description,
                            Requirements_Attributes_Section=attribute.Section,
-                            Requirements_Attributes_SubSection=attribute.SubSection,
                            Requirements_Attributes_Profile=attribute.Profile,
                            Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                            Requirements_Attributes_Description=attribute.Description,
@@ -79,7 +78,6 @@ class AWSCIS(ComplianceOutput):
                        Requirements_Id=requirement.Id,
                        Requirements_Description=requirement.Description,
                        Requirements_Attributes_Section=attribute.Section,
-                        Requirements_Attributes_SubSection=attribute.SubSection,
                        Requirements_Attributes_Profile=attribute.Profile,
                        Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                        Requirements_Attributes_Description=attribute.Description,
@@ -48,7 +48,6 @@ class AzureCIS(ComplianceOutput):
                            Requirements_Id=requirement.Id,
                            Requirements_Description=requirement.Description,
                            Requirements_Attributes_Section=attribute.Section,
-                            Requirements_Attributes_SubSection=attribute.SubSection,
                            Requirements_Attributes_Profile=attribute.Profile,
                            Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                            Requirements_Attributes_Description=attribute.Description,
@@ -80,7 +79,6 @@ class AzureCIS(ComplianceOutput):
                        Requirements_Id=requirement.Id,
                        Requirements_Description=requirement.Description,
                        Requirements_Attributes_Section=attribute.Section,
-                        Requirements_Attributes_SubSection=attribute.SubSection,
                        Requirements_Attributes_Profile=attribute.Profile,
                        Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                        Requirements_Attributes_Description=attribute.Description,
@@ -48,7 +48,6 @@ class GCPCIS(ComplianceOutput):
                            Requirements_Id=requirement.Id,
                            Requirements_Description=requirement.Description,
                            Requirements_Attributes_Section=attribute.Section,
-                            Requirements_Attributes_SubSection=attribute.SubSection,
                            Requirements_Attributes_Profile=attribute.Profile,
                            Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                            Requirements_Attributes_Description=attribute.Description,
@@ -79,7 +78,6 @@ class GCPCIS(ComplianceOutput):
                        Requirements_Id=requirement.Id,
                        Requirements_Description=requirement.Description,
                        Requirements_Attributes_Section=attribute.Section,
-                        Requirements_Attributes_SubSection=attribute.SubSection,
                        Requirements_Attributes_Profile=attribute.Profile,
                        Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                        Requirements_Attributes_Description=attribute.Description,
@@ -50,7 +50,6 @@ class KubernetesCIS(ComplianceOutput):
                            Requirements_Id=requirement.Id,
                            Requirements_Description=requirement.Description,
                            Requirements_Attributes_Section=attribute.Section,
-                            Requirements_Attributes_SubSection=attribute.SubSection,
                            Requirements_Attributes_Profile=attribute.Profile,
                            Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                            Requirements_Attributes_Description=attribute.Description,
@@ -82,7 +81,6 @@ class KubernetesCIS(ComplianceOutput):
                        Requirements_Id=requirement.Id,
                        Requirements_Description=requirement.Description,
                        Requirements_Attributes_Section=attribute.Section,
-                        Requirements_Attributes_SubSection=attribute.SubSection,
                        Requirements_Attributes_Profile=attribute.Profile,
                        Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
                        Requirements_Attributes_Description=attribute.Description,
@@ -1,5 +1,3 @@
-from typing import Optional
-
 from pydantic import BaseModel


@@ -16,7 +14,6 @@ class AWSCISModel(BaseModel):
    Requirements_Id: str
    Requirements_Description: str
    Requirements_Attributes_Section: str
-    Requirements_Attributes_SubSection: Optional[str]
    Requirements_Attributes_Profile: str
    Requirements_Attributes_AssessmentStatus: str
    Requirements_Attributes_Description: str
@@ -47,7 +44,6 @@ class AzureCISModel(BaseModel):
    Requirements_Id: str
    Requirements_Description: str
    Requirements_Attributes_Section: str
-    Requirements_Attributes_SubSection: Optional[str]
    Requirements_Attributes_Profile: str
    Requirements_Attributes_AssessmentStatus: str
    Requirements_Attributes_Description: str
@@ -79,7 +75,6 @@ class GCPCISModel(BaseModel):
    Requirements_Id: str
    Requirements_Description: str
    Requirements_Attributes_Section: str
-    Requirements_Attributes_SubSection: Optional[str]
    Requirements_Attributes_Profile: str
    Requirements_Attributes_AssessmentStatus: str
    Requirements_Attributes_Description: str
@@ -110,7 +105,6 @@ class KubernetesCISModel(BaseModel):
    Requirements_Id: str
    Requirements_Description: str
    Requirements_Attributes_Section: str
-    Requirements_Attributes_SubSection: Optional[str]
    Requirements_Attributes_Profile: str
    Requirements_Attributes_AssessmentStatus: str
    Requirements_Attributes_Description: str
@@ -45,8 +45,6 @@ class AWSISO27001(ComplianceOutput):
                            AccountId=finding.account_uid,
                            Region=finding.region,
                            AssessmentDate=str(finding.timestamp),
-                            Requirements_Id=requirement.Id,
-                            Requirements_Description=requirement.Description,
                            Requirements_Attributes_Category=attribute.Category,
                            Requirements_Attributes_Objetive_ID=attribute.Objetive_ID,
                            Requirements_Attributes_Objetive_Name=attribute.Objetive_Name,
@@ -69,8 +67,6 @@ class AWSISO27001(ComplianceOutput):
                        AccountId="",
                        Region="",
                        AssessmentDate=str(finding.timestamp),
-                        Requirements_Id=requirement.Id,
-                        Requirements_Description=requirement.Description,
                        Requirements_Attributes_Category=attribute.Category,
                        Requirements_Attributes_Objetive_ID=attribute.Objetive_ID,
                        Requirements_Attributes_Objetive_Name=attribute.Objetive_Name,
@@ -11,8 +11,6 @@ class AWSISO27001Model(BaseModel):
    AccountId: str
    Region: str
    AssessmentDate: str
-    Requirements_Id: str
-    Requirements_Description: str
    Requirements_Attributes_Category: str
    Requirements_Attributes_Objetive_ID: str
    Requirements_Attributes_Objetive_Name: str
@@ -35,7 +35,6 @@ class Finding(BaseModel):
    status_extended: str
    muted: bool = False
    resource_uid: str
-    # resource_metadata: dict = Field(default_factory=dict) TODO: add resource_metadata to the finding
    resource_name: str
    resource_details: str
    resource_tags: dict = Field(default_factory=dict)
@@ -1,5 +1,4 @@
 import os
-from datetime import datetime
 from typing import List

 from py_ocsf_models.events.base_event import SeverityID, StatusID
@@ -69,11 +68,7 @@ class OCSF(Output):
                    activity_name=finding_activity.name,
                    finding_info=FindingInformation(
                        created_time_dt=finding.timestamp,
-                        created_time=(
-                            int(finding.timestamp.timestamp())
-                            if isinstance(finding.timestamp, datetime)
-                            else finding.timestamp
-                        ),
+                        created_time=int(finding.timestamp.timestamp()),
                        desc=finding.metadata.Description,
                        title=finding.metadata.CheckTitle,
                        uid=finding.uid,
@@ -82,11 +77,7 @@ class OCSF(Output):
                        types=finding.metadata.CheckType,
                    ),
                    time_dt=finding.timestamp,
-                    time=(
-                        int(finding.timestamp.timestamp())
-                        if isinstance(finding.timestamp, datetime)
-                        else finding.timestamp
-                    ),
+                    time=int(finding.timestamp.timestamp()),
                    remediation=Remediation(
                        desc=finding.metadata.Remediation.Recommendation.Text,
                        references=list(
@@ -120,10 +111,7 @@ class OCSF(Output):
                                # TODO: this should be included only if using the Cloud profile
                                cloud_partition=finding.partition,
                                region=finding.region,
-                                data={
-                                    "details": finding.resource_details,
-                                    # "metadata": finding.resource_metadata, TODO: add the resource_metadata to the finding
-                                },
+                                data={"details": finding.resource_details},
                            )
                        ]
                        if finding.metadata.Provider != "kubernetes"
@@ -134,10 +122,7 @@ class OCSF(Output):
                                uid=finding.resource_uid,
                                group=Group(name=finding.metadata.ServiceName),
                                type=finding.metadata.ResourceType,
-                                data={
-                                    "details": finding.resource_details,
-                                    # "metadata": finding.resource_metadata, TODO: add the resource_metadata to the finding
-                                },
+                                data={"details": finding.resource_details},
                                namespace=finding.region.replace("namespace: ", ""),
                            )
                        ]
@@ -789,14 +789,7 @@ class AwsProvider(Provider):
        # Handle if there are audit resources so only their services are executed
        if self._audit_resources:
            # TODO: this should be retrieved automatically
-            services_without_subservices = [
-                "guardduty",
-                "kms",
-                "s3",
-                "elb",
-                "efs",
-                "sqs",
-            ]
+            services_without_subservices = ["guardduty", "kms", "s3", "elb", "efs"]
            service_list = set()
            sub_service_list = set()
            for resource in self._audit_resources:
@@ -15,7 +15,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -98,7 +97,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -222,7 +220,6 @@
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
-          "ap-southeast-5",
          "ca-central-1",
          "eu-central-1",
          "eu-north-1",
@@ -337,7 +334,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -458,7 +454,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -503,7 +498,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -830,7 +824,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -875,7 +868,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1001,7 +993,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1046,7 +1037,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1102,7 +1092,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1234,7 +1223,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1793,7 +1781,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1838,7 +1825,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -1970,7 +1956,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -2003,21 +1988,7 @@
    "cloudtrail-data": {
      "regions": {
        "aws": [
-          "af-south-1",
-          "ap-east-1",
-          "ap-northeast-1",
-          "ap-northeast-2",
-          "ap-northeast-3",
-          "ap-southeast-1",
-          "eu-central-1",
-          "eu-north-1",
-          "eu-west-1",
-          "eu-west-2",
-          "me-central-1",
-          "me-south-1",
-          "us-east-1",
-          "us-east-2",
-          "us-west-1"
+          "me-central-1"
        ],
        "aws-cn": [],
        "aws-us-gov": []
@@ -2038,7 +2009,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -2597,7 +2567,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -2927,7 +2896,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3118,7 +3086,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3178,7 +3145,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3223,7 +3189,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3385,7 +3350,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3430,7 +3394,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3475,7 +3438,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3520,7 +3482,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3565,7 +3526,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3620,7 +3580,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3665,7 +3624,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3710,7 +3668,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3755,7 +3712,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3811,7 +3767,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3909,7 +3864,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3954,7 +3908,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -3999,7 +3952,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4141,7 +4093,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4186,7 +4137,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4231,7 +4181,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4293,7 +4242,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4585,7 +4533,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4629,7 +4576,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4673,7 +4619,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4716,7 +4661,6 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -4760,7 +4704,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5075,7 +5018,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5162,7 +5104,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5207,7 +5148,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5432,6 +5372,30 @@
        ]
      }
    },
+    "iot1click-devices": {
+      "regions": {
+        "aws": [
+          "us-west-2"
+        ],
+        "aws-cn": [],
+        "aws-us-gov": []
+      }
+    },
+    "iot1click-projects": {
+      "regions": {
+        "aws": [
+          "ap-northeast-1",
+          "eu-central-1",
+          "eu-west-1",
+          "eu-west-2",
+          "us-east-1",
+          "us-east-2",
+          "us-west-2"
+        ],
+        "aws-cn": [],
+        "aws-us-gov": []
+      }
+    },
    "iotanalytics": {
      "regions": {
        "aws": [
@@ -5758,7 +5722,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5864,7 +5827,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -5982,7 +5944,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -6071,7 +6032,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -6257,7 +6217,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -6408,7 +6367,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -6680,7 +6638,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -7544,7 +7501,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -7621,7 +7577,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -7760,7 +7715,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -7958,7 +7912,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8174,7 +8127,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8347,7 +8299,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8392,7 +8343,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8437,7 +8387,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8513,7 +8462,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8746,7 +8694,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8791,7 +8738,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8934,7 +8880,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -8976,7 +8921,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9079,7 +9023,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9158,7 +9101,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9329,7 +9271,6 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
-          "il-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -9367,7 +9308,6 @@
          "ap-southeast-2",
          "ap-southeast-3",
          "ap-southeast-4",
-          "ap-southeast-5",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9448,7 +9388,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9583,7 +9522,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9613,26 +9551,6 @@
        ]
      }
    },
-    "security-ir": {
-      "regions": {
-        "aws": [
-          "ap-northeast-1",
-          "ap-northeast-2",
-          "ap-southeast-1",
-          "ap-southeast-2",
-          "ca-central-1",
-          "eu-central-1",
-          "eu-north-1",
-          "eu-west-1",
-          "eu-west-2",
-          "us-east-1",
-          "us-east-2",
-          "us-west-2"
-        ],
-        "aws-cn": [],
-        "aws-us-gov": []
-      }
-    },
    "securityhub": {
      "regions": {
        "aws": [
@@ -9752,7 +9670,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -9879,7 +9796,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10193,7 +10109,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10226,14 +10141,7 @@
    "socialmessaging": {
      "regions": {
        "aws": [
-          "ap-south-1",
-          "ap-southeast-1",
-          "eu-central-1",
-          "eu-west-1",
-          "eu-west-2",
-          "us-east-1",
-          "us-east-2",
-          "us-west-2"
+          "eu-central-1"
        ],
        "aws-cn": [],
        "aws-us-gov": []
@@ -10254,7 +10162,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10299,7 +10206,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10495,7 +10401,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10584,7 +10489,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10617,7 +10521,6 @@
    "support": {
      "regions": {
        "aws": [
-          "af-south-1",
          "ap-east-1",
          "ap-northeast-1",
          "ap-northeast-2",
@@ -10629,7 +10532,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10685,7 +10587,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10730,7 +10631,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -10983,7 +10883,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -11054,7 +10953,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -11219,7 +11117,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -11300,7 +11197,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -11648,7 +11544,6 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ap-southeast-5",
-          "ap-southeast-7",
          "ca-central-1",
          "ca-west-1",
          "eu-central-1",
@@ -17,7 +17,7 @@ class acm_certificates_with_secure_key_algorithms(Check):
                report.status = "PASS"
                report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} uses a secure key algorithm ({certificate.key_algorithm})."
                if certificate.key_algorithm in acm_client.audit_config.get(
-                    "insecure_key_algorithms", ["RSA-1024", "P-192", "SHA-1"]
+                    "insecure_algorithms", ["RSA-1024"]
                ):
                    report.status = "FAIL"
                    report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} does not use a secure key algorithm ({certificate.key_algorithm})."
@@ -1,6 +1,5 @@
 from typing import Optional

-from botocore.exceptions import ClientError
 from pydantic import BaseModel

 from prowler.lib.logger import logger
@@ -8,6 +7,7 @@ from prowler.lib.scan_filters.scan_filters import is_resource_filtered
 from prowler.providers.aws.lib.service.service import AWSService


+################## ApiGatewayV2
 class ApiGatewayV2(AWSService):
    def __init__(self, provider):
        # Call AWSService's __init__
@@ -71,15 +71,6 @@ class ApiGatewayV2(AWSService):
                            tags=[stage.get("Tags")],
                        )
                    )
-        except ClientError as error:
-            if error.response["Error"]["Code"] == "NotFoundException":
-                logger.warning(
-                    f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
-                )
-            else:
-                logger.error(
-                    f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
-                )
        except Exception as error:
            logger.error(
                f"{error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
@@ -1,4 +1,3 @@
-import hashlib
 import json

 from prowler.lib.check.models import Check, Check_Report_AWS
@@ -29,19 +28,11 @@ class awslambda_function_no_secrets_in_variables(Check):
                    data=json.dumps(function.environment, indent=2),
                    excluded_secrets=secrets_ignore_patterns,
                )
-                original_env_vars = {}
-                for name, value in function.environment.items():
-                    original_env_vars.update(
-                        {
-                            hashlib.sha1(  # nosec B324 SHA1 is used here for non-security-critical unique identifiers
-                                value.encode("utf-8")
-                            ).hexdigest(): name
-                        }
-                    )
                if detect_secrets_output:
+                    environment_variable_names = list(function.environment.keys())
                    secrets_string = ", ".join(
                        [
-                            f"{secret['type']} in variable {original_env_vars[secret['hashed_secret']]}"
+                            f"{secret['type']} in variable {environment_variable_names[int(secret['line_number']) - 2]}"
                            for secret in detect_secrets_output
                        ]
                    )
@@ -1,32 +1,6 @@
 from prowler.lib.check.models import Check, Check_Report_AWS
 from prowler.providers.aws.services.awslambda.awslambda_client import awslambda_client

-default_obsolete_lambda_runtimes = [
-    "java8",
-    "go1.x",
-    "provided",
-    "python3.6",
-    "python2.7",
-    "python3.7",
-    "nodejs4.3",
-    "nodejs4.3-edge",
-    "nodejs6.10",
-    "nodejs",
-    "nodejs8.10",
-    "nodejs10.x",
-    "nodejs12.x",
-    "nodejs14.x",
-    "nodejs16.x",
-    "dotnet5.0",
-    "dotnet7",
-    "dotnetcore1.0",
-    "dotnetcore2.0",
-    "dotnetcore2.1",
-    "dotnetcore3.1",
-    "ruby2.5",
-    "ruby2.7",
-]
-

 class awslambda_function_using_supported_runtimes(Check):
    def execute(self):
@@ -40,7 +14,7 @@ class awslambda_function_using_supported_runtimes(Check):
                report.resource_tags = function.tags

                if function.runtime in awslambda_client.audit_config.get(
-                    "obsolete_lambda_runtimes", default_obsolete_lambda_runtimes
+                    "obsolete_lambda_runtimes", []
                ):
                    report.status = "FAIL"
                    report.status_extended = f"Lambda function {function.name} is using {function.runtime} which is obsolete."
@@ -18,8 +18,7 @@ class Backup(AWSService):
        self.backup_vault_arn_template = f"arn:{self.audited_partition}:backup:{self.region}:{self.audited_account}:backup-vault"
        self.backup_vaults = []
        self.__threading_call__(self._list_backup_vaults)
-        if self.backup_vaults is not None:
-            self.__threading_call__(self._list_tags, self.backup_vaults)
+        self.__threading_call__(self._list_tags, self.backup_vaults)
        self.backup_plans = []
        self.__threading_call__(self._list_backup_plans)
        self.__threading_call__(self._list_tags, self.backup_plans)
@@ -29,7 +28,6 @@ class Backup(AWSService):
        self.__threading_call__(self._list_backup_selections)
        self.recovery_points = []
        self.__threading_call__(self._list_recovery_points)
-        self.__threading_call__(self._list_tags, self.recovery_points)

    def _list_backup_vaults(self, regional_client):
        logger.info("Backup - Listing Backup Vaults...")
@@ -173,11 +171,10 @@ class Backup(AWSService):

    def _list_tags(self, resource):
        try:
-            if getattr(resource, "arn", None):
-                tags = self.regional_clients[resource.region].list_tags(
-                    ResourceArn=resource.arn
-                )["Tags"]
-                resource.tags = [tags] if tags else []
+            tags = self.regional_clients[resource.region].list_tags(
+                ResourceArn=resource.arn
+            )["Tags"]
+            resource.tags = [tags] if tags else []
        except Exception as error:
            logger.error(
                f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -204,7 +201,6 @@ class Backup(AWSService):
                                            "IsEncrypted", False
                                        ),
                                        backup_vault_region=backup_vault.region,
-                                        region=regional_client.region,
                                        tags=[],
                                    )
                                )
@@ -252,7 +248,6 @@ class BackupReportPlan(BaseModel):
 class RecoveryPoint(BaseModel):
    arn: str
    id: str
-    region: str
    backup_vault_name: str
    encrypted: bool
    backup_vault_region: str
@@ -23,7 +23,7 @@
      "Url": "https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-create.html"
    }
  },
-  "Categories": ["gen-ai"],
+  "Categories": [],
  "DependsOn": [],
  "RelatedTo": [],
  "Notes": ""
@@ -23,7 +23,7 @@
      "Url": "https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-injection.html"
    }
  },
-  "Categories": ["gen-ai"],
+  "Categories": [],
  "DependsOn": [],
  "RelatedTo": [],
  "Notes": "Ensure that prompt attack protection is set to the highest strength to minimize the risk of prompt injection attacks."
@@ -23,7 +23,7 @@
      "Url": "https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-sensitive-filters.html"
    }
  },
-  "Categories": ["gen-ai"],
+  "Categories": [],
  "DependsOn": [],
  "RelatedTo": [],
  "Notes": ""
@@ -25,8 +25,7 @@
  },
  "Categories": [
    "logging",
-    "forensics-ready",
-    "gen-ai"
+    "forensics-ready"
  ],
  "DependsOn": [],
  "RelatedTo": [],
@@ -25,8 +25,7 @@
  },
  "Categories": [
    "encryption",
-    "logging",
-    "gen-ai"
+    "logging"
  ],
  "DependsOn": [],
  "RelatedTo": [],
@@ -1,30 +0,0 @@
-{
-  "Provider": "aws",
-  "CheckID": "cloudformation_stack_cdktoolkit_bootstrap_version",
-  "CheckTitle": "Ensure that CDKToolkit stacks have a Bootstrap version of 21 or higher to mitigate security risks.",
-  "CheckType": [],
-  "ServiceName": "cloudformation",
-  "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:cloudformation:region:account-id:stack/resource-id",
-  "Severity": "high",
-  "ResourceType": "AwsCloudFormationStack",
-  "Description": "Ensure that CDKToolkit stacks have a Bootstrap version of 21 or higher to mitigate security risks.",
-  "Risk": "Using outdated CDKToolkit Bootstrap versions can expose accounts to risks such as bucket takeover or privilege escalation.",
-  "RelatedUrl": "https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html",
-  "Remediation": {
-    "Code": {
-      "CLI": "",
-      "NativeIaC": "",
-      "Other": "",
-      "Terraform": ""
-    },
-    "Recommendation": {
-      "Text": "Update the CDKToolkit stack Bootstrap version to 21 or later by running the cdk bootstrap command with the latest CDK version.",
-      "Url": "https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html"
-    }
-  },
-  "Categories": [],
-  "DependsOn": [],
-  "RelatedTo": [],
-  "Notes": ""
-}
@@ -1,39 +0,0 @@
-from prowler.lib.check.models import Check, Check_Report_AWS
-from prowler.providers.aws.services.cloudformation.cloudformation_client import (
-    cloudformation_client,
-)
-
-
-class cloudformation_stack_cdktoolkit_bootstrap_version(Check):
-    """Check if a CDKToolkit CloudFormation Stack has a Bootstrap version less than recommended"""
-
-    def execute(self):
-        """Execute the cloudformation_stack_cdktoolkit_bootstrap_version check"""
-        findings = []
-        recommended_cdk_bootstrap_version = cloudformation_client.audit_config.get(
-            "recommended_cdk_bootstrap_version", 21
-        )
-        for stack in cloudformation_client.stacks:
-            # Only check stacks named CDKToolkit
-            if stack.name == "CDKToolkit":
-                bootstrap_version = None
-                if stack.outputs:
-                    for output in stack.outputs:
-                        if output.startswith("BootstrapVersion:"):
-                            bootstrap_version = int(output.split(":")[1])
-                            break
-                if bootstrap_version:
-                    report = Check_Report_AWS(self.metadata())
-                    report.region = stack.region
-                    report.resource_id = stack.name
-                    report.resource_arn = stack.arn
-                    report.resource_tags = stack.tags
-                    report.status = "PASS"
-                    report.status_extended = f"CloudFormation Stack CDKToolkit has a Bootstrap version {bootstrap_version}, which meets the recommended version."
-                    if bootstrap_version < recommended_cdk_bootstrap_version:
-                        report.status = "FAIL"
-                        report.status_extended = f"CloudFormation Stack CDKToolkit has a Bootstrap version {bootstrap_version}, which is less than the recommended version {recommended_cdk_bootstrap_version}."
-
-                findings.append(report)
-
-        return findings
@@ -21,9 +21,7 @@ class cloudformation_stack_outputs_find_secrets(Check):
            report.resource_arn = stack.arn
            report.resource_tags = stack.tags
            report.status = "PASS"
-            report.status_extended = (
-                f"No secrets found in CloudFormation Stack {stack.name} Outputs."
-            )
+            report.status_extended = f"No secrets found in Stack {stack.name} Outputs."
            if stack.outputs:
                data = ""
                # Store the CloudFormation Stack Outputs into a file
@@ -42,13 +40,11 @@ class cloudformation_stack_outputs_find_secrets(Check):
                        ]
                    )
                    report.status = "FAIL"
-                    report.status_extended = f"Potential secret found in CloudFormation Stack {stack.name} Outputs -> {secrets_string}."
+                    report.status_extended = f"Potential secret found in Stack {stack.name} Outputs -> {secrets_string}."

            else:
                report.status = "PASS"
-                report.status_extended = (
-                    f"CloudFormation Stack {stack.name} has no Outputs."
-                )
+                report.status_extended = f"CloudFormation {stack.name} has no Outputs."

            findings.append(report)

@@ -20,10 +20,10 @@ class cloudformation_stacks_termination_protection_enabled(Check):

                if stack.enable_termination_protection:
                    report.status = "PASS"
-                    report.status_extended = f"CloudFormation Stack {stack.name} has termination protection enabled."
+                    report.status_extended = f"CloudFormation {stack.name} has termination protection enabled."
                else:
                    report.status = "FAIL"
-                    report.status_extended = f"CloudFormation Stack {stack.name} has termination protection disabled."
+                    report.status_extended = f"CloudFormation {stack.name} has termination protection disabled."
                findings.append(report)

        return findings
@@ -5,99 +5,6 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
    cloudtrail_client,
 )

-default_threat_detection_enumeration_actions = [
-    "DescribeAccessEntry",
-    "DescribeAccountAttributes",
-    "DescribeAvailabilityZones",
-    "DescribeBundleTasks",
-    "DescribeCarrierGateways",
-    "DescribeClientVpnRoutes",
-    "DescribeCluster",
-    "DescribeDhcpOptions",
-    "DescribeFlowLogs",
-    "DescribeImages",
-    "DescribeInstanceAttribute",
-    "DescribeInstanceInformation",
-    "DescribeInstanceTypes",
-    "DescribeInstances",
-    "DescribeInstances",
-    "DescribeKeyPairs",
-    "DescribeLogGroups",
-    "DescribeLogStreams",
-    "DescribeOrganization",
-    "DescribeRegions",
-    "DescribeSecurityGroups",
-    "DescribeSnapshotAttribute",
-    "DescribeSnapshotTierStatus",
-    "DescribeSubscriptionFilters",
-    "DescribeTransitGatewayMulticastDomains",
-    "DescribeVolumes",
-    "DescribeVolumesModifications",
-    "DescribeVpcEndpointConnectionNotifications",
-    "DescribeVpcs",
-    "GetAccount",
-    "GetAccountAuthorizationDetails",
-    "GetAccountSendingEnabled",
-    "GetBucketAcl",
-    "GetBucketLogging",
-    "GetBucketPolicy",
-    "GetBucketReplication",
-    "GetBucketVersioning",
-    "GetCallerIdentity",
-    "GetCertificate",
-    "GetConsoleScreenshot",
-    "GetCostAndUsage",
-    "GetDetector",
-    "GetEbsDefaultKmsKeyId",
-    "GetEbsEncryptionByDefault",
-    "GetFindings",
-    "GetFlowLogsIntegrationTemplate",
-    "GetIdentityVerificationAttributes",
-    "GetInstances",
-    "GetIntrospectionSchema",
-    "GetLaunchTemplateData",
-    "GetLaunchTemplateData",
-    "GetLogRecord",
-    "GetParameters",
-    "GetPolicyVersion",
-    "GetPublicAccessBlock",
-    "GetQueryResults",
-    "GetRegions",
-    "GetSMSAttributes",
-    "GetSMSSandboxAccountStatus",
-    "GetSendQuota",
-    "GetTransitGatewayRouteTableAssociations",
-    "GetUserPolicy",
-    "HeadObject",
-    "ListAccessKeys",
-    "ListAccounts",
-    "ListAllMyBuckets",
-    "ListAssociatedAccessPolicies",
-    "ListAttachedUserPolicies",
-    "ListClusters",
-    "ListDetectors",
-    "ListDomains",
-    "ListFindings",
-    "ListHostedZones",
-    "ListIPSets",
-    "ListIdentities",
-    "ListInstanceProfiles",
-    "ListObjects",
-    "ListOrganizationalUnitsForParent",
-    "ListOriginationNumbers",
-    "ListPolicyVersions",
-    "ListRoles",
-    "ListRoles",
-    "ListRules",
-    "ListServiceQuotas",
-    "ListSubscriptions",
-    "ListTargetsByRule",
-    "ListTopics",
-    "ListUsers",
-    "LookupEvents",
-    "Search",
-]
-

 class cloudtrail_threat_detection_enumeration(Check):
    def execute(self):
@@ -109,8 +16,7 @@ class cloudtrail_threat_detection_enumeration(Check):
            "threat_detection_enumeration_minutes", 1440
        )
        enumeration_actions = cloudtrail_client.audit_config.get(
-            "threat_detection_enumeration_actions",
-            default_threat_detection_enumeration_actions,
+            "threat_detection_enumeration_actions", []
        )
        potential_enumeration = {}
        found_potential_enumeration = False
@@ -5,21 +5,6 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
    cloudtrail_client,
 )

-default_threat_detection_llm_jacking_actions = [
-    "PutUseCaseForModelAccess",
-    "PutFoundationModelEntitlement",
-    "PutModelInvocationLoggingConfiguration",
-    "CreateFoundationModelAgreement",
-    "InvokeModel",
-    "InvokeModelWithResponseStream",
-    "GetUseCaseForModelAccess",
-    "GetModelInvocationLoggingConfiguration",
-    "GetFoundationModelAvailability",
-    "ListFoundationModelAgreementOffers",
-    "ListFoundationModels",
-    "ListProvisionedModelThroughputs",
-]
-

 class cloudtrail_threat_detection_llm_jacking(Check):
    def execute(self):
@@ -31,8 +16,7 @@ class cloudtrail_threat_detection_llm_jacking(Check):
            "threat_detection_llm_jacking_minutes", 1440
        )
        llm_jacking_actions = cloudtrail_client.audit_config.get(
-            "threat_detection_llm_jacking_actions",
-            default_threat_detection_llm_jacking_actions,
+            "threat_detection_llm_jacking_actions", []
        )
        potential_llm_jacking = {}
        found_potential_llm_jacking = False
@@ -5,60 +5,6 @@ from prowler.providers.aws.services.cloudtrail.cloudtrail_client import (
    cloudtrail_client,
 )

-default_threat_detection_privilege_escalation_actions = [
-    "AddPermission",
-    "AddRoleToInstanceProfile",
-    "AddUserToGroup",
-    "AssociateAccessPolicy",
-    "AssumeRole",
-    "AttachGroupPolicy",
-    "AttachRolePolicy",
-    "AttachUserPolicy",
-    "ChangePassword",
-    "CreateAccessEntry",
-    "CreateAccessKey",
-    "CreateDevEndpoint",
-    "CreateEventSourceMapping",
-    "CreateFunction",
-    "CreateGroup",
-    "CreateJob",
-    "CreateKeyPair",
-    "CreateLoginProfile",
-    "CreatePipeline",
-    "CreatePolicyVersion",
-    "CreateRole",
-    "CreateStack",
-    "DeleteRolePermissionsBoundary",
-    "DeleteRolePolicy",
-    "DeleteUserPermissionsBoundary",
-    "DeleteUserPolicy",
-    "DetachRolePolicy",
-    "DetachUserPolicy",
-    "GetCredentialsForIdentity",
-    "GetId",
-    "GetPolicyVersion",
-    "GetUserPolicy",
-    "Invoke",
-    "ModifyInstanceAttribute",
-    "PassRole",
-    "PutGroupPolicy",
-    "PutPipelineDefinition",
-    "PutRolePermissionsBoundary",
-    "PutRolePolicy",
-    "PutUserPermissionsBoundary",
-    "PutUserPolicy",
-    "ReplaceIamInstanceProfileAssociation",
-    "RunInstances",
-    "SetDefaultPolicyVersion",
-    "UpdateAccessKey",
-    "UpdateAssumeRolePolicy",
-    "UpdateDevEndpoint",
-    "UpdateEventSourceMapping",
-    "UpdateFunctionCode",
-    "UpdateJob",
-    "UpdateLoginProfile",
-]
-

 class cloudtrail_threat_detection_privilege_escalation(Check):
    def execute(self):
@@ -70,8 +16,7 @@ class cloudtrail_threat_detection_privilege_escalation(Check):
            "threat_detection_privilege_escalation_minutes", 1440
        )
        privilege_escalation_actions = cloudtrail_client.audit_config.get(
-            "threat_detection_privilege_escalation_actions",
-            default_threat_detection_privilege_escalation_actions,
+            "threat_detection_privilege_escalation_actions", []
        )

        potential_privilege_escalation = {}
@@ -18,24 +18,24 @@ def check_cloudwatch_log_metric_filter(
        for trail in trails.values():
            if trail.log_group_arn:
                log_groups.append(trail.log_group_arn.split(":")[6])
-        # 2. Describe metric filters for previous log groups
-        for metric_filter in metric_filters:
-            if metric_filter.log_group.name in log_groups and re.search(
-                metric_filter_pattern, metric_filter.pattern, flags=re.DOTALL
-            ):
-                report.resource_id = metric_filter.log_group.name
-                report.resource_arn = metric_filter.log_group.arn
-                report.region = metric_filter.log_group.region
-                report.resource_tags = getattr(metric_filter.log_group, "tags", [])
-                report.status = "FAIL"
-                report.status_extended = f"CloudWatch log group {metric_filter.log_group.name} found with metric filter {metric_filter.name} but no alarms associated."
-                # 3. Check if there is an alarm for the metric
-                for alarm in metric_alarms:
-                    if alarm.metric == metric_filter.metric:
-                        report.status = "PASS"
-                        report.status_extended = f"CloudWatch log group {metric_filter.log_group.name} found with metric filter {metric_filter.name} and alarms set."
-                        break
-                if report.status == "PASS":
+    # 2. Describe metric filters for previous log groups
+    for metric_filter in metric_filters:
+        if metric_filter.log_group.name in log_groups and re.search(
+            metric_filter_pattern, metric_filter.pattern, flags=re.DOTALL
+        ):
+            report.resource_id = metric_filter.log_group.name
+            report.resource_arn = metric_filter.log_group.arn
+            report.region = metric_filter.log_group.region
+            report.resource_tags = getattr(metric_filter.log_group, "tags", [])
+            report.status = "FAIL"
+            report.status_extended = f"CloudWatch log group {metric_filter.log_group.name} found with metric filter {metric_filter.name} but no alarms associated."
+            # 3. Check if there is an alarm for the metric
+            for alarm in metric_alarms:
+                if alarm.metric == metric_filter.metric:
+                    report.status = "PASS"
+                    report.status_extended = f"CloudWatch log group {metric_filter.log_group.name} found with metric filter {metric_filter.name} and alarms set."
                    break
+            if report.status == "PASS":
+                break

    return report
@@ -15,7 +15,7 @@ class codeartifact_packages_external_public_publishing_disabled(Check):
            for package in repository.packages:
                report = Check_Report_AWS(self.metadata())
                report.region = repository.region
-                report.resource_id = f"{repository.domain_name}/{package.name}"
+                report.resource_id = package.name
                report.resource_arn = f"{repository.arn}/{package.namespace + ':' if package.namespace else ''}{package.name}"
                report.resource_tags = repository.tags

@@ -28,10 +28,10 @@ class codeartifact_packages_external_public_publishing_disabled(Check):
                        == RestrictionValues.ALLOW
                    ):
                        report.status = "FAIL"
-                        report.status_extended = f"Internal package {package.name} is vulnerable to dependency confusion in repository {repository.domain_name}."
+                        report.status_extended = f"Internal package {package.name} is vulnerable to dependency confusion in repository {repository.arn}."
                    else:
                        report.status = "PASS"
-                        report.status_extended = f"Internal package {package.name} is not vulnerable to dependency confusion in repository {repository.domain_name}."
+                        report.status_extended = f"Internal package {package.name} is not vulnerable to dependency confusion in repository {repository.arn}."

                    findings.append(report)

@@ -1,59 +0,0 @@
-from prowler.lib.logger import logger
-from prowler.providers.aws.services.codeartifact.codeartifact_client import (
-    codeartifact_client,
-)
-
-
-def fixer(resource_id: str, region: str) -> bool:
-    """
-    Modify the CodeArtifact package's configuration to restrict public access.
-    Specifically, this fixer changes the package's configuration to block public access by
-    setting restrictions on the "publish" and "upstream" actions.
-    Requires the codeartifact:PutPackageOriginConfiguration permission.
-    Permissions:
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Effect": "Allow",
-                "Action": "codeartifact:PutPackageOriginConfiguration",
-                "Resource": "*"
-            }
-        ]
-    }
-    Args:
-        resource_id (str): The CodeArtifact package name in the format "domain_name/package_name".
-        region (str): AWS region where the CodeArtifact package exists.
-    Returns:
-        bool: True if the operation is successful (configuration updated), False otherwise.
-    """
-    try:
-        domain_name, package_name = resource_id.split("/")
-
-        regional_client = codeartifact_client.regional_clients[region]
-
-        for repository in codeartifact_client.repositories.values():
-            if repository.domain_name == domain_name:
-                for package in repository.packages:
-                    if package.name == package_name:
-                        publish_value = (
-                            package.origin_configuration.restrictions.publish.value
-                        )
-                        regional_client.put_package_origin_configuration(
-                            domain=domain_name,
-                            repository=repository.name,
-                            format=package.format,
-                            package=package_name,
-                            restrictions={
-                                "publish": publish_value,
-                                "upstream": "BLOCK",
-                            },
-                        )
-
-    except Exception as error:
-        logger.error(
-            f"{region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
-        )
-        return False
-    else:
-        return True
@@ -22,7 +22,11 @@ class datasync_task_logging_enabled(Check):
        """
        findings = []
        for task in datasync_client.tasks.values():
-            report = Check_Report_AWS(self.metadata(), task)
+            report = Check_Report_AWS(self.metadata())
+            report.region = task.region
+            report.resource_id = task.id
+            report.resource_arn = task.arn
+            report.resource_tags = task.tags
            report.status = "PASS"
            report.status_extended = f"DataSync task {task.name} has logging enabled."

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Pablo Lara	2d190eb020	chore: add manage group actions	2024-12-18 17:38:09 +01:00
Pablo Lara	0459a4d6f6	Merge branch 'PRWLR-5824-Update-resource-name-and-enable-relationships-on-role-and-provider_group-create-update' into PRWLR-4669-Roles-Page-UI-with-API-changes	2024-12-18 12:10:45 +01:00
Pablo Lara	19df649554	chore: add manage group actions	2024-12-18 11:15:37 +01:00
Adrián Jesús Peña Rodríguez	737550eb05	ref(rbac): update spec	2024-12-18 11:08:19 +01:00
Adrián Jesús Peña Rodríguez	68d7d9f998	ref(rbac): enable relationship creation when objects is created	2024-12-18 11:05:29 +01:00
Pablo Lara	3c9a8b3634	chore: add manage group component	2024-12-17 11:13:37 +01:00
Pablo Lara	81f970f2d3	chore: refactor updateInvite action form	2024-12-16 13:34:16 +01:00
Pablo Lara	3d9cd177a2	chore: add role column to the table users	2024-12-16 12:59:40 +01:00
Pablo Lara	c49fdc114a	chore: report an error related to RBAC API side	2024-12-15 11:43:46 +01:00
Pablo Lara	95fd9d6b5e	WIP: add change role to the user's invitations	2024-12-15 10:52:41 +01:00
Pablo Lara	6a5bc75252	chore: add change role to the user's invitations	2024-12-15 10:52:33 +01:00
Pablo Lara	858c04b0b0	chore: fix error with exports	2024-12-15 10:52:09 +01:00
Pablo Lara	2d6f20e84b	feat: add role when invite an user	2024-12-15 10:51:58 +01:00
Pablo Lara	b0a98b1a87	feat: add permission column to roles table	2024-12-15 10:51:49 +01:00
Pablo Lara	577530ac69	chore: add and edit roles is working now	2024-12-15 10:51:10 +01:00
Pablo Lara	c1a8d47e5b	feat: edit role feature	2024-12-15 10:50:39 +01:00
Pablo Lara	e80704d6f0	feat: add new role feature	2024-12-15 10:50:32 +01:00
Pablo Lara	010de4b415	feat: add roles page	2024-12-15 10:50:24 +01:00
Pablo Lara	0a2b8e4315	chore: add roles item to the sidebar	2024-12-15 10:50:16 +01:00