chore(kubernetes mitre): first version of mapping file

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -27,7 +27,7 @@ body:
     id: actual
     attributes:
       label: Actual Result with Screenshots or Logs
-      description: If applicable, add screenshots to help explain your problem. Also, you can add logs (anonymize them first!). Here a command that may help to share a log `prowler <your arguments> --log-level ERROR --log-file $(date +%F)_error.log` then attach here the log file.
+      description: If applicable, add screenshots to help explain your problem. Also, you can add logs (anonymize them first!). Here a command that may help to share a log `prowler <your arguments> --log-level DEBUG --log-file $(date +%F)_debug.log` then attach here the log file.
     validations:
       required: true
   - type: dropdown

.github/labeler.yml

@@ -25,7 +25,3 @@ provider/kubernetes:
 github_actions:
   - changed-files:
       - any-glob-to-any-file: ".github/workflows/*"
-
-cli:
-  - changed-files:
-      - any-glob-to-any-file: "cli/**"

.github/workflows/find-secrets.yml

@@ -11,7 +11,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@v3.77.0
+        uses: trufflesecurity/trufflehog@v3.74.0
         with:
           path: ./
           base: ${{ github.event.repository.default_branch }}

.github/workflows/pull-request.yml

@@ -73,7 +73,7 @@ jobs:
       - name: Safety
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |
-          poetry run safety check --ignore 67599 --ignore 70612
+          poetry run safety check
       - name: Vulture
         if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
         run: |

.pre-commit-config.yaml

@@ -1,7 +1,7 @@
 repos:
   ## GENERAL
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.6.0
+    rev: v4.5.0
     hooks:
       - id: check-merge-conflict
       - id: check-yaml
@@ -15,7 +15,7 @@ repos:
 
   ## TOML
   - repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks
-    rev: v2.13.0
+    rev: v2.12.0
     hooks:
       - id: pretty-format-toml
         args: [--autofix]
@@ -23,13 +23,13 @@ repos:
 
   ## BASH
   - repo: https://github.com/koalaman/shellcheck-precommit
-    rev: v0.10.0
+    rev: v0.9.0
     hooks:
       - id: shellcheck
         exclude: contrib
   ## PYTHON
   - repo: https://github.com/myint/autoflake
-    rev: v2.3.1
+    rev: v2.2.1
     hooks:
       - id: autoflake
         args:
@@ -46,7 +46,7 @@ repos:
         args: ["--profile", "black"]
 
   - repo: https://github.com/psf/black
-    rev: 24.4.2
+    rev: 24.1.1
     hooks:
       - id: black
 
@@ -58,14 +58,14 @@ repos:
         args: ["--ignore=E266,W503,E203,E501,W605"]
 
   - repo: https://github.com/python-poetry/poetry
-    rev: 1.8.0
+    rev: 1.7.0
     hooks:
       - id: poetry-check
       - id: poetry-lock
         args: ["--no-update"]
 
   - repo: https://github.com/hadolint/hadolint
-    rev: v2.13.0-beta
+    rev: v2.12.1-beta
     hooks:
       - id: hadolint
         args: ["--ignore=DL3013"]
@@ -97,7 +97,7 @@ repos:
       - id: safety
         name: safety
         description: "Safety is a tool that checks your installed dependencies for known security vulnerabilities"
-        entry: bash -c 'safety check --ignore 67599 --ignore 70612'
+        entry: bash -c 'safety check'
         language: system
 
       - id: vulture

README.md

@@ -1,6 +1,6 @@
 <p align="center">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-black.png#gh-light-mode-only" width="50%" height="50%">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-white.png#gh-dark-mode-only" width="50%" height="50%">
+  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-black.png?raw=True#gh-light-mode-only" width="350" height="115">
+  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-white.png?raw=True#gh-dark-mode-only" width="350" height="115">
 </p>
 <p align="center">
   <b><i>Prowler SaaS </b> and <b>Prowler Open Source</b> are as dynamic and adaptable as the environment they’re meant to protect. Trusted by the leaders in security.
@@ -10,10 +10,11 @@
 </p>
 
 <p align="center">
-<a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog"><img width="30" height="30" alt="Prowler community on Slack" src="https://github.com/prowler-cloud/prowler/assets/38561120/3c8b4ec5-6849-41a5-b5e1-52bbb94af73a"></a>
+<a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog"><img width="30" height="30" alt="Prowler community on Slack" src="https://github.com/prowler-cloud/prowler/assets/3985464/3617e470-670c-47c9-9794-ce895ebdb627"></a>
   <br>
 <a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog">Join our Prowler community!</a>
 </p>
+
 <hr>
 <p align="center">
   <a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog"><img alt="Slack Shield" src="https://img.shields.io/badge/slack-prowler-brightgreen.svg?logo=slack"></a>
@@ -60,8 +61,8 @@ It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, Fe
 
 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
-| AWS | 359 | 66 -> `prowler aws --list-services` | 28 -> `prowler aws --list-compliance` | 7 -> `prowler aws --list-categories` |
-| GCP | 77 | 13 -> `prowler gcp --list-services` | 1 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
+| AWS | 304 | 61 -> `prowler aws --list-services` | 28 -> `prowler aws --list-compliance` | 6 -> `prowler aws --list-categories` |
+| GCP | 75 | 11 -> `prowler gcp --list-services` | 1 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
 | Azure | 127 | 16 -> `prowler azure --list-services` | 2 -> `prowler azure --list-compliance` | 2 -> `prowler azure --list-categories` |
 | Kubernetes | 83 | 7 -> `prowler kubernetes --list-services` | 1 -> `prowler kubernetes --list-compliance` | 7 -> `prowler kubernetes --list-categories` |
 
@@ -102,8 +103,7 @@ poetry shell
 poetry install
 python prowler.py -v
 ```
-???+ note
-  If you want to clone Prowler from Windows, use `git config core.longpaths true` to allow long file paths.
+
 # 📐✏️ High level architecture
 
 You can run Prowler from your workstation, a Kubernetes Job, a Google Compute Engine, an Azure VM, an EC2 instance, Fargate or any other container, CloudShell and many more.
@@ -119,6 +119,7 @@ You can run Prowler from your workstation, a Kubernetes Job, a Google Compute En
 - The CSV output format is common for all the providers.
 
 We have deprecated some of our outputs formats:
+- The HTML is replaced for the new Prowler Dashboard, run `prowler dashboard`.
 - The native JSON is replaced for the JSON [OCSF](https://schema.ocsf.io/) v1.1.0, common for all the providers.
 
 ## AWS

SECURITY.md

@@ -12,7 +12,7 @@ As an **AWS Partner** and we have passed the [AWS Foundation Technical Review (F
 
 ## Reporting a Vulnerability
 
-If you would like to report a vulnerability or have a security concern regarding Prowler Open Source or ProwlerPro service, please submit the information by contacting to https://support.prowler.com.
+If you would like to report a vulnerability or have a security concern regarding Prowler Open Source or ProwlerPro service, please submit the information by contacting to help@prowler.pro.
 
 The information you share with ProwlerPro as part of this process is kept confidential within ProwlerPro. We will only share this information with a third party if the vulnerability you report is found to affect a third-party product, in which case we will share this information with the third-party product's author or manufacturer. Otherwise, we will only share this information as permitted by you.
 

cli/cli.md

@@ -1,31 +0,0 @@
-# CLI
-To show the banner, use:
-`python cli/cli.py banner`
-## Listing
-List services by provider
-
-`python cli/cli.py <provider> list-services`
-
-List fixers by provider
-
-`python cli/cli.py <provider> list-services`
-
-List categories by provider
-
-`python cli/cli.py <provider> list-categories`
-
-List compliance by provider
-
-`python cli/cli.py <provider> list-compliance`
-
-List compliance requirements by provider
-
-`python cli/cli.py <provider> list-compliance-requirements [compliance(s)]`
-
-List checks by provider
-
-`python cli/cli.py <provider> list-checks`
-
-List checks in JSON format by provider
-
-`python cli/cli.py <provider> list-checks-json`

cli/cli.py

@@ -1,388 +0,0 @@
-from argparse import Namespace
-from typing import List, Optional
-
-import typer
-
-from prowler.config.config import (
-    available_compliance_frameworks,
-    default_output_directory,
-    finding_statuses,
-)
-from prowler.lib.check.check import (
-    bulk_load_checks_metadata,
-    bulk_load_compliance_frameworks,
-    list_categories,
-    list_checks_json,
-    list_fixers,
-    list_services,
-    print_categories,
-    print_checks,
-    print_compliance_frameworks,
-    print_compliance_requirements,
-    print_fixers,
-    print_services,
-)
-from prowler.lib.check.checks_loader import load_checks_to_execute
-from prowler.lib.check.compliance import update_checks_metadata_with_compliance
-from prowler.lib.logger import logger, logging_levels, set_logging_config
-from prowler.lib.outputs.security_hub.security_hub import SecurityHub
-from prowler.lib.scan.scan import Scan
-from prowler.providers.common.provider import Provider
-
-app = typer.Typer()
-
-
-def check_provider(provider: str):
-    if provider not in ["aws", "azure", "gcp", "kubernetes"]:
-        raise typer.BadParameter(
-            "Invalid provider. Choose between aws, azure, gcp or kubernetes."
-        )
-    return provider
-
-
-def check_compliance_framework(provider: str, compliance_framework: list):
-    # From the available_compliance_frameworks, check if the compliance_framework is valid for the provider
-    compliance_frameworks_provider = []
-    valid_compliance_frameworks = []
-    for provider_compliance_framework in available_compliance_frameworks:
-        if provider in provider_compliance_framework:
-            compliance_frameworks_provider.append(provider_compliance_framework)
-    for compliance in compliance_framework:
-        if compliance not in compliance_frameworks_provider:
-            print(f"{compliance} is not a valid Compliance Framework\n")
-        else:
-            valid_compliance_frameworks.append(compliance)
-    return valid_compliance_frameworks
-
-
-def validate_log_level(log_level: str):
-    log_levels = list(logging_levels.keys())
-    if log_level not in log_levels:
-        raise typer.BadParameter(f"Log level must be one of {log_levels}")
-    return log_level
-
-
-def split_space_separated_values(value: str) -> List[str]:
-    output = []
-    if value:
-        for item in value:
-            for input in item.split(" "):
-                output.append(input)
-    return output
-
-
-def validate_status(status: List[str]):
-    valid_status = []
-    for s in status:
-        if s not in finding_statuses:
-            raise typer.BadParameter(f"Status must be one of {finding_statuses}")
-        valid_status.append(s)
-    return valid_status
-
-
-def validate_output_formats(output_formats: List[str]):
-    valid_formats = []
-    valid_output_formats = ["csv", "json-ocsf", "html", "json-asff"]
-    for output_format in output_formats:
-        if output_format not in valid_output_formats:
-            raise typer.BadParameter(
-                f"Output format must be one of {valid_output_formats}"
-            )
-        else:
-            valid_formats.append(output_format)
-    return output_formats
-
-
-class CLI:
-    def __init__(
-        self,
-        provider: str,
-        list_services: bool,
-        list_fixers: bool,
-        list_categories: bool,
-        list_compliance: bool,
-        list_compliance_requirements: List[str],
-        list_checks: bool,
-        list_checks_json: bool,
-        log_level: str,
-        log_file: Optional[str],
-        only_logs: bool,
-        status: List[str],
-        output_formats: List[str],
-        output_filename: Optional[str],
-        output_directory: Optional[str],
-        verbose: bool,
-        ignore_exit_code_3: bool,
-        no_banner: bool,
-        unix_timestamp: bool,
-        profile: Optional[str],
-    ):
-        self.provider = provider
-        self.list_services = list_services
-        self.list_fixers = list_fixers
-        self.list_categories = list_categories
-        self.list_compliance = list_compliance
-        self.list_compliance_requirements = list_compliance_requirements
-        self.list_checks = list_checks
-        self.list_checks_json = list_checks_json
-        self.log_level = log_level
-        self.log_file = log_file
-        self.only_logs = only_logs
-        self.status = status
-        self.output_formats = output_formats
-        self.output_filename = output_filename
-        self.output_directory = output_directory
-        self.verbose = verbose
-        self.ignore_exit_code_3 = ignore_exit_code_3
-        self.no_banner = no_banner
-        self.unix_timestamp = unix_timestamp
-        self.profile = profile
-
-
-@app.command()
-def main(
-    provider: str = typer.Argument(
-        ..., help="The provider to check", callback=check_provider
-    ),
-    list_services_bool: bool = typer.Option(
-        False, "--list-services", help="List the services of the provider"
-    ),
-    list_fixers_bool: bool = typer.Option(
-        False, "--list-fixers", help="List the fixers of the provider"
-    ),
-    list_categories_bool: bool = typer.Option(
-        False, "--list-categories", help="List the categories of the provider"
-    ),
-    list_compliance_bool: bool = typer.Option(
-        False,
-        "--list-compliance",
-        help="List the compliance frameworks of the provider",
-    ),
-    list_compliance_requirements_value: List[str] = typer.Option(
-        None,
-        "--list-compliance-requirements",
-        help="List the compliance requirements of the provider",
-        callback=split_space_separated_values,
-    ),
-    list_checks_bool: bool = typer.Option(
-        False, "--list-checks", help="List the checks of the provider"
-    ),
-    list_checks_json_bool: bool = typer.Option(
-        False,
-        "--list-checks-json",
-        help="List the checks of the provider in JSON format",
-    ),
-    log_level: str = typer.Option("INFO", "--log-level", help="Set the Log level"),
-    log_file: str = typer.Option(None, "--log-file", help="Set the Log file"),
-    only_logs: bool = typer.Option(False, "--only-logs", help="Only show logs"),
-    status_value: List[str] = typer.Option(
-        [],
-        "--status",
-        help=f"Filter by the status of the findings {finding_statuses}",
-        callback=split_space_separated_values,
-    ),
-    output_formats_value: List[str] = typer.Option(
-        ["csv json-ocsf html"],
-        "--output-formats",
-        help="Output format for the findings",
-        callback=split_space_separated_values,
-    ),
-    output_filename_value: str = typer.Option(
-        None, "--output-filename", help="Output filename"
-    ),
-    output_directory_value: str = typer.Option(
-        None, "--output-directory", help="Output directory"
-    ),
-    verbose: bool = typer.Option(False, "--verbose", help="Show verbose output"),
-    ignore_exit_code_3: bool = typer.Option(
-        False, "--ignore-exit-code-3", help="Ignore exit code 3"
-    ),
-    no_banner: bool = typer.Option(False, "--no-banner", help="Do not show the banner"),
-    unix_timestamp: bool = typer.Option(
-        False, "--unix-timestamp", help="Use Unix timestamp"
-    ),
-    profile: str = typer.Option(None, "--profile", help="The profile to use"),
-):
-    # Make sure the values are valid
-    if status_value:
-        status_value = validate_status(status_value)
-    if output_formats_value:
-        output_formats_value = validate_output_formats(output_formats_value)
-    if not output_directory_value:
-        output_directory_value = default_output_directory
-    options = CLI(
-        provider,
-        list_services_bool,
-        list_fixers_bool,
-        list_categories_bool,
-        list_compliance_bool,
-        list_compliance_requirements_value,
-        list_checks_bool,
-        list_checks_json_bool,
-        log_level,
-        log_file,
-        only_logs,
-        status_value,
-        output_formats_value,
-        output_filename_value,
-        output_directory_value,
-        verbose,
-        ignore_exit_code_3,
-        no_banner,
-        unix_timestamp,
-        profile,
-    )
-
-    if options.list_services:
-        services = list_services(options.provider)
-        print_services(services)
-    if options.list_fixers:
-        fixers = list_fixers(options.provider)
-        print_fixers(fixers)
-    if options.list_categories:
-        checks_metadata = bulk_load_checks_metadata(options.provider)
-        categories = list_categories(checks_metadata)
-        print_categories(categories)
-    if options.list_compliance:
-        compliance_frameworks = bulk_load_compliance_frameworks(options.provider)
-        print_compliance_frameworks(compliance_frameworks)
-    if options.list_compliance_requirements:
-        valid_compliance = check_compliance_framework(
-            options.provider, options.list_compliance_requirements
-        )
-        print_compliance_requirements(
-            bulk_load_compliance_frameworks(options.provider),
-            valid_compliance,
-        )
-    if options.list_checks:
-        checks_metadata = bulk_load_checks_metadata(options.provider)
-        checks = load_checks_to_execute(
-            checks_metadata,
-            bulk_load_compliance_frameworks(options.provider),
-            None,
-            [],
-            [],
-            [],
-            [],
-            [],
-            options.provider,
-        )
-        print_checks(options.provider, sorted(checks), checks_metadata)
-    if options.list_checks_json:
-        checks_metadata = bulk_load_checks_metadata(options.provider)
-        checks_to_execute = load_checks_to_execute(
-            checks_metadata,
-            bulk_load_compliance_frameworks(options.provider),
-            None,
-            [],
-            [],
-            [],
-            [],
-            [],
-            options.provider,
-        )
-        print(list_checks_json(options.provider, sorted(checks_to_execute)))
-    if options.log_level:
-        set_logging_config(validate_log_level(options.log_level))
-        logger.info(f"Log level set to {options.log_level}")
-    if options.log_file:
-        if options.log_level:
-            set_logging_config(validate_log_level(options.log_level), options.log_file)
-        else:
-            set_logging_config("INFO", options.log_file)
-        logger.info(f"Log file set to {options.log_file}")
-    if options.only_logs:
-        if options.log_level:
-            set_logging_config(validate_log_level(options.log_level), only_logs=True)
-        else:
-            set_logging_config("INFO", only_logs=True)
-        logger.info("Only logs are shown")
-    if options.status:
-        logger.info(f"Filtering by status: {options.status}")
-        # TODO: Implement filtering by status in a class
-    if options.output_formats:
-        logger.info(f"Output formats: {options.output_formats}")
-        # TODO: Implement output formats in a class
-    if options.output_filename:
-        logger.info(f"Output filename: {options.output_filename}")
-    # TODO: Implement output filename in a class
-    if options.output_directory:
-        logger.info(f"Output directory: {options.output_directory}")
-    # TODO: Implement output directory in a class
-    if options.verbose:
-        logger.info("Verbose output is enabled")
-    if options.ignore_exit_code_3:
-        logger.info("Ignoring exit code 3")
-    if options.no_banner:
-        logger.info("No banner is shown")
-    if options.unix_timestamp:
-        logger.info("Using Unix timestamp")
-    if options.profile:
-        logger.info(f"Using profile: {options.profile}")
-
-    run_scan(options)
-
-    return options
-
-
-def run_scan(options: CLI):
-    # Execute Prowler
-    checks_to_execute = ["s3_account_level_public_access_blocks"]
-    # Create the provider
-    args = Namespace
-    args.provider = options.provider
-    args.profile = options.profile
-    args.verbose = options.verbose
-    args.fixer = False
-    args.only_logs = options.only_logs
-    args.status = options.status
-    args.output_formats = options.output_formats
-    args.output_filename = options.output_filename
-    args.unix_timestamp = options.unix_timestamp
-    args.output_directory = options.output_directory
-    args.shodan = None
-    args.security_hub = False
-    args.send_sh_only_fails = False
-    args.ignore_exit_code_3 = options.ignore_exit_code_3
-    args.no_banner = options.no_banner
-    # args.region = ("eu-west-1")
-    Provider.set_global_provider(args)
-    provider = Provider.get_global_provider()
-    bulk_checks_metadata = bulk_load_checks_metadata(provider.type)
-    bulk_compliance_frameworks = bulk_load_compliance_frameworks(provider.type)
-    bulk_checks_metadata = update_checks_metadata_with_compliance(
-        bulk_compliance_frameworks, bulk_checks_metadata
-    )
-    provider.output_options = (args, bulk_checks_metadata)
-    provider.output_options.bulk_checks_metadata = bulk_checks_metadata
-    scan = Scan(provider, checks_to_execute)
-    custom_checks_metadata = None
-    scan_results = scan.scan(custom_checks_metadata)
-    # Verify where AWS Security Hub is enabled
-    aws_security_enabled_regions = []
-    security_hub_regions = (
-        provider.get_available_aws_service_regions("securityhub")
-        if not provider.identity.audited_regions
-        else provider.identity.audited_regions
-    )
-    security_hub = SecurityHub(provider)
-    for region in security_hub_regions:
-        # Save the regions where AWS Security Hub is enabled
-        if security_hub.verify_security_hub_integration_enabled_per_region(
-            region,
-        ):
-            aws_security_enabled_regions.append(region)
-    # Prepare the findings to be sent to Security Hub
-    security_hub_findings_per_region = security_hub.prepare_security_hub_findings(
-        scan_results,
-        aws_security_enabled_regions,
-    )
-    # Send the findings to Security Hub
-    findings_sent_to_security_hub = security_hub.batch_send_to_security_hub(
-        security_hub_findings_per_region
-    )
-    print(findings_sent_to_security_hub)
-
-
-if __name__ == "__main__":
-    app()

contrib/cloud9/cloud9-installation.sh

@@ -14,4 +14,4 @@ cd ~ || exit
 python3.9 -m pip install prowler-cloud
 prowler -v
 # Run Prowler
-prowler aws
+prowler

contrib/codebuild/codebuild-prowlerv3-audit-account-cfn.yaml

@@ -212,7 +212,6 @@ Resources:
                 - appstream:Describe*
                 - codeartifact:List*
                 - codebuild:BatchGet*
-                - cognito-idp:GetUserPoolMfaConfig
                 - ds:Get*
                 - ds:Describe*
                 - ds:List*

contrib/gcp/enable_apis_in_projects.sh

@@ -1,47 +0,0 @@
-#!/bin/bash
-
-# List of project IDs
-PROJECT_IDS=(
-    "project-id-1"
-    "project-id-2"
-    "project-id-3"
-    # Add more project IDs as needed
-)
-
-# List of Prowler APIs to enable
-APIS=(
-    "apikeys.googleapis.com"
-    "artifactregistry.googleapis.com"
-    "bigquery.googleapis.com"
-    "sqladmin.googleapis.com"  # Cloud SQL
-    "storage.googleapis.com"  # Cloud Storage
-    "compute.googleapis.com"
-    "dataproc.googleapis.com"
-    "dns.googleapis.com"
-    "containerregistry.googleapis.com"  # GCR (Google Container Registry)
-    "container.googleapis.com"  # GKE (Google Kubernetes Engine)
-    "iam.googleapis.com"
-    "cloudkms.googleapis.com"  # KMS (Key Management Service)
-    "logging.googleapis.com"
-)
-
-# Function to enable APIs for a given project
-enable_apis_for_project() {
-    local PROJECT_ID=$1
-
-    echo "Enabling APIs for project: ${PROJECT_ID}"
-
-    for API in "${APIS[@]}"; do
-        echo "Enabling API: $API for project: ${PROJECT_ID}"
-        if gcloud services enable "${API}" --project="${PROJECT_ID}"; then
-            echo "Successfully enabled API $API for project ${PROJECT_ID}."
-        else
-            echo "Failed to enable API $API for project ${PROJECT_ID}."
-        fi
-    done
-}
-
-# Loop over each project and enable the APIs
-for PROJECT_ID in "${PROJECT_IDS[@]}"; do
-    enable_apis_for_project "${PROJECT_ID}"
-done

dashboard/__main__.py

@@ -16,7 +16,7 @@ from prowler.lib.banner import print_banner
 warnings.filterwarnings("ignore")
 
 cli = sys.modules["flask.cli"]
-print_banner()
+print_banner(verbose=False)
 print(
     f"{Fore.GREEN}Loading all CSV files from the folder {folder_path_overview} ...\n{Style.RESET_ALL}"
 )
@@ -27,7 +27,7 @@ cli.show_server_banner = lambda *x: click.echo(
 # Initialize the app - incorporate css
 dashboard = dash.Dash(
     __name__,
-    external_stylesheets=[dbc.themes.FLATLY],
+    external_stylesheets=[dbc.themes.DARKLY],
     use_pages=True,
     suppress_callback_exceptions=True,
     title="Prowler Dashboard",
@@ -60,9 +60,7 @@ def generate_nav_links(current_path):
         link_content = html.Span(
             [
                 html.Img(src=icon_url, className="w-5"),
-                html.Span(
-                    page["name"], className="font-medium text-base leading-6 text-white"
-                ),
+                html.Span(page["name"], className="font-medium text-base leading-6"),
             ],
             className="flex justify-center lg:justify-normal items-center gap-x-3 py-2 px-3",
         )
@@ -98,8 +96,7 @@ def generate_help_menu():
                     [
                         html.Img(src=link["icon"], className="w-5"),
                         html.Span(
-                            link["title"],
-                            className="font-medium text-base leading-6 text-white",
+                            link["title"], className="font-medium text-base leading-6"
                         ),
                     ],
                     className="flex items-center gap-x-3 py-2 px-3",
@@ -163,7 +160,7 @@ def update_nav_bar(pathname):
                                     html.Img(src="assets/favicon.ico", className="w-5"),
                                     "Subscribe to prowler SaaS",
                                 ],
-                                className="flex items-center gap-x-3 text-white",
+                                className="flex items-center gap-x-3",
                             ),
                         ],
                         href="https://prowler.com/",

dashboard/assets/images/icons/arrows.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" shape-rendering="geometricPrecision" text-rendering="geometricPrecision" image-rendering="optimizeQuality" fill-rule="evenodd" clip-rule="evenodd" viewBox="0 0 443 511.62"><path fill-rule="nonzero" d="M152.93 286.97c0 17.1-13.87 30.97-30.97 30.97-17.11 0-30.98-13.87-30.98-30.97v-177.4l-37.45 40.31c-11.63 12.5-31.19 13.2-43.68 1.57-12.49-11.62-13.19-31.18-1.57-43.68L99.33 9.79l2.06-1.94c12.69-11.35 32.2-10.26 43.55 2.43l91.05 101.47c11.35 12.69 10.26 32.2-2.43 43.55-12.68 11.36-32.19 10.27-43.55-2.42l-37.08-41.33v175.42zm236.24 71.77c11.35-12.69 30.86-13.78 43.55-2.43 12.69 11.36 13.78 30.87 2.42 43.56L344.1 501.34c-11.36 12.69-30.87 13.78-43.55 2.42l-2.02-1.97-91.09-97.95c-11.63-12.49-10.93-32.05 1.57-43.67 12.49-11.63 32.05-10.93 43.67 1.57l37.46 40.31V231.53c0-17.11 13.87-30.97 30.97-30.97s30.97 13.86 30.97 30.97v168.54l37.09-41.33z"/></svg>

dashboard/assets/images/icons/dropdown.svg

@@ -1 +0,0 @@
-<svg class="svg-icon" style="width: 1.001953125em; height: 1em;vertical-align: middle;fill: currentColor;overflow: hidden;" viewBox="0 0 1026 1024" version="1.1" xmlns="http://www.w3.org/2000/svg"><path d="M1013.7 90.8C997.8 75.5 972.4 76 957.1 92L510.9 557.1 73.2 90.8C58 74.7 32.7 73.9 16.6 89 0.5 104.1-0.3 129.4 14.8 145.5l466.6 497.1 1.5 1.5c0.2 0.2 0.4 0.4 0.7 0.6 0.3 0.3 0.6 0.5 0.9 0.8 0.3 0.3 0.6 0.5 0.9 0.7 0.2 0.2 0.4 0.4 0.7 0.6 0.3 0.2 0.6 0.5 0.9 0.7 0.2 0.2 0.5 0.4 0.7 0.5l0.9 0.6c0.3 0.2 0.5 0.4 0.8 0.5 0.3 0.2 0.6 0.3 0.9 0.5 0.3 0.2 0.6 0.3 0.9 0.5 0.3 0.2 0.5 0.3 0.8 0.4 0.3 0.2 0.6 0.3 1 0.5 0.3 0.1 0.5 0.3 0.8 0.4 0.3 0.2 0.7 0.3 1 0.5 0.2 0.1 0.5 0.2 0.7 0.3 0.4 0.2 0.7 0.3 1.1 0.4 0.2 0.1 0.5 0.2 0.7 0.3 0.4 0.1 0.8 0.3 1.2 0.4 0.2 0.1 0.5 0.1 0.7 0.2l1.2 0.3c0.2 0.1 0.4 0.1 0.7 0.2 0.4 0.1 0.8 0.2 1.3 0.3 0.2 0 0.4 0.1 0.6 0.1 0.4 0.1 0.9 0.2 1.3 0.2 0.2 0 0.4 0.1 0.6 0.1 0.5 0.1 0.9 0.1 1.4 0.2 0.2 0 0.4 0 0.6 0.1 0.5 0 1 0.1 1.5 0.1h4.6c0.5 0 1-0.1 1.5-0.1 0.2 0 0.4 0 0.5-0.1 0.5 0 0.9-0.1 1.4-0.2 0.2 0 0.4-0.1 0.6-0.1 0.4-0.1 0.9-0.1 1.3-0.2 0.2 0 0.4-0.1 0.6-0.1l1.2-0.3c0.2-0.1 0.4-0.1 0.7-0.2l1.2-0.3c0.2-0.1 0.5-0.1 0.7-0.2 0.4-0.1 0.8-0.2 1.1-0.4 0.2-0.1 0.5-0.2 0.7-0.3 0.4-0.1 0.7-0.3 1.1-0.4 0.3-0.1 0.5-0.2 0.8-0.3 0.3-0.1 0.7-0.3 1-0.5 0.3-0.1 0.5-0.2 0.8-0.4 0.3-0.2 0.6-0.3 0.9-0.5 0.3-0.1 0.6-0.3 0.8-0.4 0.3-0.2 0.6-0.3 0.8-0.5 0.3-0.2 0.6-0.3 0.9-0.5 0.3-0.2 0.5-0.3 0.8-0.5l0.9-0.6c0.2-0.2 0.4-0.3 0.7-0.5 0.3-0.2 0.6-0.5 1-0.7 0.2-0.1 0.4-0.3 0.6-0.5 0.3-0.3 0.7-0.5 1-0.8 0.2-0.1 0.3-0.3 0.5-0.5 0.5-0.5 1-0.9 1.5-1.4l0.9-0.9 475.4-495.6c15.3-15.7 14.7-41.1-1.2-56.3z" fill="#898989" /></svg>

dashboard/assets/styles/dist/output.css

@@ -5,7 +5,7 @@
 /* Use this file to add custom styles using Tailwind's utility classes. */
 
 /*
-! tailwindcss v3.4.3 | MIT License | https://tailwindcss.com */
+! tailwindcss v3.4.1 | MIT License | https://tailwindcss.com */
 
 /*
 1. Prevent padding and border from affecting element width. (https://github.com/mozdevs/cssremedy/issues/4)
@@ -216,8 +216,6 @@ textarea {
   /* 1 */
   line-height: inherit;
   /* 1 */
-  letter-spacing: inherit;
-  /* 1 */
   color: inherit;
   /* 1 */
   margin: 0;
@@ -241,9 +239,9 @@ select {
 */
 
 button,
-input:where([type='button']),
-input:where([type='reset']),
-input:where([type='submit']) {
+[type='button'],
+[type='reset'],
+[type='submit'] {
   -webkit-appearance: button;
   /* 1 */
   background-color: transparent;
@@ -499,10 +497,6 @@ video {
   --tw-backdrop-opacity:  ;
   --tw-backdrop-saturate:  ;
   --tw-backdrop-sepia:  ;
-  --tw-contain-size:  ;
-  --tw-contain-layout:  ;
-  --tw-contain-paint:  ;
-  --tw-contain-style:  ;
 }
 
 ::backdrop {
@@ -553,18 +547,14 @@ video {
   --tw-backdrop-opacity:  ;
   --tw-backdrop-saturate:  ;
   --tw-backdrop-sepia:  ;
-  --tw-contain-size:  ;
-  --tw-contain-layout:  ;
-  --tw-contain-paint:  ;
-  --tw-contain-style:  ;
 }
 
 .custom-grid {
   grid-template-columns: minmax(0, 16fr) repeat(11, minmax(0, 11fr));
 }
 
-.collapse {
-  visibility: collapse;
+.visible {
+  visibility: visible;
 }
 
 .relative {
@@ -604,10 +594,6 @@ video {
   margin-right: auto;
 }
 
-.mb-0 {
-  margin-bottom: 0px;
-}
-
 .mb-2 {
   margin-bottom: 0.5rem;
 }
@@ -632,14 +618,6 @@ video {
   margin-top: auto;
 }
 
-.mb-\[30px\] {
-  margin-bottom: 30px;
-}
-
-.mt-\[30px\] {
-  margin-top: 30px;
-}
-
 .block {
   display: block;
 }
@@ -656,6 +634,14 @@ video {
   display: inline-flex;
 }
 
+.min-w-36 {
+  min-width: 9rem;
+}
+
+.min-w-44 {
+  min-width: 11rem;
+}
+
 .table {
   display: table;
 }
@@ -676,10 +662,6 @@ video {
   max-height: 300px;
 }
 
-.w-3 {
-  width: 0.75rem;
-}
-
 .w-5 {
   width: 1.25rem;
 }
@@ -688,50 +670,6 @@ video {
   width: 2rem;
 }
 
-.w-\[10\%\] {
-  width: 10%;
-}
-
-.w-\[10\.5\%\] {
-  width: 10.5%;
-}
-
-.w-\[11\%\] {
-  width: 11%;
-}
-
-.w-\[13\.5\%\] {
-  width: 13.5%;
-}
-
-.w-\[14\.5\%\] {
-  width: 14.5%;
-}
-
-.w-\[15\%\] {
-  width: 15%;
-}
-
-.w-\[36\%\] {
-  width: 36%;
-}
-
-.w-\[4\%\] {
-  width: 4%;
-}
-
-.w-\[40\.5\%\] {
-  width: 40.5%;
-}
-
-.w-\[9\%\] {
-  width: 9%;
-}
-
-.w-\[9\.5\%\] {
-  width: 9.5%;
-}
-
 .w-fit {
   width: -moz-fit-content;
   width: fit-content;
@@ -741,10 +679,6 @@ video {
   width: 100%;
 }
 
-.min-w-36 {
-  min-width: 9rem;
-}
-
 .grid-cols-12 {
   grid-template-columns: repeat(12, minmax(0, 1fr));
 }
@@ -862,31 +796,30 @@ video {
 }
 
 .bg-gradient-failed {
-  background-image: linear-gradient(127.43deg, #F1F5F8 -177.68%, #EF4444 87.35%);
+  background-image: linear-gradient(127.43deg, #F1F5F8 -177.68%, #e67272 87.35%);
 }
 
 .bg-gradient-passed {
-  background-image: linear-gradient(127.43deg, #F1F5F8 -177.68%, #4ADE80 87.35%);
+  background-image: linear-gradient(127.43deg, #F1F5F8 -177.68%, #54d283 87.35%);
 }
 
-.p-2 {
-  padding: 0.5rem;
+.bg-gradient-muted {
+    background-image: linear-gradient(127.43deg, #F1F5F8 -177.68%, #636c78 87.35%);
 }
 
 .p-3 {
   padding: 0.75rem;
 }
 
+.p-2 {
+  padding: 0.5rem;
+}
+
 .px-10 {
   padding-left: 2.5rem;
   padding-right: 2.5rem;
 }
 
-.px-2 {
-  padding-left: 0.5rem;
-  padding-right: 0.5rem;
-}
-
 .px-3 {
   padding-left: 0.75rem;
   padding-right: 0.75rem;
@@ -921,10 +854,6 @@ video {
   padding-bottom: 0.75rem;
 }
 
-.pr-2 {
-  padding-right: 0.5rem;
-}
-
 .text-center {
   text-align: center;
 }
@@ -1000,11 +929,6 @@ video {
   color: rgb(41 37 36 / var(--tw-text-opacity));
 }
 
-.text-white {
-  --tw-text-opacity: 1;
-  color: rgb(255 255 255 / var(--tw-text-opacity));
-}
-
 .opacity-90 {
   opacity: 0.9;
 }
@@ -1068,6 +992,19 @@ video {
   /* Firefox */
 }
 
+/*Styles for previous-vext-container from table*/
+.previous-next-container {
+  margin-top: 1rem;
+  color: #000;
+}
+
+/*Style for input in filter table*/
+.dash-table-container .dash-spreadsheet-container .dash-spreadsheet-inner input:not([type=radio]):not([type=checkbox]) {
+  color: #FFF !important;
+  opacity: 1 !important;
+}
+
+
 #_dash-app-content {
   --tw-bg-opacity: 1;
   background-color: rgb(231 229 228 / var(--tw-bg-opacity));
@@ -1104,10 +1041,6 @@ video {
   color: rgb(41 37 36 / var(--tw-text-opacity));
 }
 
-#_dash-app-content .accordion .accordion-collapse.collapse {
-  visibility: visible;
-}
-
 #_dash-app-content .accordion .accordion-button:not(.collapsed) {
   --tw-bg-opacity: 1;
   background-color: rgb(231 229 228 / var(--tw-bg-opacity));
@@ -1224,10 +1157,6 @@ video {
   width: auto;
 }
 
-.overview-table .card .collapse {
-  visibility: visible;
-}
-
 @media (min-width: 1536px) {
   .\32xl\:container {
     width: 100%;
@@ -1370,37 +1299,3 @@ video {
     row-gap: 0px;
   }
 }
-
-@media (min-width: 1536px) {
-  .\32xl\:w-\[10\%\] {
-    width: 10%;
-  }
-
-  .\32xl\:w-\[12\.5\%\] {
-    width: 12.5%;
-  }
-
-  .\32xl\:w-\[14\%\] {
-    width: 14%;
-  }
-
-  .\32xl\:w-\[15\.5\%\] {
-    width: 15.5%;
-  }
-
-  .\32xl\:w-\[2\%\] {
-    width: 2%;
-  }
-
-  .\32xl\:w-\[48\%\] {
-    width: 48%;
-  }
-
-  .\32xl\:w-\[71\.5\%\] {
-    width: 71.5%;
-  }
-
-  .\32xl\:w-\[9\%\] {
-    width: 9%;
-  }
-}

dashboard/common_methods.py

@@ -1535,7 +1535,7 @@ def get_section_container_iso(data, section_1, section_2):
     return html.Div(section_containers, className="compliance-data-layout")
 
 
-def get_section_containers_format4(data, section_1):
+def get_section_containers_pci(data, section_1):
 
     data["STATUS"] = data["STATUS"].apply(map_status_to_icon)
     data[section_1] = data[section_1].astype(str)
@@ -1654,13 +1654,9 @@ def get_section_containers_format4(data, section_1):
         )
 
         graph_div_service = html.Div(graph_service, className="graph-section-req")
-        if "REQUIREMENTS_NAME" not in specific_data.columns:
-            title_internal = f"{service}"
-        else:
-            title_internal = f"{service} - {specific_data['REQUIREMENTS_NAME'].iloc[0]}"
 
         internal_accordion_item = dbc.AccordionItem(
-            title=title_internal,
+            title=service,
             children=[html.Div([data_table], className="inner-accordion-content")],
         )
 

dashboard/compliance/aws_foundational_technical_review_aws.py

@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format1
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ].copy()
-
-    return get_section_containers_format1(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )

dashboard/compliance/ens_rd2022_aws.py

@@ -6,13 +6,6 @@ warnings.filterwarnings("ignore")
 
 
 def get_table(data):
-    # append the requirements_description to idgrupocontrol
-    data["REQUIREMENTS_ATTRIBUTES_IDGRUPOCONTROL"] = (
-        data["REQUIREMENTS_ATTRIBUTES_IDGRUPOCONTROL"]
-        + " - "
-        + data["REQUIREMENTS_DESCRIPTION"]
-    )
-
     aux = data[
         [
             "REQUIREMENTS_ATTRIBUTES_MARCO",

dashboard/compliance/mitre_attack_aws.py

@@ -1,6 +1,6 @@
 import warnings
 
-from dashboard.common_methods import get_section_containers_format4
+from dashboard.common_methods import get_section_containers_format2
 
 warnings.filterwarnings("ignore")
 
@@ -9,13 +9,15 @@ def get_table(data):
     aux = data[
         [
             "REQUIREMENTS_ID",
-            "REQUIREMENTS_NAME",
+            "REQUIREMENTS_SUBTECHNIQUES",
             "CHECKID",
             "STATUS",
             "REGION",
             "ACCOUNTID",
             "RESOURCEID",
         ]
-    ]
+    ].copy()
 
-    return get_section_containers_format4(aux, "REQUIREMENTS_ID")
+    return get_section_containers_format2(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_SUBTECHNIQUES"
+    )

dashboard/compliance/mitre_attack_azure.py

@@ -1,6 +1,6 @@
 import warnings
 
-from dashboard.common_methods import get_section_containers_format4
+from dashboard.common_methods import get_section_containers_format2
 
 warnings.filterwarnings("ignore")
 
@@ -9,13 +9,15 @@ def get_table(data):
     aux = data[
         [
             "REQUIREMENTS_ID",
-            "REQUIREMENTS_NAME",
+            "REQUIREMENTS_SUBTECHNIQUES",
             "CHECKID",
             "STATUS",
             "REGION",
             "ACCOUNTID",
             "RESOURCEID",
         ]
-    ]
+    ].copy()
 
-    return get_section_containers_format4(aux, "REQUIREMENTS_ID")
+    return get_section_containers_format2(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_SUBTECHNIQUES"
+    )

dashboard/compliance/mitre_attack_gcp.py

@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format2
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_SUBTECHNIQUES",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ].copy()
-
-    return get_section_containers_format2(
-        aux, "REQUIREMENTS_ID", "REQUIREMENTS_SUBTECHNIQUES"
-    )

dashboard/compliance/pci_3_2_1_aws.py

@@ -1,6 +1,6 @@
 import warnings
 
-from dashboard.common_methods import get_section_containers_format4
+from dashboard.common_methods import get_section_containers_pci
 
 warnings.filterwarnings("ignore")
 
@@ -17,4 +17,4 @@ def get_table(data):
         ]
     ]
 
-    return get_section_containers_format4(aux, "REQUIREMENTS_ID")
+    return get_section_containers_pci(aux, "REQUIREMENTS_ID")

dashboard/config.py

@@ -28,6 +28,5 @@ informational_color = "#3274d9"
 folder_path_overview = os.getcwd() + "/output"
 folder_path_compliance = os.getcwd() + "/output/compliance"
 
+# Encoding
 encoding_format = "utf-8"
-# Error action, it is recommended to use "ignore" or "replace"
-error_action = "ignore"

dashboard/lib/layouts.py

@@ -11,7 +11,6 @@ def create_layout_overview(
     service_dropdown: html.Div,
     table_row_dropdown: html.Div,
     status_dropdown: html.Div,
-    table_div_header: html.Div,
 ) -> html.Div:
     """
     Create the layout of the dashboard.
@@ -41,7 +40,7 @@ def create_layout_overview(
                     html.Div([account_dropdown], className=""),
                     html.Div([region_dropdown], className=""),
                 ],
-                className="grid gap-x-4 mt-[30px] mb-[30px] sm:grid-cols-2 lg:grid-cols-3",
+                className="grid gap-x-4 gap-y-4 sm:grid-cols-2 lg:grid-cols-3 lg:gap-y-0",
             ),
             html.Div(
                 [
@@ -49,7 +48,7 @@ def create_layout_overview(
                     html.Div([service_dropdown], className=""),
                     html.Div([status_dropdown], className=""),
                 ],
-                className="grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-3",
+                className="grid gap-x-4 gap-y-4 sm:grid-cols-2 lg:grid-cols-3 lg:gap-y-0",
             ),
             html.Div(
                 [
@@ -58,11 +57,11 @@ def create_layout_overview(
                     html.Div(className="flex", id="gcp_card", n_clicks=0),
                     html.Div(className="flex", id="k8s_card", n_clicks=0),
                 ],
-                className="grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-4",
+                className="grid gap-x-4 gap-y-4 sm:grid-cols-2 lg:grid-cols-4 lg:gap-y-0",
             ),
             html.H4(
                 "Count of Findings by severity",
-                className="text-prowler-stone-900 text-lg font-bold mb-[30px]",
+                className="text-prowler-stone-900 text-lg font-bold",
             ),
             html.Div(
                 [
@@ -79,7 +78,7 @@ def create_layout_overview(
                         id="line_plot",
                     ),
                 ],
-                className="grid gap-x-4 grid-cols-12 mb-[30px]",
+                className="grid gap-x-4 gap-y-4 grid-cols-12 lg:gap-y-0",
             ),
             html.Div(
                 [
@@ -106,10 +105,9 @@ def create_layout_overview(
                 ],
                 className="flex justify-between items-center",
             ),
-            table_div_header,
             html.Div(id="table", className="grid"),
         ],
-        className="grid gap-x-8 2xl:container mx-auto",
+        className="grid gap-x-8 gap-y-8 2xl:container mx-auto",
     )
 
 

dashboard/pages/compliance.py

@@ -16,7 +16,6 @@ from dash.dependencies import Input, Output
 # Config import
 from dashboard.config import (
     encoding_format,
-    error_action,
     fail_color,
     folder_path_compliance,
     info_color,
@@ -30,7 +29,6 @@ from dashboard.lib.dropdowns import (
     create_region_dropdown_compliance,
 )
 from dashboard.lib.layouts import create_layout_compliance
-from prowler.lib.logger import logger
 
 # Suppress warnings
 warnings.filterwarnings("ignore")
@@ -40,16 +38,11 @@ warnings.filterwarnings("ignore")
 
 csv_files = []
 for file in glob.glob(os.path.join(folder_path_compliance, "*.csv")):
-    try:
-        with open(
-            file, "r", newline="", encoding=encoding_format, errors=error_action
-        ) as csvfile:
-            reader = csv.reader(csvfile)
-            num_rows = sum(1 for row in reader)
-            if num_rows > 1:
-                csv_files.append(file)
-    except UnicodeDecodeError:
-        logger.error(f"Error decoding file: {file}")
+    with open(file, "r", newline="", encoding=encoding_format) as csvfile:
+        reader = csv.reader(csvfile)
+        num_rows = sum(1 for row in reader)
+        if num_rows > 1:
+            csv_files.append(file)
 
 
 def load_csv_files(csv_files):
@@ -57,7 +50,7 @@ def load_csv_files(csv_files):
     dfs = []
     results = []
     for file in csv_files:
-        df = pd.read_csv(file, sep=";", on_bad_lines="skip", encoding=encoding_format)
+        df = pd.read_csv(file, sep=";", on_bad_lines="skip")
         if "CHECKID" in df.columns:
             dfs.append(df)
             result = file
@@ -245,9 +238,7 @@ def display_data(
         """Load CSV files into a single pandas DataFrame."""
         dfs = []
         for file in files:
-            df = pd.read_csv(
-                file, sep=";", on_bad_lines="skip", encoding=encoding_format
-            )
+            df = pd.read_csv(file, sep=";", on_bad_lines="skip")
             dfs.append(df.astype(str))
         return pd.concat(dfs, ignore_index=True)
 
@@ -272,7 +263,7 @@ def display_data(
     # Rename the column PROJECTID to ACCOUNTID for GCP
     if data.columns.str.contains("PROJECTID").any():
         data.rename(columns={"PROJECTID": "ACCOUNTID"}, inplace=True)
-        data["REGION"] = "-"
+
     # Rename the column SUBSCRIPTIONID to ACCOUNTID for Azure
     if data.columns.str.contains("SUBSCRIPTIONID").any():
         data.rename(columns={"SUBSCRIPTIONID": "ACCOUNTID"}, inplace=True)
@@ -474,7 +465,7 @@ def display_data(
     overall_status_result_graph = get_graph(pie_1, "Overall Status Result")
 
     security_level_graph = get_graph(
-        pie_2, f"Top 5 failed {current_filter} by requirements"
+        pie_2, f"Top 5 failed {current_filter} by findings"
     )
 
     return (

dashboard/src/input.css

@@ -8,6 +8,10 @@
 @tailwind components;
 @tailwind utilities;
 
+#_dash-app-content {
+  @apply bg-prowler-stone-500;
+}
+
 @layer components {
   .custom-grid {
     grid-template-columns: minmax(0, 16fr) repeat(11, minmax(0, 11fr));
@@ -16,24 +20,6 @@
   .custom-grid-large {
     grid-template-columns: minmax(0, 10fr) repeat(11, minmax(0, 11fr));
   }
-}
-
-@layer utilities {
-  /* Hide scrollbar for Chrome, Safari and Opera */
-  .no-scrollbar::-webkit-scrollbar {
-    display: none;
-  }
-  /* Hide scrollbar for IE, Edge and Firefox */
-  .no-scrollbar {
-    -ms-overflow-style: none; /* IE and Edge */
-    scrollbar-width: none; /* Firefox */
-  }
-}
-
-#_dash-app-content {
-  @apply bg-prowler-stone-500;
-}
-
 /* Styles for the accordion in the compliance page */
 #_dash-app-content .accordion .accordion-header .accordion-button {
   @apply text-prowler-stone-900 inline-block px-4 text-xs font-bold uppercase transition-all rounded-lg bg-prowler-stone-300 hover:bg-prowler-stone-900/10;
@@ -43,10 +29,6 @@
   @apply text-prowler-stone-900 bg-prowler-white rounded-lg;
 }
 
-#_dash-app-content .accordion .accordion-collapse.collapse {
-  @apply visible
-}
-
 #_dash-app-content .accordion .accordion-button:not(.collapsed) {
   @apply text-prowler-stone-900 bg-prowler-stone-500;
 }
@@ -117,6 +99,14 @@
   @apply absolute right-6 top-2 w-auto h-8 z-50;
 }
 
-.overview-table .card .collapse {
- @apply visible
-}
+@layer utilities {
+  /* Hide scrollbar for Chrome, Safari and Opera */
+  .no-scrollbar::-webkit-scrollbar {
+    display: none;
+  }
+  /* Hide scrollbar for IE, Edge and Firefox */
+  .no-scrollbar {
+    -ms-overflow-style: none; /* IE and Edge */
+    scrollbar-width: none; /* Firefox */
+  }
+}

dashboard/tailwind.config.js

@@ -1,9 +1,11 @@
 /** @type {import('tailwindcss').Config} */
 module.exports = {
   content: [
-    "*.{py,html,js}",
-    "./**/*.{py,html,js}",
-    "./**/**/*.{py,html,js}",
+    "./assets/**/*.{py,html,js}",
+    "./components/**/*.{py,html,js}",
+    "./pages/**/*.{py,html,js}",
+    "./utils/**/*.{py,html,js}",
+    "./app.py",
   ],
   theme: {
     extend: {

docs/developer-guide/checks.md

@@ -120,42 +120,6 @@ All the checks MUST fill the `report.region` with the following criteria:
 - If the audited resource is regional use the `region` (the name changes depending on the provider: `location` in Azure and GCP and `namespace` in K8s) attribute within the resource object.
 - If the audited resource is global use the `service_client.region` within the service client object.
 
-### Check Severity
-
-The severity of the checks are defined in the metadata file with the `Severity` field. The severity is always in lowercase and can be one of the following values:
-
-- `critical`
-- `high`
-- `medium`
-- `low`
-- `informational`
-
-You may need to change it in the check's code if the check has different scenarios that could change the severity. This can be done by using the `report.check_metadata.Severity` attribute:
-
-```python
-if <valid for more than 6 months>:
-    report.status = "PASS"
-    report.check_metadata.Severity = "informational"
-    report.status_extended = f"RDS Instance {db_instance.id} certificate has over 6 months of validity left."
-elif <valid for more than 3 months>:
-    report.status = "PASS"
-    report.check_metadata.Severity = "low"
-    report.status_extended = f"RDS Instance {db_instance.id} certificate has between 3 and 6 months of validity."
-elif <valid for more than 1 month>:
-    report.status = "FAIL"
-    report.check_metadata.Severity = "medium"
-    report.status_extended = f"RDS Instance {db_instance.id} certificate less than 3 months of validity."
-elif <valid for less than 1 month>:
-    report.status = "FAIL"
-    report.check_metadata.Severity = "high"
-    report.status_extended = f"RDS Instance {db_instance.id} certificate less than 1 month of validity."
-else:
-    report.status = "FAIL"
-    report.check_metadata.Severity = "critical"
-    report.status_extended = (
-        f"RDS Instance {db_instance.id} certificate has expired."
-    )
-```
 ### Resource ID, Name and ARN
 All the checks MUST fill the `report.resource_id` and `report.resource_arn` with the following criteria:
 

docs/developer-guide/introduction.md

@@ -44,8 +44,6 @@ Before we merge any of your pull requests we pass checks to the code, we use the
 
 You can see all dependencies in file `pyproject.toml`.
 
-Moreover, you would need to install [`TruffleHog`](https://github.com/trufflesecurity/trufflehog) to check for secrets in the code. You can install it using the official installation guide [here](https://github.com/trufflesecurity/trufflehog?tab=readme-ov-file#floppy_disk-installation).
-
 ## Pull Request Checklist
 
 If you create or review a PR in https://github.com/prowler-cloud/prowler please follow this checklist:

docs/developer-guide/services.md

@@ -225,10 +225,10 @@ Each Prowler service requires a service client to use the service in the checks.
 The following is the `<new_service_name>_client.py` containing the initialization of the service's class we have just created so the service's checks can use them:
 
 ```python
-from prowler.providers.common.provider import Provider
+from prowler.providers.common.common import get_global_provider
 from prowler.providers.<provider>.services.<new_service_name>.<new_service_name>_service import <Service>
 
-<new_service_name>_client = <Service>(Provider.get_global_provider())
+<new_service_name>_client = <Service>(get_global_provider())
 ```
 
 ## Permissions

docs/developer-guide/unit-testing.md

@@ -115,7 +115,7 @@ class Test_iam_password_policy_uppercase:
     # Prowler for AWS uses a shared object called aws_provider where it stores
     # the info related with the provider
     with mock.patch(
-        "prowler.providers.common.provider.Provider.get_global_provider",
+        "prowler.providers.common.common.get_global_provider",
         return_value=aws_provider,
     ),
     # We have to mock also the iam_client from the check to enforce that the iam_client used is the one
@@ -191,6 +191,9 @@ class Test_iam_password_policy_uppercase:
         expiration=True,
     )
 
+    # We set a mocked aws_provider to unify providers, this way will isolate each test not to step on other tests configuration
+    aws_provider = set_mocked_aws_provider([AWS_REGION_US_EAST_1])
+
     # In this scenario we have to mock also the IAM service and the iam_client from the check to enforce    # that the iam_client used is the one created within this check because patch != import, and if you     # execute tests in parallel some objects can be already initialised hence the check won't be isolated.
     # In this case we don't use the Moto decorator, we use the mocked IAM client for both objects
     with mock.patch(
@@ -313,7 +316,7 @@ If the test your are creating belongs to a check that uses more than one provide
 
 ```python
 with mock.patch(
-    "prowler.providers.common.provider.Provider.get_global_provider",
+    "prowler.providers.common.common.get_global_provider",
     return_value=set_mocked_aws_provider(
         [AWS_REGION_US_EAST_1, AWS_REGION_EU_WEST_1]
     ),
@@ -344,10 +347,10 @@ from prowler.providers.<provider>.services.<service>.<service>_client import <se
 ```
 2. `<service>_client.py`:
 ```python
-from prowler.providers.common.provider import Provider
+from prowler.providers.common.common import get_global_provider
 from prowler.providers.<provider>.services.<service>.<service>_service import <SERVICE>
 
-<service>_client = <SERVICE>(Provider.get_global_provider())
+<service>_client = <SERVICE>(mocked_provider)
 ```
 
 Due to the above import path it's not the same to patch the following objects because if you run a bunch of tests, either in parallel or not, some clients can be already instantiated by another check, hence your test execution will be using another test's service instance:
@@ -368,7 +371,7 @@ Mocking a service client using the following code ...
 Once the needed attributes are set for the mocked provider, you can use the mocked provider:
 ```python title="Mocking the service_client"
 with mock.patch(
-    "prowler.providers.common.provider.Provider.get_global_provider",
+    "prowler.providers.common.common.get_global_provider",
     new=set_mocked_aws_provider([<region>]),
 ), mock.patch(
     "prowler.providers.<provider>.services.<service>.<check>.<check>.<service>_client",
@@ -390,7 +393,7 @@ Mocking a service client using the following code ...
 
 ```python title="Mocking the service and the service_client"
 with mock.patch(
-    "prowler.providers.common.provider.Provider.get_global_provider",
+    "prowler.providers.common.common.get_global_provider",
     new=set_mocked_aws_provider([<region>]),
 ), mock.patch(
     "prowler.providers.<provider>.services.<service>.<SERVICE>",
@@ -447,7 +450,7 @@ class Test_compute_project_os_login_enabled:
         # In this scenario we have to mock the app_client from the check to enforce that the compute_client used is the one created above
         # And also is mocked the return value of get_global_provider function to return our GCP mocked provider defined in fixtures
         with mock.patch(
-            "prowler.providers.common.provider.Provider.get_global_provider",
+            "prowler.providers.common.common.get_global_provider",
             return_value=set_mocked_gcp_provider(),
         ), mock.patch(
             "prowler.providers.gcp.services.compute.compute_project_os_login_enabled.compute_project_os_login_enabled.compute_client",
@@ -487,7 +490,7 @@ class Test_compute_project_os_login_enabled:
         compute_client.projects = [project]
 
         with mock.patch(
-            "prowler.providers.common.provider.Provider.get_global_provider",
+            "prowler.providers.common.common.get_global_provider",
             return_value=set_mocked_gcp_provider(),
         ), mock.patch(
             "prowler.providers.gcp.services.compute.compute_project_os_login_enabled.compute_project_os_login_enabled.compute_client",
@@ -655,7 +658,7 @@ class Test_app_ensure_http_is_redirected_to_https:
         # In this scenario we have to mock the app_client from the check to enforce that the app_client used is the one created above
         # And also is mocked the return value of get_global_provider function to return our Azure mocked provider defined in fixtures
         with mock.patch(
-            "prowler.providers.common.provider.Provider.get_global_provider",
+            "prowler.providers.common.common.get_global_provider",
             return_value=set_mocked_azure_provider(),
         ), mock.patch(
             "prowler.providers.azure.services.app.app_ensure_http_is_redirected_to_https.app_ensure_http_is_redirected_to_https.app_client",
@@ -705,7 +708,7 @@ class Test_app_ensure_http_is_redirected_to_https:
         app_client = mock.MagicMock
 
         with mock.patch(
-            "prowler.providers.common.provider.Provider.get_global_provider",
+            "prowler.providers.common.common.get_global_provider",
             return_value=set_mocked_azure_provider(),
         ), mock.patch(
             "prowler.providers.azure.services.app.app_ensure_http_is_redirected_to_https.app_ensure_http_is_redirected_to_https.app_client",

docs/img/ProwlerPro-icon.svg

@@ -0,0 +1 @@
+<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 240.29 285.79"><defs><style>.cls-1{fill:url(#linear-gradient);}.cls-2{fill:#71be44;}</style><linearGradient id="linear-gradient" x1="157.45" y1="97.85" x2="211.7" y2="97.85" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#5a9b37"/><stop offset="1" stop-color="#71be44"/></linearGradient></defs><circle class="cls-1" cx="148.2" cy="97.85" r="67.45"/><path class="cls-2" d="M66.28,30.4H148.2a0,0,0,0,1,0,0V185.35a81.93,81.93,0,0,1-81.93,81.93h0a0,0,0,0,1,0,0V30.4A0,0,0,0,1,66.28,30.4Z"/></svg>

docs/index.md

@@ -90,8 +90,6 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),
     poetry install
     python prowler.py -v
     ```
-    ???+ note
-        If you want to clone Prowler from Windows, use `git config core.longpaths true` to allow long file paths.
 
 === "Amazon Linux 2"
 
@@ -189,6 +187,7 @@ You can run Prowler from your workstation, a Kubernetes Job, a Google Compute En
 
 We have deprecated some of our outputs formats:
 
+- The HTML is replaced for the new Prowler Dashboard, run `prowler dashboard`.
 - The native JSON is replaced for the JSON [OCSF](https://schema.ocsf.io/) v1.1.0, common for all the providers.
 
 ### AWS
@@ -323,20 +322,17 @@ For non in-cluster execution, you can provide the location of the KubeConfig fil
 ```console
 prowler kubernetes --kubeconfig-file path
 ```
-???+ note
-    If no `--kubeconfig-file` is provided, Prowler will use the default KubeConfig file location (`~/.kube/config`).
 
-For in-cluster execution, you can use the supplied yaml to run Prowler as a job within a new Prowler namespace:
+For in-cluster execution, you can use the supplied yaml to run Prowler as a job:
 ```console
 kubectl apply -f kubernetes/job.yaml
 kubectl apply -f kubernetes/prowler-role.yaml
 kubectl apply -f kubernetes/prowler-rolebinding.yaml
-kubectl get pods --namespace prowler-ns --> prowler-XXXXX
-kubectl logs prowler-XXXXX --namespace prowler-ns
+kubectl get pods --> prowler-XXXXX
+kubectl logs prowler-XXXXX
 ```
 
-???+ note
-    By default, `prowler` will scan all namespaces in your active Kubernetes context. Use the flag `--context` to specify the context to be scanned and `--namespaces` to specify the namespaces to be scanned.
+> By default, `prowler` will scan all namespaces in your active Kubernetes context, use flag `--context` to specify the context to be scanned and `--namespaces` to specify the namespaces to be scanned.
 
 ## Prowler v2 Documentation
 For **Prowler v2 Documentation**, please check it out [here](https://github.com/prowler-cloud/prowler/blob/8818f47333a0c1c1a457453c87af0ea5b89a385f/README.md).

docs/tutorials/aws/v2_to_v3_checks_mapping.md

@@ -1,6 +1,6 @@
 # Check mapping between Prowler v4/v3 and v2
 
-Prowler v3 and v4 comes with different identifiers but we maintained the same checks that were implemented in v2. The reason for this change is because in previous versions of Prowler, check names were mostly based on CIS Benchmark for AWS. In v4 and v3 all checks are independent from any security framework and they have its own name and ID.
+Prowler v3 comes with different identifiers but we maintained the same checks that were implemented in v2. The reason for this change is because in previous versions of Prowler, check names were mostly based on CIS Benchmark for AWS. In v4 and v3 all checks are independent from any security framework and they have its own name and ID.
 
 If you need more information about how new compliance implementation works in Prowler v4 and v3 see [Compliance](../compliance.md) section.
 
@@ -95,8 +95,7 @@ checks_v4_v3_to_v2_mapping = {
     "ec2_networkacl_allow_ingress_any_port": "extra7138",
     "ec2_networkacl_allow_ingress_tcp_port_22": "check45",
     "ec2_networkacl_allow_ingress_tcp_port_3389": "check46",
-    "ec2_securitygroup_allow_ingress_from_internet_to_all_ports": "extra748",
-    "ec2_securitygroup_allow_ingress_from_internet_to_any_port": "extra74",
+    "ec2_securitygroup_allow_ingress_from_internet_to_any_port": "extra748",
     "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018": "extra753",
     "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21": "extra7134",
     "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22": "check41",

docs/tutorials/configuration_file.md

@@ -39,9 +39,6 @@ The following list includes all the AWS checks with configurable variables that
 | `cloudtrail_threat_detection_enumeration`                      | `threat_detection_enumeration_entropy`      | Integer         |
 | `cloudtrail_threat_detection_enumeration`                      | `threat_detection_enumeration_minutes`      | Integer         |
 | `cloudtrail_threat_detection_enumeration`                      | `threat_detection_enumeration_actions`      | List of Strings         |
-| `rds_instance_backup_enabled`                                  | `check_rds_instance_replicas`      | Boolean        |
-| `ec2_securitygroup_allow_ingress_from_internet_to_any_port`    | `ec2_allowed_interface_types`      | List of Strings        |
-| `ec2_securitygroup_allow_ingress_from_internet_to_any_port`    | `ec2_allowed_instance_owners`      | List of Strings        |
 ## Azure
 
 ### Configurable Checks
@@ -98,18 +95,6 @@ aws:
   max_security_group_rules: 50
   # aws.ec2_instance_older_than_specific_days --> by default is 6 months (180 days)
   max_ec2_instance_age_in_days: 180
-  # aws.ec2_securitygroup_allow_ingress_from_internet_to_any_port
-  # allowed network interface types for security groups open to the Internet
-  ec2_allowed_interface_types:
-    [
-      "api_gateway_managed",
-      "vpc_endpoint",
-    ]
-  # allowed network interface owners for security groups open to the Internet
-  ec2_allowed_instance_owners:
-    [
-      "amazon-elb"
-    ]
 
   # AWS VPC Configuration (vpc_endpoint_connections_trust_boundaries, vpc_endpoint_services_allowed_principals_trust_boundaries)
   # Single account environment: No action required. The AWS account number will be automatically added by the checks.
@@ -224,7 +209,7 @@ aws:
     "UpdateFunctionCode",
     "UpdateJob",
     "UpdateLoginProfile",
-  ]
+]
   # aws.cloudtrail_threat_detection_enumeration
   threat_detection_enumeration_entropy: 0.7 # Percentage of actions found to decide if it is an enumeration attack event, by default is 0.7 (70%)
   threat_detection_enumeration_minutes: 1440 # Past minutes to search from now for enumeration attacks, by default is 1440 minutes (24 hours)
@@ -319,11 +304,7 @@ aws:
     "ListUsers",
     "LookupEvents",
     "Search",
-  ]
-
-  # aws.rds_instance_backup_enabled
-  # Whether to check RDS instance replicas or not
-  check_rds_instance_replicas: False
+]
 
 # Azure Configuration
 azure:

docs/tutorials/custom-checks-metadata.md

@@ -11,18 +11,6 @@ You can utilize `--custom-checks-metadata-file` followed by the path to your cus
 The list of supported check's metadata fields that can be override are listed as follows:
 
 - Severity
-- CheckTitle
-- Risk
-- RelatedUrl
-- Remediation
-  - Code
-    - CLI
-    - NativeIaC
-    - Other
-    - Terraform
-  - Recommendation
-    - Text
-    - Url
 
 ## File Syntax
 
@@ -33,85 +21,20 @@ CustomChecksMetadata:
     Checks:
       s3_bucket_level_public_access_block:
         Severity: high
-        CheckTitle: S3 Bucket Level Public Access Block
-        Description: This check ensures that the S3 bucket level public access block is enabled.
-        Risk: This check is important because it ensures that the S3 bucket level public access block is enabled.
-        RelatedUrl: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
-        Remediation:
-          Code:
-            CLI: aws s3api put-public-access-block --bucket <bucket-name> --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true
-            NativeIaC: https://aws.amazon.com/es/s3/features/block-public-access/
-            Other: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html
-            Terraform: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block
-          Recommendation:
-            Text: Enable the S3 bucket level public access block.
-            Url: https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html
       s3_bucket_no_mfa_delete:
         Severity: high
-        CheckTitle: S3 Bucket No MFA Delete
-        Description: This check ensures that the S3 bucket does not allow delete operations without MFA.
-        Risk: This check is important because it ensures that the S3 bucket does not allow delete operations without MFA.
-        RelatedUrl: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
-        Remediation:
-          Code:
-            CLI: aws s3api put-bucket-versioning --bucket <bucket-name> --versioning-configuration Status=Enabled
-            NativeIaC: https://aws.amazon.com/es/s3/features/versioning/
-            Other: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
-            Terraform: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning
-          Recommendation:
-            Text: Enable versioning on the S3 bucket.
-            Url: https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
   azure:
     Checks:
       storage_infrastructure_encryption_is_enabled:
         Severity: medium
-        CheckTitle: Storage Infrastructure Encryption Is Enabled
-        Description: This check ensures that storage infrastructure encryption is enabled.
-        Risk: This check is important because it ensures that storage infrastructure encryption is enabled.
-        RelatedUrl: https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
-        Remediation:
-          Code:
-            CLI: az storage account update --name <storage-account-name> --resource-group <resource-group-name> --set properties.encryption.services.blob.enabled=true properties.encryption.services.file.enabled=true properties.encryption.services.queue.enabled=true properties.encryption.services.table.enabled=true
-            NativeIaC: https://docs.microsoft.com/en-us/azure/templates/microsoft.storage/storageaccounts
-            Other: https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
-            Terraform: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account
-          Recommendation:
-            Text: Enable storage infrastructure encryption.
-            Url: https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
   gcp:
     Checks:
       compute_instance_public_ip:
         Severity: critical
-        CheckTitle: Compute Instance Public IP
-        Description: This check ensures that the compute instance does not have a public IP.
-        Risk: This check is important because it ensures that the compute instance does not have a public IP.
-        RelatedUrl: https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address
-        Remediation:
-          Code:
-            CLI: https://docs.prowler.com/checks/gcp/google-cloud-public-policies/bc_gcp_public_2#cli-command
-            NativeIaC: https://cloud.google.com/compute/docs/reference/rest/v1/instances
-            Other: https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address
-            Terraform: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance
-          Recommendation:
-            Text: Remove the public IP from the compute instance.
-            Url: https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address
   kubernetes:
     Checks:
       apiserver_anonymous_requests:
         Severity: low
-        CheckTitle: APIServer Anonymous Requests
-        Description: This check ensures that anonymous requests to the APIServer are disabled.
-        Risk: This check is important because it ensures that anonymous requests to the APIServer are disabled.
-        RelatedUrl: https://kubernetes.io/docs/reference/access-authn-authz/authentication/
-        Remediation:
-          Code:
-            CLI: --anonymous-auth=false
-            NativeIaC: https://docs.prowler.com/checks/kubernetes/kubernetes-policy-index/ensure-that-the-anonymous-auth-argument-is-set-to-false-1#kubernetes
-            Other: https://kubernetes.io/docs/reference/access-authn-authz/authentication/
-            Terraform: https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/cluster_role_binding
-          Recommendation:
-            Text: Disable anonymous requests to the APIServer.
-            Url: https://kubernetes.io/docs/reference/access-authn-authz/authentication/
 ```
 
 ## Usage

docs/tutorials/dashboard.md

@@ -6,7 +6,7 @@ prowler dashboard
 ```
 ???+ note
     You can expose the `dashboard` server in another address using the `HOST` environment variable.
-
+    
 To run Prowler local dashboard with Docker, use:
 
 ```sh
@@ -15,7 +15,7 @@ docker run --env HOST=0.0.0.0 --publish 127.0.0.1:11666:11666 toniblyx/prowler:l
 
 ???+ note
     **Remember that the `dashboard` server is not authenticated, if you expose it to the internet, you are running it at your own risk.**
-
+    
 The banner and additional info about the dashboard will be shown on your console:
 <img src="../img/dashboard/dashboard-banner.png">
 
@@ -27,20 +27,10 @@ The overview page provides a full impression of your findings obtained from Prow
 
 In this page you can do multiple functions:
 
-* Apply filters:
-    * Assesment Date
-    * Account
-    * Region
-    * Severity
-    * Service
-    * Status
+* Apply filters (Assessment Date / Account / Region)
 * See wich files has been scanned to generate the dashboard placing your mouse on the `?` icon:
     <img src="../img/dashboard/dashboard-files-scanned.png">
-* Download the `Top Findings by Severity` table using the button `DOWNLOAD THIS TABLE AS CSV` or `DOWNLOAD THIS TABLE AS XLSX`
-* Click on the provider cards to filter by provider.
-* On the dropdowns under `Top Findings by Severity` you can apply multiple sorts to see the information, also you will get a detailed view of each finding using the dropdowns:
-<img src="../img/dashboard/dropdown.png">
-
+* Download the `Top 25 Failed Findings by Severity` table using the button `DOWNLOAD THIS TABLE AS CSV`
 
 ## Compliance Page
 
@@ -94,9 +84,6 @@ Prowler will use the outputs from the folder `/output` (for common prowler outpu
 
 To change the path modify the values `folder_path_overview` or `folder_path_compliance` from `/dashboard/config.py`
 
-???+ note
-    If you have any issue related with dashboards, check that the output path where the dashboard is getting the outputs is correct.
-
 ## Output Support
 
 Prowler dashboard supports the detailed outputs:

docs/tutorials/fixer.md

@@ -1,4 +1,4 @@
-# Prowler Fixer (remediation)
+# Prowler Fixer
 Prowler allows you to fix some of the failed findings it identifies. You can use the `--fixer` flag to run the fixes that are available for the checks that failed.
 
 ```sh
@@ -8,10 +8,10 @@ prowler <provider> -c <check_to_fix_1> <check_to_fix_2> ... --fixer
 <img src="../img/fixer.png">
 
 ???+ note
-    You can see all the available fixes for each provider with the `--list-remediations` or `--list-fixers flag.
+    You can see all the available fixes for each provider with the `--list-fixers` flag.
 
     ```sh
-    prowler <provider> --list-fixers
+    prowler <provider> --list-fixer
     ```
 
 ## Writing a Fixer

docs/tutorials/gcp/authentication.md

@@ -24,23 +24,3 @@ Prowler will follow the same credentials search as [Google authentication librar
 3. [The attached service account, returned by the metadata server](https://cloud.google.com/docs/authentication/application-default-credentials#attached-sa)
 
 Those credentials must be associated to a user or service account with proper permissions to do all checks. To make sure, add the `Viewer` role to the member associated with the credentials.
-
-# GCP Service APIs
-
-Prowler will use the Google Cloud APIs to get the information needed to perform the checks. Make sure that the following APIs are enabled in the project:
-
-- apikeys.googleapis.com
-- artifactregistry.googleapis.com
-- bigquery.googleapis.com
-- sqladmin.googleapis.com
-- storage.googleapis.com
-- compute.googleapis.com
-- dataproc.googleapis.com
-- dns.googleapis.com
-- containerregistry.googleapis.com
-- container.googleapis.com
-- iam.googleapis.com
-- cloudkms.googleapis.com
-- logging.googleapis.com
-
-You can enable them automatically using our script [enable_apis_in_projects.sh](https://github.com/prowler-cloud/prowler/blob/master/contrib/gcp/enable_apis_in_projects.sh)

docs/tutorials/gcp/projects.md

@@ -18,11 +18,11 @@ prowler gcp --project-ids project-id1 project-id2
 
 ### Exclude Projects
 
-If you want to exclude some projects from the scan, you can use the `--excluded-project-ids` argument.
+If you want to exclude some projects from the scan, you can use the `--exclude-project-ids` argument.
 
 ```console
-prowler gcp --excluded-project-ids project-id1 project-id2
+prowler gcp --exclude-project-ids project-id1 project-id2
 ```
 
 ???+ note
-    You can use asterisk `*` to exclude projects that match a pattern. For example, `prowler gcp --excluded-project-ids "sys*"` will exclude all the projects that start with `sys`.
+    You can use asterisk `*` to exclude projects that match a pattern. For example, `prowler gcp --exclude-project-ids "sys*"` will exclude all the projects that start with `sys`.

docs/tutorials/integrations.md

@@ -11,7 +11,7 @@ prowler <provider> --slack
 ![Prowler Slack Message](img/slack-prowler-message.png)
 
 ???+ note
-    Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_NAME environment variables.
+    Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_ID environment variables.
 
 ### Configuration
 
@@ -35,4 +35,4 @@ To configure the Slack Integration, follow the next steps:
 
 4. Set the following environment variables that Prowler will read:
     - `SLACK_API_TOKEN`: the *Slack App OAuth Token* that was previously get.
-    - `SLACK_CHANNEL_NAME`: the name of your Slack Channel where Prowler will send the message.
+    - `SLACK_CHANNEL_ID`: the name of your Slack Channel where Prowler will send the message.

docs/tutorials/mutelist.md

@@ -116,7 +116,7 @@ If you want to mute failed findings only in specific regions, create a file with
 
 ### Default Mutelist
 For the AWS Provider, Prowler is executed with a default AWS Mutelist with the AWS Resources that should be muted such as all resources created by AWS Control Tower when setting up a landing zone that can be found in [AWS Documentation](https://docs.aws.amazon.com/controltower/latest/userguide/shared-account-resources.html).
-You can see this Mutelist file in [`prowler/config/aws_mutelist.yaml`](https://github.com/prowler-cloud/prowler/blob/master/prowler/config/aws_mutelist.yaml).
+You can see this Mutelist file in [`prowler/config/aws_mutelist.yaml`](https://github.com/prowler-cloud/prowler/blob/master/prowler/config/aws_allowlist.yaml).
 
 ### Supported Mutelist Locations
 

docs/tutorials/pentesting.md

@@ -8,12 +8,11 @@ Prowler uses `detect-secrets` library to search for any secrets that are stores
 
 The actual checks that have this functionality are:
 
-- autoscaling_find_secrets_ec2_launch_configuration
+1. autoscaling_find_secrets_ec2_launch_configuration
 - awslambda_function_no_secrets_in_code
 - awslambda_function_no_secrets_in_variables
 - cloudformation_stack_outputs_find_secrets
 - ec2_instance_secrets_user_data
-- ec2_launch_template_no_secrets
 - ecs_task_definitions_no_environment_secrets
 - ssm_document_secrets
 
@@ -32,7 +31,6 @@ Several checks analyse resources that are exposed to the Internet, these are:
 - ec2_ami_public
 - ec2_ebs_public_snapshot
 - ec2_instance_internet_facing_with_instance_profile
-- ec2_instance_port_X_exposed_to_internet (where X is the port number)
 - ec2_instance_public_ip
 - ec2_networkacl_allow_ingress_any_port
 - ec2_securitygroup_allow_wide_open_public_ipv4

docs/tutorials/reporting.md

@@ -3,7 +3,7 @@
 By default, Prowler will generate the CSV and JSON-[OCSF](https://schema.ocsf.io/) report.
 
 ```console
-prowler <provider> -M csv json-ocsf json-asff html
+prowler <provider> -M csv json-ocsf json-asff
 ```
 
 If you want to generate the JSON-ASFF (used by AWS Security Hub) report you can set it using the `-M/--output-modes/--output-formats`, like:
@@ -43,7 +43,6 @@ Prowler supports natively the following output formats:
 - CSV
 - JSON-OCSF
 - JSON-ASFF
-- HTML
 
 Hereunder is the structure for each of the supported report formats by Prowler:
 
@@ -93,25 +92,8 @@ The CSV format has a common format for all the providers. The following are the
 - NOTES
 - PROWLER_VERSION
 
-#### CSV Headers Mapping
-
-The following table shows the mapping between the CSV headers and the the providers fields:
-
-| Open Source Consolidated    | AWS                         | GCP                          | AZURE                       | KUBERNETES                 |
-|-----------------------------|-----------------------------|------------------------------|-----------------------------|----------------------------|
-| auth_method                 | profile                     | principal                    | identity_type : identity_id | in-cluster/kube-config     |
-| provider                    | provider                    | provider                     | provider                    | provider                   |
-| account_uid                 | account_id / account_arn    | project_id                   | subscription_id             | cluster                    |
-| account_name                | account_name                | project_name                 | subscription_name           | context:context            |
-| account_email               | account_email               | N/A                          | N/A                         | N/A                        |
-| account_organization_uid    | account_organizations_arn   | project_organization_id      | tenant_id                   | N/A                        |
-| account_organization_name   | account_org                 | project_organization_display_name | tenant_domain          | N/A                        |
-| account_tags                | account_tags                | project_labels               | subscription_tags           | N/A                        |
-| partition                   | partition                   | N/A                          | region_config.name          | N/A                        |
-| region                      | region                      | location                     | location                    | namespace:namespace        |
-| resource_name               | resource_id                 | resource_name                | resource_name               | resource_name              |
-| resource_uid                | resource_arn                | resource_id                  | resource_id                 | resource_id                |
-| finding_uid                 | finding_unique_id           | finding_unique_id            | finding_unique_id           | finding_unique_id          |
+???+ note
+    Since Prowler v3 the CSV column delimiter is the semicolon (`;`)
 
 
 ### JSON-OCSF
@@ -125,7 +107,7 @@ The JSON-OCSF output format implements the [Detection Finding](https://schema.oc
         "product": {
             "name": "Prowler",
             "vendor_name": "Prowler",
-            "version": "4.2.1"
+            "version": "4.1.0"
         },
         "version": "1.1.0"
     },
@@ -312,16 +294,14 @@ The following code is an example output of the [JSON-ASFF](https://docs.aws.amaz
 ???+ note
     Each finding is a `json` object within a list.
 
-### HTML
-
-The following image is an example of the HTML output:
-
-<img src="../img/reporting/html-output.png">
 
 ## V4 Deprecations
 
 Some deprecations have been made to unify formats and improve outputs.
 
+### HTML
+
+HTML output format has been deprecated in favor of the new dashboard, use it with `prowler dashboard`. You can read more about it at [here](dashboard.md).
 
 ### JSON
 
@@ -333,7 +313,7 @@ The following is the mapping between the native JSON and the Detection Finding f
 | --- |---|
 | AssessmentStartTime | event_time |
 | FindingUniqueId | finding_info.uid |
-| Provider | cloud.provider |
+| Provider | cloud.account.type |
 | CheckID | metadata.event_code |
 | CheckTitle | finding_info.title |
 | CheckType | unmapped.check_type |

docs/tutorials/scan-unused-services.md

@@ -30,10 +30,9 @@ If EBS default encyption is not enabled, sensitive information at rest is not pr
 
   - `ec2_ebs_default_encryption`
 
-If your Security groups are not properly configured the attack surface is increased, nonetheless, Prowler will detect those security groups that are being used (they are attached) to only notify those that are being used. This logic applies to the 15 checks related to open ports in security groups and the check for the default security group.
+If your Security groups are not properly configured the attack surface is increased, nonetheless, Prowler will detect those security groups that are being used (they are attached) to only notify those that are being used. This logic applies to the 15 checks related to open ports in security groups.
 
   - `ec2_securitygroup_allow_ingress_from_internet_to_port_X` (15 checks)
-  - `ec2_securitygroup_default_restrict_traffic`
 
 Prowler will also check for used Network ACLs to only alerts those with open ports that are being used.
 
@@ -70,15 +69,3 @@ You should enable Public Access Block at the account level to prevent the exposu
 VPC Flow Logs provide visibility into network traffic that traverses the VPC and can be used to detect anomalous traffic or insight during security workflows. Nevertheless, Prowler will only check if the Flow Logs are enabled for those VPCs that are in use, in other words, only the VPCs where you have ENIs (network interfaces).
 
   - `vpc_flow_logs_enabled`
-
-VPC subnets must not have public IP addresses by default to prevent the exposure of your resources to the internet. Prowler will only check this configuration for those VPCs that are in use, in other words, only the VPCs where you have ENIs (network interfaces).
-
-  - `vpc_subnet_no_public_ip_by_default`
-
-VPCs should have separate private and public subnets to prevent the exposure of your resources to the internet. Prowler will only check this configuration for those VPCs that are in use, in other words, only the VPCs where you have ENIs (network interfaces).
-
-  - `vpc_subnet_separate_private_public`
-
-VPCs should have subnets in different availability zones to prevent a single point of failure. Prowler will only check this configuration for those VPCs that are in use, in other words, only the VPCs where you have ENIs (network interfaces).
-
-  - `vpc_subnet_different_az`

kubernetes/job.yaml

@@ -1,28 +1,13 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: prowler-ns
-
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: prowler-sa
-  namespace: prowler-ns
-
----
 apiVersion: batch/v1
 kind: Job
 metadata:
   name: prowler
-  namespace: prowler-ns
 spec:
   template:
     metadata:
       labels:
         app: prowler
     spec:
-      serviceAccountName: prowler-sa
       containers:
       - name: prowler
         image: toniblyx/prowler:stable

kubernetes/prowler-rolebinding.yaml

@@ -1,12 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: prowler-read-cluster-binding
+  name: prowler-read-cluster-default-sa
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: prowler-read-cluster
 subjects:
 - kind: ServiceAccount
-  name: prowler-sa
-  namespace: prowler-ns
+  name: default
+  namespace: default

mkdocs.yml

@@ -53,7 +53,7 @@ nav:
       - Reporting: tutorials/reporting.md
       - Compliance: tutorials/compliance.md
       - Dashboard: tutorials/dashboard.md
-      - Fixer (remediations): tutorials/fixer.md
+      - Fixer: tutorials/fixer.md
       - Quick Inventory: tutorials/quick-inventory.md
       - Slack Integration: tutorials/integrations.md
       - Configuration File: tutorials/configuration_file.md

permissions/create_role_to_assume_cfn.yaml

@@ -60,7 +60,6 @@ Resources:
                 - 'appstream:List*'
                 - 'codeartifact:List*'
                 - 'codebuild:BatchGet*'
-                - 'cognito-idp:GetUserPoolMfaConfig'
                 - 'dlm:Get*'
                 - 'ds:Get*'
                 - 'ds:Describe*'

permissions/prowler-additions-policy.json

@@ -10,7 +10,6 @@
         "cloudtrail:GetInsightSelectors",
         "codeartifact:List*",
         "codebuild:BatchGet*",
-        "cognito-idp:GetUserPoolMfaConfig",
         "dlm:Get*",
         "drs:Describe*",
         "ds:Get*",

poetry.lock

@@ -11,6 +11,23 @@ files = [
     {file = "about_time-4.2.1-py3-none-any.whl", hash = "sha256:8bbf4c75fe13cbd3d72f49a03b02c5c7dca32169b6d49117c257e7eb3eaee341"},
 ]
 
+[[package]]
+name = "adal"
+version = "1.2.7"
+description = "Note: This library is already replaced by MSAL Python, available here: https://pypi.org/project/msal/ .ADAL Python remains available here as a legacy. The ADAL for Python library makes it easy for python application to authenticate to Azure Active Directory (AAD) in order to access AAD protected web resources."
+optional = false
+python-versions = "*"
+files = [
+    {file = "adal-1.2.7-py2.py3-none-any.whl", hash = "sha256:2a7451ed7441ddbc57703042204a3e30ef747478eea022c70f789fc7f084bc3d"},
+    {file = "adal-1.2.7.tar.gz", hash = "sha256:d74f45b81317454d96e982fd1c50e6fb5c99ac2223728aea8764433a39f566f1"},
+]
+
+[package.dependencies]
+cryptography = ">=1.1.0"
+PyJWT = ">=1.0.0,<3"
+python-dateutil = ">=2.1.0,<3"
+requests = ">=2.0.0,<3"
+
 [[package]]
 name = "aiohttp"
 version = "3.9.5"
@@ -171,13 +188,13 @@ trio = ["trio (>=0.23)"]
 
 [[package]]
 name = "astroid"
-version = "3.2.2"
+version = "3.1.0"
 description = "An abstract syntax tree for Python with inference support."
 optional = false
 python-versions = ">=3.8.0"
 files = [
-    {file = "astroid-3.2.2-py3-none-any.whl", hash = "sha256:e8a0083b4bb28fcffb6207a3bfc9e5d0a68be951dd7e336d5dcf639c682388c0"},
-    {file = "astroid-3.2.2.tar.gz", hash = "sha256:8ead48e31b92b2e217b6c9733a21afafe479d52d6e164dd25fb1a770c7c3cf94"},
+    {file = "astroid-3.1.0-py3-none-any.whl", hash = "sha256:951798f922990137ac090c53af473db7ab4e70c770e6d7fae0cec59f74411819"},
+    {file = "astroid-3.1.0.tar.gz", hash = "sha256:ac248253bfa4bd924a0de213707e7ebeeb3138abeb48d798784ead1e56d419d4"},
 ]
 
 [package.dependencies]
@@ -417,19 +434,19 @@ azure-core = ">=1.26.2,<2.0.0"
 
 [[package]]
 name = "azure-mgmt-cosmosdb"
-version = "9.5.0"
+version = "9.4.0"
 description = "Microsoft Azure Cosmos DB Management Client Library for Python"
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.7"
 files = [
-    {file = "azure-mgmt-cosmosdb-9.5.0.tar.gz", hash = "sha256:5d21a197de08b3638e09ad88e32da211f7bb598b7d7cfee48d61d57d69b3edd9"},
-    {file = "azure_mgmt_cosmosdb-9.5.0-py3-none-any.whl", hash = "sha256:9abdcda0c973c3afe92adf52f9e8d2ede0576e7ade384efd3f4ccd36475ab1a3"},
+    {file = "azure-mgmt-cosmosdb-9.4.0.tar.gz", hash = "sha256:cabb821cd446b09e73d24c31c287a60fcc3623488f1ffa9335c692267e79c341"},
+    {file = "azure_mgmt_cosmosdb-9.4.0-py3-none-any.whl", hash = "sha256:8ce9ab58df018980c4cf8defb38022fa5f2a9dcbccdeb73e952374cbaff919c5"},
 ]
 
 [package.dependencies]
-azure-common = ">=1.1"
-azure-mgmt-core = ">=1.3.2"
-isodate = ">=0.6.1"
+azure-common = ">=1.1,<2.0"
+azure-mgmt-core = ">=1.3.2,<2.0.0"
+isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-mgmt-keyvault"
@@ -465,19 +482,19 @@ isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-mgmt-network"
-version = "25.4.0"
+version = "25.3.0"
 description = "Microsoft Azure Network Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "azure-mgmt-network-25.4.0.tar.gz", hash = "sha256:a338e62d81fdbf050f802143c28cb965b07edd43800ef0504cdfa6b8854d7554"},
-    {file = "azure_mgmt_network-25.4.0-py3-none-any.whl", hash = "sha256:ae30f9ff25c22e14e0394d432d7aebc06ac1c5bf4de24cf226972c12bd664035"},
+    {file = "azure-mgmt-network-25.3.0.tar.gz", hash = "sha256:dce2cafb1ae0e563e0b5efc537dc98a7c0ad824d4261e64bed75f788196dd5c6"},
+    {file = "azure_mgmt_network-25.3.0-py3-none-any.whl", hash = "sha256:87b5338d14c957bd3a28a5ec85fb74043749d1a16a48cd5978ef51c4a1036af3"},
 ]
 
 [package.dependencies]
-azure-common = ">=1.1"
-azure-mgmt-core = ">=1.3.2"
-isodate = ">=0.6.1"
+azure-common = ">=1.1,<2.0"
+azure-mgmt-core = ">=1.3.2,<2.0.0"
+isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-mgmt-rdbms"
@@ -497,35 +514,35 @@ msrest = ">=0.6.21"
 
 [[package]]
 name = "azure-mgmt-resource"
-version = "23.1.1"
+version = "23.0.1"
 description = "Microsoft Azure Resource Management Client Library for Python"
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.7"
 files = [
-    {file = "azure-mgmt-resource-23.1.1.tar.gz", hash = "sha256:20b6b006b544fdb19607f3f6a381105625e0bb60fbf3036f39885c4646d3343e"},
-    {file = "azure_mgmt_resource-23.1.1-py3-none-any.whl", hash = "sha256:fcaa4eca357d216f285b04e20b7f7bfaefda738ba6d30d956193090d3e325248"},
+    {file = "azure-mgmt-resource-23.0.1.zip", hash = "sha256:c2ba6cfd99df95f55f36eadc4245e3dc713257302a1fd0277756d94bd8cb28e0"},
+    {file = "azure_mgmt_resource-23.0.1-py3-none-any.whl", hash = "sha256:f185eec72bbc39f42bcb83ae6f1bad744f0e3f20a12d9b2b3e70d16c74ad9cc0"},
 ]
 
 [package.dependencies]
-azure-common = ">=1.1"
-azure-mgmt-core = ">=1.3.2"
-isodate = ">=0.6.1"
+azure-common = ">=1.1,<2.0"
+azure-mgmt-core = ">=1.3.2,<2.0.0"
+isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-mgmt-security"
-version = "7.0.0"
+version = "6.0.0"
 description = "Microsoft Azure Security Center Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "azure-mgmt-security-7.0.0.tar.gz", hash = "sha256:5912eed7e9d3758fdca8d26e1dc26b41943dc4703208a1184266e2c252e1ad66"},
-    {file = "azure_mgmt_security-7.0.0-py3-none-any.whl", hash = "sha256:85a6d8b7a5cd74884a548ed53fed034449f54a9989edd64e9020c5837db96933"},
+    {file = "azure-mgmt-security-6.0.0.tar.gz", hash = "sha256:ceafc1869899067110bd830c5cc98bc9b8f32d8ea840ca1f693b1a5f52a5f8b0"},
+    {file = "azure_mgmt_security-6.0.0-py3-none-any.whl", hash = "sha256:c88570003ac8138c59e6e549e2d8bb6a6c7057c496303d8c33392fdfe05f294c"},
 ]
 
 [package.dependencies]
-azure-common = ">=1.1"
-azure-mgmt-core = ">=1.3.2"
-isodate = ">=0.6.1"
+azure-common = ">=1.1,<2.0"
+azure-mgmt-core = ">=1.3.2,<2.0.0"
+isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-mgmt-sql"
@@ -593,23 +610,23 @@ isodate = ">=0.6.1,<1.0.0"
 
 [[package]]
 name = "azure-storage-blob"
-version = "12.20.0"
+version = "12.19.1"
 description = "Microsoft Azure Blob Storage Client Library for Python"
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.7"
 files = [
-    {file = "azure-storage-blob-12.20.0.tar.gz", hash = "sha256:eeb91256e41d4b5b9bad6a87fd0a8ade07dd58aa52344e2c8d2746e27a017d3b"},
-    {file = "azure_storage_blob-12.20.0-py3-none-any.whl", hash = "sha256:de6b3bf3a90e9341a6bcb96a2ebe981dffff993e9045818f6549afea827a52a9"},
+    {file = "azure-storage-blob-12.19.1.tar.gz", hash = "sha256:13e16ba42fc54ac2c7e8f976062173a5c82b9ec0594728e134aac372965a11b0"},
+    {file = "azure_storage_blob-12.19.1-py3-none-any.whl", hash = "sha256:c5530dc51c21c9564e4eb706cd499befca8819b10dd89716d3fc90d747556243"},
 ]
 
 [package.dependencies]
-azure-core = ">=1.28.0"
+azure-core = ">=1.28.0,<2.0.0"
 cryptography = ">=2.1.4"
 isodate = ">=0.6.1"
-typing-extensions = ">=4.6.0"
+typing-extensions = ">=4.3.0"
 
 [package.extras]
-aio = ["azure-core[aio] (>=1.28.0)"]
+aio = ["azure-core[aio] (>=1.28.0,<2.0.0)"]
 
 [[package]]
 name = "babel"
@@ -708,17 +725,17 @@ files = [
 
 [[package]]
 name = "boto3"
-version = "1.34.113"
+version = "1.34.94"
 description = "The AWS SDK for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "boto3-1.34.113-py3-none-any.whl", hash = "sha256:7e59f0a848be477a4c98a90e7a18a0e284adfb643f7879d2b303c5f493661b7a"},
-    {file = "boto3-1.34.113.tar.gz", hash = "sha256:009cd143509f2ff4c37582c3f45d50f28c95eed68e8a5c36641206bdb597a9ea"},
+    {file = "boto3-1.34.94-py3-none-any.whl", hash = "sha256:bbb87d641c73462e53b1777083b55c8f13921618ad08757478a8122985c56c13"},
+    {file = "boto3-1.34.94.tar.gz", hash = "sha256:22f65b3c9b7a419f8f39c2dddc421e14fab8cbb3bd8a9d467e874237d39f59b1"},
 ]
 
 [package.dependencies]
-botocore = ">=1.34.113,<1.35.0"
+botocore = ">=1.34.94,<1.35.0"
 jmespath = ">=0.7.1,<2.0.0"
 s3transfer = ">=0.10.0,<0.11.0"
 
@@ -727,13 +744,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"]
 
 [[package]]
 name = "botocore"
-version = "1.34.118"
+version = "1.34.94"
 description = "Low-level, data-driven core of boto 3."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "botocore-1.34.118-py3-none-any.whl", hash = "sha256:e3f6c5636a4394768e81e33a16f5c6ae7f364f512415d423f9b9dc67fc638df4"},
-    {file = "botocore-1.34.118.tar.gz", hash = "sha256:0a3d1ec0186f8b516deb39474de3d226d531f77f92a0f56ad79b80219db3ae9e"},
+    {file = "botocore-1.34.94-py3-none-any.whl", hash = "sha256:f00a79002e0cb9d6895ecd0919c506402850177d7b6c4d2634fa2da362d95bcb"},
+    {file = "botocore-1.34.94.tar.gz", hash = "sha256:99b11be9a28f9051af4c96fa121e9c3f22a86d499abd773c9e868b2a38961bae"},
 ]
 
 [package.dependencies]
@@ -997,65 +1014,76 @@ files = [
     {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"},
 ]
 
+[[package]]
+name = "contextlib2"
+version = "21.6.0"
+description = "Backports and enhancements for the contextlib module"
+optional = false
+python-versions = ">=3.6"
+files = [
+    {file = "contextlib2-21.6.0-py2.py3-none-any.whl", hash = "sha256:3fbdb64466afd23abaf6c977627b75b6139a5a3e8ce38405c5b413aed7a0471f"},
+    {file = "contextlib2-21.6.0.tar.gz", hash = "sha256:ab1e2bfe1d01d968e1b7e8d9023bc51ef3509bba217bb730cee3827e1ee82869"},
+]
+
 [[package]]
 name = "coverage"
-version = "7.5.3"
+version = "7.5.0"
 description = "Code coverage measurement for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "coverage-7.5.3-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:a6519d917abb15e12380406d721e37613e2a67d166f9fb7e5a8ce0375744cd45"},
-    {file = "coverage-7.5.3-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:aea7da970f1feccf48be7335f8b2ca64baf9b589d79e05b9397a06696ce1a1ec"},
-    {file = "coverage-7.5.3-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:923b7b1c717bd0f0f92d862d1ff51d9b2b55dbbd133e05680204465f454bb286"},
-    {file = "coverage-7.5.3-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:62bda40da1e68898186f274f832ef3e759ce929da9a9fd9fcf265956de269dbc"},
-    {file = "coverage-7.5.3-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d8b7339180d00de83e930358223c617cc343dd08e1aa5ec7b06c3a121aec4e1d"},
-    {file = "coverage-7.5.3-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:25a5caf742c6195e08002d3b6c2dd6947e50efc5fc2c2205f61ecb47592d2d83"},
-    {file = "coverage-7.5.3-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:05ac5f60faa0c704c0f7e6a5cbfd6f02101ed05e0aee4d2822637a9e672c998d"},
-    {file = "coverage-7.5.3-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:239a4e75e09c2b12ea478d28815acf83334d32e722e7433471fbf641c606344c"},
-    {file = "coverage-7.5.3-cp310-cp310-win32.whl", hash = "sha256:a5812840d1d00eafae6585aba38021f90a705a25b8216ec7f66aebe5b619fb84"},
-    {file = "coverage-7.5.3-cp310-cp310-win_amd64.whl", hash = "sha256:33ca90a0eb29225f195e30684ba4a6db05dbef03c2ccd50b9077714c48153cac"},
-    {file = "coverage-7.5.3-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:f81bc26d609bf0fbc622c7122ba6307993c83c795d2d6f6f6fd8c000a770d974"},
-    {file = "coverage-7.5.3-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:7cec2af81f9e7569280822be68bd57e51b86d42e59ea30d10ebdbb22d2cb7232"},
-    {file = "coverage-7.5.3-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:55f689f846661e3f26efa535071775d0483388a1ccfab899df72924805e9e7cd"},
-    {file = "coverage-7.5.3-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:50084d3516aa263791198913a17354bd1dc627d3c1639209640b9cac3fef5807"},
-    {file = "coverage-7.5.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:341dd8f61c26337c37988345ca5c8ccabeff33093a26953a1ac72e7d0103c4fb"},
-    {file = "coverage-7.5.3-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ab0b028165eea880af12f66086694768f2c3139b2c31ad5e032c8edbafca6ffc"},
-    {file = "coverage-7.5.3-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:5bc5a8c87714b0c67cfeb4c7caa82b2d71e8864d1a46aa990b5588fa953673b8"},
-    {file = "coverage-7.5.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:38a3b98dae8a7c9057bd91fbf3415c05e700a5114c5f1b5b0ea5f8f429ba6614"},
-    {file = "coverage-7.5.3-cp311-cp311-win32.whl", hash = "sha256:fcf7d1d6f5da887ca04302db8e0e0cf56ce9a5e05f202720e49b3e8157ddb9a9"},
-    {file = "coverage-7.5.3-cp311-cp311-win_amd64.whl", hash = "sha256:8c836309931839cca658a78a888dab9676b5c988d0dd34ca247f5f3e679f4e7a"},
-    {file = "coverage-7.5.3-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:296a7d9bbc598e8744c00f7a6cecf1da9b30ae9ad51c566291ff1314e6cbbed8"},
-    {file = "coverage-7.5.3-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:34d6d21d8795a97b14d503dcaf74226ae51eb1f2bd41015d3ef332a24d0a17b3"},
-    {file = "coverage-7.5.3-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8e317953bb4c074c06c798a11dbdd2cf9979dbcaa8ccc0fa4701d80042d4ebf1"},
-    {file = "coverage-7.5.3-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:705f3d7c2b098c40f5b81790a5fedb274113373d4d1a69e65f8b68b0cc26f6db"},
-    {file = "coverage-7.5.3-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b1196e13c45e327d6cd0b6e471530a1882f1017eb83c6229fc613cd1a11b53cd"},
-    {file = "coverage-7.5.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:015eddc5ccd5364dcb902eaecf9515636806fa1e0d5bef5769d06d0f31b54523"},
-    {file = "coverage-7.5.3-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:fd27d8b49e574e50caa65196d908f80e4dff64d7e592d0c59788b45aad7e8b35"},
-    {file = "coverage-7.5.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:33fc65740267222fc02975c061eb7167185fef4cc8f2770267ee8bf7d6a42f84"},
-    {file = "coverage-7.5.3-cp312-cp312-win32.whl", hash = "sha256:7b2a19e13dfb5c8e145c7a6ea959485ee8e2204699903c88c7d25283584bfc08"},
-    {file = "coverage-7.5.3-cp312-cp312-win_amd64.whl", hash = "sha256:0bbddc54bbacfc09b3edaec644d4ac90c08ee8ed4844b0f86227dcda2d428fcb"},
-    {file = "coverage-7.5.3-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:f78300789a708ac1f17e134593f577407d52d0417305435b134805c4fb135adb"},
-    {file = "coverage-7.5.3-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:b368e1aee1b9b75757942d44d7598dcd22a9dbb126affcbba82d15917f0cc155"},
-    {file = "coverage-7.5.3-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f836c174c3a7f639bded48ec913f348c4761cbf49de4a20a956d3431a7c9cb24"},
-    {file = "coverage-7.5.3-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:244f509f126dc71369393ce5fea17c0592c40ee44e607b6d855e9c4ac57aac98"},
-    {file = "coverage-7.5.3-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c4c2872b3c91f9baa836147ca33650dc5c172e9273c808c3c3199c75490e709d"},
-    {file = "coverage-7.5.3-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:dd4b3355b01273a56b20c219e74e7549e14370b31a4ffe42706a8cda91f19f6d"},
-    {file = "coverage-7.5.3-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:f542287b1489c7a860d43a7d8883e27ca62ab84ca53c965d11dac1d3a1fab7ce"},
-    {file = "coverage-7.5.3-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:75e3f4e86804023e991096b29e147e635f5e2568f77883a1e6eed74512659ab0"},
-    {file = "coverage-7.5.3-cp38-cp38-win32.whl", hash = "sha256:c59d2ad092dc0551d9f79d9d44d005c945ba95832a6798f98f9216ede3d5f485"},
-    {file = "coverage-7.5.3-cp38-cp38-win_amd64.whl", hash = "sha256:fa21a04112c59ad54f69d80e376f7f9d0f5f9123ab87ecd18fbb9ec3a2beed56"},
-    {file = "coverage-7.5.3-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:f5102a92855d518b0996eb197772f5ac2a527c0ec617124ad5242a3af5e25f85"},
-    {file = "coverage-7.5.3-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:d1da0a2e3b37b745a2b2a678a4c796462cf753aebf94edcc87dcc6b8641eae31"},
-    {file = "coverage-7.5.3-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8383a6c8cefba1b7cecc0149415046b6fc38836295bc4c84e820872eb5478b3d"},
-    {file = "coverage-7.5.3-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:9aad68c3f2566dfae84bf46295a79e79d904e1c21ccfc66de88cd446f8686341"},
-    {file = "coverage-7.5.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2e079c9ec772fedbade9d7ebc36202a1d9ef7291bc9b3a024ca395c4d52853d7"},
-    {file = "coverage-7.5.3-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:bde997cac85fcac227b27d4fb2c7608a2c5f6558469b0eb704c5726ae49e1c52"},
-    {file = "coverage-7.5.3-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:990fb20b32990b2ce2c5f974c3e738c9358b2735bc05075d50a6f36721b8f303"},
-    {file = "coverage-7.5.3-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:3d5a67f0da401e105753d474369ab034c7bae51a4c31c77d94030d59e41df5bd"},
-    {file = "coverage-7.5.3-cp39-cp39-win32.whl", hash = "sha256:e08c470c2eb01977d221fd87495b44867a56d4d594f43739a8028f8646a51e0d"},
-    {file = "coverage-7.5.3-cp39-cp39-win_amd64.whl", hash = "sha256:1d2a830ade66d3563bb61d1e3c77c8def97b30ed91e166c67d0632c018f380f0"},
-    {file = "coverage-7.5.3-pp38.pp39.pp310-none-any.whl", hash = "sha256:3538d8fb1ee9bdd2e2692b3b18c22bb1c19ffbefd06880f5ac496e42d7bb3884"},
-    {file = "coverage-7.5.3.tar.gz", hash = "sha256:04aefca5190d1dc7a53a4c1a5a7f8568811306d7a8ee231c42fb69215571944f"},
+    {file = "coverage-7.5.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:432949a32c3e3f820af808db1833d6d1631664d53dd3ce487aa25d574e18ad1c"},
+    {file = "coverage-7.5.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:2bd7065249703cbeb6d4ce679c734bef0ee69baa7bff9724361ada04a15b7e3b"},
+    {file = "coverage-7.5.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bbfe6389c5522b99768a93d89aca52ef92310a96b99782973b9d11e80511f932"},
+    {file = "coverage-7.5.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:39793731182c4be939b4be0cdecde074b833f6171313cf53481f869937129ed3"},
+    {file = "coverage-7.5.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:85a5dbe1ba1bf38d6c63b6d2c42132d45cbee6d9f0c51b52c59aa4afba057517"},
+    {file = "coverage-7.5.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:357754dcdfd811462a725e7501a9b4556388e8ecf66e79df6f4b988fa3d0b39a"},
+    {file = "coverage-7.5.0-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:a81eb64feded34f40c8986869a2f764f0fe2db58c0530d3a4afbcde50f314880"},
+    {file = "coverage-7.5.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:51431d0abbed3a868e967f8257c5faf283d41ec882f58413cf295a389bb22e58"},
+    {file = "coverage-7.5.0-cp310-cp310-win32.whl", hash = "sha256:f609ebcb0242d84b7adeee2b06c11a2ddaec5464d21888b2c8255f5fd6a98ae4"},
+    {file = "coverage-7.5.0-cp310-cp310-win_amd64.whl", hash = "sha256:6782cd6216fab5a83216cc39f13ebe30adfac2fa72688c5a4d8d180cd52e8f6a"},
+    {file = "coverage-7.5.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:e768d870801f68c74c2b669fc909839660180c366501d4cc4b87efd6b0eee375"},
+    {file = "coverage-7.5.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:84921b10aeb2dd453247fd10de22907984eaf80901b578a5cf0bb1e279a587cb"},
+    {file = "coverage-7.5.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:710c62b6e35a9a766b99b15cdc56d5aeda0914edae8bb467e9c355f75d14ee95"},
+    {file = "coverage-7.5.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c379cdd3efc0658e652a14112d51a7668f6bfca7445c5a10dee7eabecabba19d"},
+    {file = "coverage-7.5.0-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fea9d3ca80bcf17edb2c08a4704259dadac196fe5e9274067e7a20511fad1743"},
+    {file = "coverage-7.5.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:41327143c5b1d715f5f98a397608f90ab9ebba606ae4e6f3389c2145410c52b1"},
+    {file = "coverage-7.5.0-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:565b2e82d0968c977e0b0f7cbf25fd06d78d4856289abc79694c8edcce6eb2de"},
+    {file = "coverage-7.5.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:cf3539007202ebfe03923128fedfdd245db5860a36810136ad95a564a2fdffff"},
+    {file = "coverage-7.5.0-cp311-cp311-win32.whl", hash = "sha256:bf0b4b8d9caa8d64df838e0f8dcf68fb570c5733b726d1494b87f3da85db3a2d"},
+    {file = "coverage-7.5.0-cp311-cp311-win_amd64.whl", hash = "sha256:9c6384cc90e37cfb60435bbbe0488444e54b98700f727f16f64d8bfda0b84656"},
+    {file = "coverage-7.5.0-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:fed7a72d54bd52f4aeb6c6e951f363903bd7d70bc1cad64dd1f087980d309ab9"},
+    {file = "coverage-7.5.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:cbe6581fcff7c8e262eb574244f81f5faaea539e712a058e6707a9d272fe5b64"},
+    {file = "coverage-7.5.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ad97ec0da94b378e593ef532b980c15e377df9b9608c7c6da3506953182398af"},
+    {file = "coverage-7.5.0-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bd4bacd62aa2f1a1627352fe68885d6ee694bdaebb16038b6e680f2924a9b2cc"},
+    {file = "coverage-7.5.0-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:adf032b6c105881f9d77fa17d9eebe0ad1f9bfb2ad25777811f97c5362aa07f2"},
+    {file = "coverage-7.5.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:4ba01d9ba112b55bfa4b24808ec431197bb34f09f66f7cb4fd0258ff9d3711b1"},
+    {file = "coverage-7.5.0-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:f0bfe42523893c188e9616d853c47685e1c575fe25f737adf473d0405dcfa7eb"},
+    {file = "coverage-7.5.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:a9a7ef30a1b02547c1b23fa9a5564f03c9982fc71eb2ecb7f98c96d7a0db5cf2"},
+    {file = "coverage-7.5.0-cp312-cp312-win32.whl", hash = "sha256:3c2b77f295edb9fcdb6a250f83e6481c679335ca7e6e4a955e4290350f2d22a4"},
+    {file = "coverage-7.5.0-cp312-cp312-win_amd64.whl", hash = "sha256:427e1e627b0963ac02d7c8730ca6d935df10280d230508c0ba059505e9233475"},
+    {file = "coverage-7.5.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:9dd88fce54abbdbf4c42fb1fea0e498973d07816f24c0e27a1ecaf91883ce69e"},
+    {file = "coverage-7.5.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:a898c11dca8f8c97b467138004a30133974aacd572818c383596f8d5b2eb04a9"},
+    {file = "coverage-7.5.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:07dfdd492d645eea1bd70fb1d6febdcf47db178b0d99161d8e4eed18e7f62fe7"},
+    {file = "coverage-7.5.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d3d117890b6eee85887b1eed41eefe2e598ad6e40523d9f94c4c4b213258e4a4"},
+    {file = "coverage-7.5.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6afd2e84e7da40fe23ca588379f815fb6dbbb1b757c883935ed11647205111cb"},
+    {file = "coverage-7.5.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:a9960dd1891b2ddf13a7fe45339cd59ecee3abb6b8326d8b932d0c5da208104f"},
+    {file = "coverage-7.5.0-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:ced268e82af993d7801a9db2dbc1d2322e786c5dc76295d8e89473d46c6b84d4"},
+    {file = "coverage-7.5.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:e7c211f25777746d468d76f11719e64acb40eed410d81c26cefac641975beb88"},
+    {file = "coverage-7.5.0-cp38-cp38-win32.whl", hash = "sha256:262fffc1f6c1a26125d5d573e1ec379285a3723363f3bd9c83923c9593a2ac25"},
+    {file = "coverage-7.5.0-cp38-cp38-win_amd64.whl", hash = "sha256:eed462b4541c540d63ab57b3fc69e7d8c84d5957668854ee4e408b50e92ce26a"},
+    {file = "coverage-7.5.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:d0194d654e360b3e6cc9b774e83235bae6b9b2cac3be09040880bb0e8a88f4a1"},
+    {file = "coverage-7.5.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:33c020d3322662e74bc507fb11488773a96894aa82a622c35a5a28673c0c26f5"},
+    {file = "coverage-7.5.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0cbdf2cae14a06827bec50bd58e49249452d211d9caddd8bd80e35b53cb04631"},
+    {file = "coverage-7.5.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3235d7c781232e525b0761730e052388a01548bd7f67d0067a253887c6e8df46"},
+    {file = "coverage-7.5.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2de4e546f0ec4b2787d625e0b16b78e99c3e21bc1722b4977c0dddf11ca84e"},
+    {file = "coverage-7.5.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:4d0e206259b73af35c4ec1319fd04003776e11e859936658cb6ceffdeba0f5be"},
+    {file = "coverage-7.5.0-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:2055c4fb9a6ff624253d432aa471a37202cd8f458c033d6d989be4499aed037b"},
+    {file = "coverage-7.5.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:075299460948cd12722a970c7eae43d25d37989da682997687b34ae6b87c0ef0"},
+    {file = "coverage-7.5.0-cp39-cp39-win32.whl", hash = "sha256:280132aada3bc2f0fac939a5771db4fbb84f245cb35b94fae4994d4c1f80dae7"},
+    {file = "coverage-7.5.0-cp39-cp39-win_amd64.whl", hash = "sha256:c58536f6892559e030e6924896a44098bc1290663ea12532c78cef71d0df8493"},
+    {file = "coverage-7.5.0-pp38.pp39.pp310-none-any.whl", hash = "sha256:2b57780b51084d5223eee7b59f0d4911c31c16ee5aa12737c7a02455829ff067"},
+    {file = "coverage-7.5.0.tar.gz", hash = "sha256:cf62d17310f34084c59c01e027259076479128d11e4661bb6c9acb38c5e19bb8"},
 ]
 
 [package.dependencies]
@@ -1120,13 +1148,13 @@ test-randomorder = ["pytest-randomly"]
 
 [[package]]
 name = "dash"
-version = "2.17.0"
+version = "2.16.1"
 description = "A Python framework for building reactive web-apps. Developed by Plotly."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "dash-2.17.0-py3-none-any.whl", hash = "sha256:2421569023b2cd46ea2d4b2c14fe72c71b7436527a3102219b2265fa361e7c67"},
-    {file = "dash-2.17.0.tar.gz", hash = "sha256:d065cd88771e45d0485993be0d27565e08918cb7edd18e31ee1c5b41252fc2fa"},
+    {file = "dash-2.16.1-py3-none-any.whl", hash = "sha256:8a9d2a618e415113c0b2a4d25d5dc4df5cb921f733b33dde75559db2316b1df1"},
+    {file = "dash-2.16.1.tar.gz", hash = "sha256:b2871d6b8d4c9dfd0a64f89f22d001c93292910b41d92d9ff2bb424a28283976"},
 ]
 
 [package.dependencies]
@@ -1145,7 +1173,7 @@ Werkzeug = "<3.1"
 
 [package.extras]
 celery = ["celery[redis] (>=5.1.2)", "redis (>=3.5.3)"]
-ci = ["black (==22.3.0)", "dash-dangerously-set-inner-html", "dash-flow-example (==0.0.5)", "flake8 (==7.0.0)", "flaky (==3.8.1)", "flask-talisman (==1.0.0)", "jupyterlab (<4.0.0)", "mimesis (<=11.1.0)", "mock (==4.0.3)", "numpy (<=1.26.3)", "openpyxl", "orjson (==3.9.12)", "pandas (>=1.4.0)", "pyarrow", "pylint (==3.0.3)", "pytest-mock", "pytest-rerunfailures", "pytest-sugar (==0.9.6)", "pyzmq (==25.1.2)", "xlrd (>=2.0.1)"]
+ci = ["black (==22.3.0)", "dash-dangerously-set-inner-html", "dash-flow-example (==0.0.5)", "flake8 (==7.0.0)", "flaky (==3.7.0)", "flask-talisman (==1.0.0)", "jupyterlab (<4.0.0)", "mimesis (<=11.1.0)", "mock (==4.0.3)", "numpy (<=1.26.3)", "openpyxl", "orjson (==3.9.12)", "pandas (>=1.4.0)", "pyarrow", "pylint (==3.0.3)", "pytest-mock", "pytest-rerunfailures", "pytest-sugar (==0.9.6)", "pyzmq (==25.1.2)", "xlrd (>=2.0.1)"]
 compress = ["flask-compress"]
 dev = ["PyYAML (>=5.4.1)", "coloredlogs (>=15.0.1)", "fire (>=0.4.0)"]
 diskcache = ["diskcache (>=5.2.1)", "multiprocess (>=0.70.12)", "psutil (>=5.8.0)"]
@@ -1220,13 +1248,13 @@ dev = ["PyTest", "PyTest-Cov", "bump2version (<1)", "sphinx (<2)", "tox"]
 
 [[package]]
 name = "detect-secrets"
-version = "1.5.0"
+version = "1.4.0"
 description = "Tool for detecting secrets in the codebase"
 optional = false
 python-versions = "*"
 files = [
-    {file = "detect_secrets-1.5.0-py3-none-any.whl", hash = "sha256:e24e7b9b5a35048c313e983f76c4bd09dad89f045ff059e354f9943bf45aa060"},
-    {file = "detect_secrets-1.5.0.tar.gz", hash = "sha256:6bb46dcc553c10df51475641bb30fd69d25645cc12339e46c824c1e0c388898a"},
+    {file = "detect_secrets-1.4.0-py3-none-any.whl", hash = "sha256:d08ecabeee8b68c0acb0e8a354fb98d822a653f6ed05e520cead4c6fc1fc02cd"},
+    {file = "detect_secrets-1.4.0.tar.gz", hash = "sha256:d56787e339758cef48c9ccd6692f7a094b9963c979c9813580b0169e41132833"},
 ]
 
 [package.dependencies]
@@ -1274,23 +1302,22 @@ wmi = ["wmi (>=1.5.1)"]
 
 [[package]]
 name = "docker"
-version = "7.1.0"
+version = "7.0.0"
 description = "A Python library for the Docker Engine API."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "docker-7.1.0-py3-none-any.whl", hash = "sha256:c96b93b7f0a746f9e77d325bcfb87422a3d8bd4f03136ae8a85b37f1898d5fc0"},
-    {file = "docker-7.1.0.tar.gz", hash = "sha256:ad8c70e6e3f8926cb8a92619b832b4ea5299e2831c14284663184e200546fa6c"},
+    {file = "docker-7.0.0-py3-none-any.whl", hash = "sha256:12ba681f2777a0ad28ffbcc846a69c31b4dfd9752b47eb425a274ee269c5e14b"},
+    {file = "docker-7.0.0.tar.gz", hash = "sha256:323736fb92cd9418fc5e7133bc953e11a9da04f4483f828b527db553f1e7e5a3"},
 ]
 
 [package.dependencies]
+packaging = ">=14.0"
 pywin32 = {version = ">=304", markers = "sys_platform == \"win32\""}
 requests = ">=2.26.0"
 urllib3 = ">=1.26.0"
 
 [package.extras]
-dev = ["coverage (==7.2.7)", "pytest (==7.4.2)", "pytest-cov (==4.1.0)", "pytest-timeout (==2.1.0)", "ruff (==0.1.8)"]
-docs = ["myst-parser (==0.18.0)", "sphinx (==5.1.1)"]
 ssh = ["paramiko (>=2.4.3)"]
 websockets = ["websocket-client (>=1.3.0)"]
 
@@ -1415,13 +1442,13 @@ dotenv = ["python-dotenv"]
 
 [[package]]
 name = "freezegun"
-version = "1.5.1"
+version = "1.5.0"
 description = "Let your Python tests travel through time"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "freezegun-1.5.1-py3-none-any.whl", hash = "sha256:bf111d7138a8abe55ab48a71755673dbaa4ab87f4cff5634a4442dfec34c15f1"},
-    {file = "freezegun-1.5.1.tar.gz", hash = "sha256:b29dedfcda6d5e8e083ce71b2b542753ad48cfec44037b3fc79702e2980a89e9"},
+    {file = "freezegun-1.5.0-py3-none-any.whl", hash = "sha256:ec3f4ba030e34eb6cf7e1e257308aee2c60c3d038ff35996d7475760c9ff3719"},
+    {file = "freezegun-1.5.0.tar.gz", hash = "sha256:200a64359b363aa3653d8aac289584078386c7c3da77339d257e46a01fb5c77c"},
 ]
 
 [package.dependencies]
@@ -1587,13 +1614,13 @@ grpcio-gcp = ["grpcio-gcp (>=0.2.2,<1.0.dev0)"]
 
 [[package]]
 name = "google-api-python-client"
-version = "2.131.0"
+version = "2.127.0"
 description = "Google API Client Library for Python"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "google-api-python-client-2.131.0.tar.gz", hash = "sha256:1c03e24af62238a8817ecc24e9d4c32ddd4cb1f323b08413652d9a9a592fc00d"},
-    {file = "google_api_python_client-2.131.0-py2.py3-none-any.whl", hash = "sha256:e325409bdcef4604d505d9246ce7199960a010a0569ac503b9f319db8dbdc217"},
+    {file = "google-api-python-client-2.127.0.tar.gz", hash = "sha256:bbb51b0fbccdf40e536c26341e372d7800f09afebb53103bbcc94e08f14b523b"},
+    {file = "google_api_python_client-2.127.0-py2.py3-none-any.whl", hash = "sha256:d01c70c7840ec37888aa02b1aea5d9baba4c1701e268d1a0251640afd56e5e90"},
 ]
 
 [package.dependencies]
@@ -1872,13 +1899,13 @@ files = [
 
 [[package]]
 name = "jinja2"
-version = "3.1.4"
+version = "3.1.3"
 description = "A very fast and expressive template engine."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "jinja2-3.1.4-py3-none-any.whl", hash = "sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d"},
-    {file = "jinja2-3.1.4.tar.gz", hash = "sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369"},
+    {file = "Jinja2-3.1.3-py3-none-any.whl", hash = "sha256:7d6d50dd97d52cbc355597bd845fabfbac3f551e1f99619e39a35ce8c370b5fa"},
+    {file = "Jinja2-3.1.3.tar.gz", hash = "sha256:ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90"},
 ]
 
 [package.dependencies]
@@ -1999,13 +2026,13 @@ files = [
 
 [[package]]
 name = "jsonschema"
-version = "4.22.0"
+version = "4.21.1"
 description = "An implementation of JSON Schema validation for Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "jsonschema-4.22.0-py3-none-any.whl", hash = "sha256:ff4cfd6b1367a40e7bc6411caec72effadd3db0bbe5017de188f2d6108335802"},
-    {file = "jsonschema-4.22.0.tar.gz", hash = "sha256:5b22d434a45935119af990552c862e5d6d564e8f6601206b305a61fdf661a2b7"},
+    {file = "jsonschema-4.21.1-py3-none-any.whl", hash = "sha256:7996507afae316306f9e2290407761157c6f78002dcf7419acb99822143d1c6f"},
+    {file = "jsonschema-4.21.1.tar.gz", hash = "sha256:85727c00279f5fa6bedbe6238d2aa6403bedd8b4864ab11207d07df3cc1b2ee5"},
 ]
 
 [package.dependencies]
@@ -2300,13 +2327,13 @@ files = [
 
 [[package]]
 name = "microsoft-kiota-abstractions"
-version = "1.3.3"
+version = "1.3.2"
 description = "Core abstractions for kiota generated libraries in Python"
 optional = false
 python-versions = "*"
 files = [
-    {file = "microsoft_kiota_abstractions-1.3.3-py2.py3-none-any.whl", hash = "sha256:deced0b01249459426d4ed45c8ab34e19250e514d4d05ce84c08893058ae06a1"},
-    {file = "microsoft_kiota_abstractions-1.3.3.tar.gz", hash = "sha256:3cc01832a2e6dc6094c4e1abf7cbef3849a87d818a3b9193ad6c83a9f88e14ff"},
+    {file = "microsoft_kiota_abstractions-1.3.2-py2.py3-none-any.whl", hash = "sha256:ec4335df425874b1c0171a97c4b5ccdc4a9d076e1ecd3a5c2582af1cacc25016"},
+    {file = "microsoft_kiota_abstractions-1.3.2.tar.gz", hash = "sha256:acac0b34b443d3fc10a3a86dd996cdf92248080553a3768a77c23350541f1aa2"},
 ]
 
 [package.dependencies]
@@ -2441,13 +2468,13 @@ min-versions = ["babel (==2.9.0)", "click (==7.0)", "colorama (==0.4)", "ghp-imp
 
 [[package]]
 name = "mkdocs-git-revision-date-localized-plugin"
-version = "1.2.6"
+version = "1.2.4"
 description = "Mkdocs plugin that enables displaying the localized date of the last git modification of a markdown file."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "mkdocs_git_revision_date_localized_plugin-1.2.6-py3-none-any.whl", hash = "sha256:f015cb0f3894a39b33447b18e270ae391c4e25275cac5a626e80b243784e2692"},
-    {file = "mkdocs_git_revision_date_localized_plugin-1.2.6.tar.gz", hash = "sha256:e432942ce4ee8aa9b9f4493e993dee9d2cc08b3ea2b40a3d6b03ca0f2a4bcaa2"},
+    {file = "mkdocs-git-revision-date-localized-plugin-1.2.4.tar.gz", hash = "sha256:08fd0c6f33c8da9e00daf40f7865943113b3879a1c621b2bbf0fa794ffe997d3"},
+    {file = "mkdocs_git_revision_date_localized_plugin-1.2.4-py3-none-any.whl", hash = "sha256:1f94eb510862ef94e982a2910404fa17a1657ecf29f45a07b0f438c00767fc85"},
 ]
 
 [package.dependencies]
@@ -2514,13 +2541,13 @@ test = ["pytest", "pytest-cov"]
 
 [[package]]
 name = "moto"
-version = "5.0.9"
+version = "5.0.6"
 description = ""
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "moto-5.0.9-py2.py3-none-any.whl", hash = "sha256:21a13e02f83d6a18cfcd99949c96abb2e889f4bd51c4c6a3ecc8b78765cb854e"},
-    {file = "moto-5.0.9.tar.gz", hash = "sha256:eb71f1cba01c70fff1f16086acb24d6d9aeb32830d646d8989f98a29aeae24ba"},
+    {file = "moto-5.0.6-py2.py3-none-any.whl", hash = "sha256:ca1e22831a741733b581ff2ef4d6ae2e1c6db1eab97af1b78b86ca2c6e88c609"},
+    {file = "moto-5.0.6.tar.gz", hash = "sha256:ad8b23f2b555ad694da8b2432a42b6d96beaaf67a4e7d932196a72193a2eee2c"},
 ]
 
 [package.dependencies]
@@ -2538,7 +2565,7 @@ jsondiff = {version = ">=1.1.2", optional = true, markers = "extra == \"all\""}
 jsonpath-ng = {version = "*", optional = true, markers = "extra == \"all\""}
 multipart = {version = "*", optional = true, markers = "extra == \"all\""}
 openapi-spec-validator = {version = ">=0.5.0", optional = true, markers = "extra == \"all\""}
-py-partiql-parser = {version = "0.5.5", optional = true, markers = "extra == \"all\""}
+py-partiql-parser = {version = "0.5.4", optional = true, markers = "extra == \"all\""}
 pyparsing = {version = ">=3.0.7", optional = true, markers = "extra == \"all\""}
 python-dateutil = ">=2.1,<3.0.0"
 PyYAML = {version = ">=5.1", optional = true, markers = "extra == \"all\""}
@@ -2549,23 +2576,23 @@ werkzeug = ">=0.5,<2.2.0 || >2.2.0,<2.2.1 || >2.2.1"
 xmltodict = "*"
 
 [package.extras]
-all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.5)", "pyparsing (>=3.0.7)", "setuptools"]
+all = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.4)", "pyparsing (>=3.0.7)", "setuptools"]
 apigateway = ["PyYAML (>=5.1)", "joserfc (>=0.9.0)", "openapi-spec-validator (>=0.5.0)"]
 apigatewayv2 = ["PyYAML (>=5.1)", "openapi-spec-validator (>=0.5.0)"]
 appsync = ["graphql-core"]
 awslambda = ["docker (>=3.0.0)"]
 batch = ["docker (>=3.0.0)"]
-cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.5)", "pyparsing (>=3.0.7)", "setuptools"]
+cloudformation = ["PyYAML (>=5.1)", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.4)", "pyparsing (>=3.0.7)", "setuptools"]
 cognitoidp = ["joserfc (>=0.9.0)"]
-dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.5)"]
-dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.5)"]
+dynamodb = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.4)"]
+dynamodbstreams = ["docker (>=3.0.0)", "py-partiql-parser (==0.5.4)"]
 glue = ["pyparsing (>=3.0.7)"]
 iotdata = ["jsondiff (>=1.1.2)"]
-proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.5)", "pyparsing (>=3.0.7)", "setuptools"]
-resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.5)", "pyparsing (>=3.0.7)"]
-s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.5)"]
-s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.5)"]
-server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.5)", "pyparsing (>=3.0.7)", "setuptools"]
+proxy = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=2.5.1)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "multipart", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.4)", "pyparsing (>=3.0.7)", "setuptools"]
+resourcegroupstaggingapi = ["PyYAML (>=5.1)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.4)", "pyparsing (>=3.0.7)"]
+s3 = ["PyYAML (>=5.1)", "py-partiql-parser (==0.5.4)"]
+s3crc32c = ["PyYAML (>=5.1)", "crc32c", "py-partiql-parser (==0.5.4)"]
+server = ["PyYAML (>=5.1)", "antlr4-python3-runtime", "aws-xray-sdk (>=0.93,!=0.96)", "cfn-lint (>=0.40.0)", "docker (>=3.0.0)", "flask (!=2.2.0,!=2.2.1)", "flask-cors", "graphql-core", "joserfc (>=0.9.0)", "jsondiff (>=1.1.2)", "jsonpath-ng", "openapi-spec-validator (>=0.5.0)", "py-partiql-parser (==0.5.4)", "pyparsing (>=3.0.7)", "setuptools"]
 ssm = ["PyYAML (>=5.1)"]
 stepfunctions = ["antlr4-python3-runtime", "jsonpath-ng"]
 xray = ["aws-xray-sdk (>=0.93,!=0.96)", "setuptools"]
@@ -2647,13 +2674,13 @@ dev = ["bumpver", "isort", "mypy", "pylint", "pytest", "yapf"]
 
 [[package]]
 name = "msgraph-sdk"
-version = "1.4.0"
+version = "1.3.0"
 description = "The Microsoft Graph Python SDK"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "msgraph_sdk-1.4.0-py3-none-any.whl", hash = "sha256:24f99082475ea129c3d45e44269bd64a7c6bfef8dda4f8ea692bbc9e47b71b78"},
-    {file = "msgraph_sdk-1.4.0.tar.gz", hash = "sha256:715907272c240e579d7669a690504488e25ae15fec904e2918c49ca328dc4a14"},
+    {file = "msgraph_sdk-1.3.0-py3-none-any.whl", hash = "sha256:b8636e4f3957bad35958c1578d1610ed4e1edf71c4fdb3423396868cab84e156"},
+    {file = "msgraph_sdk-1.3.0.tar.gz", hash = "sha256:a0a0f529800e528a455e2ace31660d9d3697a8cc87b0789e30147ce4c4e9c268"},
 ]
 
 [package.dependencies]
@@ -2691,6 +2718,22 @@ requests-oauthlib = ">=0.5.0"
 [package.extras]
 async = ["aiodns", "aiohttp (>=3.0)"]
 
+[[package]]
+name = "msrestazure"
+version = "0.6.4"
+description = "AutoRest swagger generator Python client runtime. Azure-specific module."
+optional = false
+python-versions = "*"
+files = [
+    {file = "msrestazure-0.6.4-py2.py3-none-any.whl", hash = "sha256:3de50f56147ef529b31e099a982496690468ecef33f0544cb0fa0cfe1e1de5b9"},
+    {file = "msrestazure-0.6.4.tar.gz", hash = "sha256:a06f0dabc9a6f5efe3b6add4bd8fb623aeadacf816b7a35b0f89107e0544d189"},
+]
+
+[package.dependencies]
+adal = ">=0.6.0,<2.0.0"
+msrest = ">=0.6.0,<2.0.0"
+six = "*"
+
 [[package]]
 name = "multidict"
 version = "6.0.5"
@@ -3318,13 +3361,13 @@ files = [
 
 [[package]]
 name = "py-ocsf-models"
-version = "0.1.1"
+version = "0.1.0"
 description = "This is a Python implementation of the OCSF models. The models are used to represent the data of the OCSF Schema defined in https://schema.ocsf.io/."
 optional = false
 python-versions = "<3.13,>=3.9"
 files = [
-    {file = "py_ocsf_models-0.1.1-py3-none-any.whl", hash = "sha256:c6ea465fda85470b938a48da65b1f19664f6d83820ebe849ef5551094e6768de"},
-    {file = "py_ocsf_models-0.1.1.tar.gz", hash = "sha256:b0f2d4495a2596793f75e61a1ba218edea3a2d17a2b9911d46ee0fa623cc657b"},
+    {file = "py_ocsf_models-0.1.0-py3-none-any.whl", hash = "sha256:c615887b43fb066651dd656b5259ae14f3bb125370b8add0fc3b7e0a799bd508"},
+    {file = "py_ocsf_models-0.1.0.tar.gz", hash = "sha256:64a717a1d064aa6d9ba4d8e2a6d57c8eca12bf9a977cf634e1484ca23151c0c9"},
 ]
 
 [package.dependencies]
@@ -3333,13 +3376,13 @@ pydantic = "1.10.15"
 
 [[package]]
 name = "py-partiql-parser"
-version = "0.5.5"
+version = "0.5.4"
 description = "Pure Python PartiQL Parser"
 optional = false
 python-versions = "*"
 files = [
-    {file = "py_partiql_parser-0.5.5-py2.py3-none-any.whl", hash = "sha256:90d278818385bd60c602410c953ee78f04ece599d8cd21c656fc5e47399577a1"},
-    {file = "py_partiql_parser-0.5.5.tar.gz", hash = "sha256:ed07f8edf4b55e295cab4f5fd3e2ba3196cee48a43fe210d53ddd6ffce1cf1ff"},
+    {file = "py_partiql_parser-0.5.4-py2.py3-none-any.whl", hash = "sha256:3dc4295a47da9587681a96b35c6e151886fdbd0a4acbe0d97c4c68e5f689d315"},
+    {file = "py_partiql_parser-0.5.4.tar.gz", hash = "sha256:72e043919538fa63edae72fb59afc7e3fd93adbde656718a7d2b4666f23dd114"},
 ]
 
 [package.extras]
@@ -3492,17 +3535,17 @@ tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"]
 
 [[package]]
 name = "pylint"
-version = "3.2.2"
+version = "3.1.0"
 description = "python code static checker"
 optional = false
 python-versions = ">=3.8.0"
 files = [
-    {file = "pylint-3.2.2-py3-none-any.whl", hash = "sha256:3f8788ab20bb8383e06dd2233e50f8e08949cfd9574804564803441a4946eab4"},
-    {file = "pylint-3.2.2.tar.gz", hash = "sha256:d068ca1dfd735fb92a07d33cb8f288adc0f6bc1287a139ca2425366f7cbe38f8"},
+    {file = "pylint-3.1.0-py3-none-any.whl", hash = "sha256:507a5b60953874766d8a366e8e8c7af63e058b26345cfcb5f91f89d987fd6b74"},
+    {file = "pylint-3.1.0.tar.gz", hash = "sha256:6a69beb4a6f63debebaab0a3477ecd0f559aa726af4954fc948c51f7a2549e23"},
 ]
 
 [package.dependencies]
-astroid = ">=3.2.2,<=3.3.0-dev0"
+astroid = ">=3.1.0,<=3.2.0-dev0"
 colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""}
 dill = [
     {version = ">=0.2", markers = "python_version < \"3.11\""},
@@ -3554,13 +3597,13 @@ diagrams = ["jinja2", "railroad-diagrams"]
 
 [[package]]
 name = "pytest"
-version = "8.2.1"
+version = "8.2.0"
 description = "pytest: simple powerful testing with Python"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "pytest-8.2.1-py3-none-any.whl", hash = "sha256:faccc5d332b8c3719f40283d0d44aa5cf101cec36f88cde9ed8f2bc0538612b1"},
-    {file = "pytest-8.2.1.tar.gz", hash = "sha256:5046e5b46d8e4cac199c373041f26be56fdb81eb4e67dc11d4e10811fc3408fd"},
+    {file = "pytest-8.2.0-py3-none-any.whl", hash = "sha256:1733f0620f6cda4095bbf0d9ff8022486e91892245bb9e7d5542c018f612f233"},
+    {file = "pytest-8.2.0.tar.gz", hash = "sha256:d507d4482197eac0ba2bae2e9babf0672eb333017bcedaa5fb1a3d42c1174b3f"},
 ]
 
 [package.dependencies]
@@ -3886,13 +3929,13 @@ files = [
 
 [[package]]
 name = "requests"
-version = "2.32.0"
+version = "2.31.0"
 description = "Python HTTP for Humans."
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.7"
 files = [
-    {file = "requests-2.32.0-py3-none-any.whl", hash = "sha256:f2c3881dddb70d056c5bd7600a4fae312b2a300e39be6a118d30b90bd27262b5"},
-    {file = "requests-2.32.0.tar.gz", hash = "sha256:fa5490319474c82ef1d2c9bc459d3652e3ae4ef4c4ebdd18a21145a47ca4b6b8"},
+    {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"},
+    {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"},
 ]
 
 [package.dependencies]
@@ -4220,13 +4263,13 @@ crt = ["botocore[crt] (>=1.33.2,<2.0a.0)"]
 
 [[package]]
 name = "safety"
-version = "3.2.0"
+version = "3.1.0"
 description = "Checks installed dependencies for known vulnerabilities and licenses."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "safety-3.2.0-py3-none-any.whl", hash = "sha256:a432fc9d17e79a4386c4f093656b617c56f839cde022649cfa796d72c7a544de"},
-    {file = "safety-3.2.0.tar.gz", hash = "sha256:8bd5cab5f3d8a61ce0ea6e98f267c1006d056097c45c644fee7afeff7d5949c1"},
+    {file = "safety-3.1.0-py3-none-any.whl", hash = "sha256:f2ba2d36f15ac1e24751547a73b854509a7d6db31efd30b57f64ffdf9d021934"},
+    {file = "safety-3.1.0.tar.gz", hash = "sha256:71f47b82ece153ec2f240e277f7cbfa70d5da2e0d143162c67f63b2f7459a1aa"},
 ]
 
 [package.dependencies]
@@ -4286,15 +4329,18 @@ pbr = "*"
 
 [[package]]
 name = "schema"
-version = "0.7.7"
+version = "0.7.5"
 description = "Simple data validation library"
 optional = false
 python-versions = "*"
 files = [
-    {file = "schema-0.7.7-py2.py3-none-any.whl", hash = "sha256:5d976a5b50f36e74e2157b47097b60002bd4d42e65425fcc9c9befadb4255dde"},
-    {file = "schema-0.7.7.tar.gz", hash = "sha256:7da553abd2958a19dc2547c388cde53398b39196175a9be59ea1caf5ab0a1807"},
+    {file = "schema-0.7.5-py2.py3-none-any.whl", hash = "sha256:f3ffdeeada09ec34bf40d7d79996d9f7175db93b7a5065de0faa7f41083c1e6c"},
+    {file = "schema-0.7.5.tar.gz", hash = "sha256:f06717112c61895cabc4707752b88716e8420a8819d71404501e114f91043197"},
 ]
 
+[package.dependencies]
+contextlib2 = ">=0.5.5"
+
 [[package]]
 name = "setuptools"
 version = "69.5.1"
@@ -4353,17 +4399,17 @@ files = [
 
 [[package]]
 name = "slack-sdk"
-version = "3.27.2"
+version = "3.27.1"
 description = "The Slack API Platform SDK for Python"
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "slack_sdk-3.27.2-py2.py3-none-any.whl", hash = "sha256:af97158e6ac7f667e158e8036e63dc1f79db9bd36216a33c10fcc49be7c2f30c"},
-    {file = "slack_sdk-3.27.2.tar.gz", hash = "sha256:bb145bf2bd93b60a17cd55c05cb15868c9a07d845b6fb608c798b50bce21cb99"},
+    {file = "slack_sdk-3.27.1-py2.py3-none-any.whl", hash = "sha256:c108e509160cf1324c5c8b1f47ca52fb5e287021b8caf9f4ec78ad737ab7b1d9"},
+    {file = "slack_sdk-3.27.1.tar.gz", hash = "sha256:85d86b34d807c26c8bb33c1569ec0985876f06ae4a2692afba765b7a5490d28c"},
 ]
 
 [package.extras]
-optional = ["SQLAlchemy (>=1.4,<3)", "aiodns (>1.0)", "aiohttp (>=3.7.3,<4)", "boto3 (<=2)", "websocket-client (>=1,<2)", "websockets (>=9.1,<13)"]
+optional = ["SQLAlchemy (>=1.4,<3)", "aiodns (>1.0)", "aiohttp (>=3.7.3,<4)", "boto3 (<=2)", "websocket-client (>=1,<2)", "websockets (>=10,<11)", "websockets (>=9.1,<10)"]
 
 [[package]]
 name = "smmap"
@@ -4536,23 +4582,6 @@ files = [
     {file = "tzdata-2024.1.tar.gz", hash = "sha256:2674120f8d891909751c38abcdfd386ac0a5a1127954fbc332af6b5ceae07efd"},
 ]
 
-[[package]]
-name = "tzlocal"
-version = "5.2"
-description = "tzinfo object for the local timezone"
-optional = false
-python-versions = ">=3.8"
-files = [
-    {file = "tzlocal-5.2-py3-none-any.whl", hash = "sha256:49816ef2fe65ea8ac19d19aa7a1ae0551c834303d5014c6d5a62e4cbda8047b8"},
-    {file = "tzlocal-5.2.tar.gz", hash = "sha256:8d399205578f1a9342816409cc1e46a93ebd5755e39ea2d85334bea911bf0e6e"},
-]
-
-[package.dependencies]
-tzdata = {version = "*", markers = "platform_system == \"Windows\""}
-
-[package.extras]
-devenv = ["check-manifest", "pytest (>=4.3)", "pytest-cov", "pytest-mock (>=3.3)", "zest.releaser"]
-
 [[package]]
 name = "uritemplate"
 version = "4.1.1"
@@ -4670,13 +4699,13 @@ test = ["websockets"]
 
 [[package]]
 name = "werkzeug"
-version = "3.0.3"
+version = "3.0.2"
 description = "The comprehensive WSGI web application library."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "werkzeug-3.0.3-py3-none-any.whl", hash = "sha256:fc9645dc43e03e4d630d23143a04a7f947a9a3b5727cd535fdfe155a17cc48c8"},
-    {file = "werkzeug-3.0.3.tar.gz", hash = "sha256:097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18"},
+    {file = "werkzeug-3.0.2-py3-none-any.whl", hash = "sha256:3aac3f5da756f93030740bc235d3e09449efcf65f2f55e3602e1d851b8f48795"},
+    {file = "werkzeug-3.0.2.tar.gz", hash = "sha256:e39b645a6ac92822588e7b39a692e7828724ceae0b0d702ef96701f90e70128d"},
 ]
 
 [package.dependencies]
@@ -4907,4 +4936,4 @@ testing = ["big-O", "jaraco.functools", "jaraco.itertools", "more-itertools", "p
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.9,<3.13"
-content-hash = "450da57ae7375ff59256f54de76da7e8aad6e2f531cd6614bfc5f59d6489c9ef"
+content-hash = "24b6e8ba903396ba407a9097e0e0fb6610bda84411e8f6f4902c3841762f17f3"

prowler/__main__.py

@@ -37,20 +37,23 @@ from prowler.lib.check.custom_checks_metadata import (
 from prowler.lib.cli.parser import ProwlerArgumentParser
 from prowler.lib.logger import logger, set_logging_config
 from prowler.lib.outputs.compliance.compliance import display_compliance_table
-from prowler.lib.outputs.html.html import add_html_footer, fill_html_overview_statistics
 from prowler.lib.outputs.json.json import close_json
 from prowler.lib.outputs.outputs import extract_findings_statistics
-from prowler.lib.outputs.security_hub.security_hub import SecurityHub
-from prowler.lib.outputs.slack.slack import Slack
+from prowler.lib.outputs.slack import send_slack_message
 from prowler.lib.outputs.summary_table import display_summary_table
 from prowler.providers.aws.lib.s3.s3 import send_to_s3_bucket
-from prowler.providers.common.provider import Provider
+from prowler.providers.aws.lib.security_hub.security_hub import (
+    batch_send_to_security_hub,
+    prepare_security_hub_findings,
+    resolve_security_hub_previous_findings,
+    verify_security_hub_integration_enabled_per_region,
+)
+from prowler.providers.common.common import set_global_provider_object
 from prowler.providers.common.quick_inventory import run_provider_quick_inventory
 
 
 def prowler():
     # Parse Arguments
-    # Refactor(CLI)
     parser = ProwlerArgumentParser()
     args = parser.parse()
 
@@ -84,8 +87,7 @@ def prowler():
     )
 
     if not args.no_banner:
-        legend = args.verbose or getattr(args, "fixer", None)
-        print_banner(legend)
+        print_banner(args.verbose, getattr(args, "fixer", None))
 
     # We treat the compliance framework as another output format
     if compliance_framework:
@@ -122,7 +124,6 @@ def prowler():
     bulk_checks_metadata = update_checks_metadata_with_compliance(
         bulk_compliance_frameworks, bulk_checks_metadata
     )
-
     # Update checks metadata if the --custom-checks-metadata-file is present
     custom_checks_metadata = None
     if custom_checks_metadata_file:
@@ -166,8 +167,7 @@ def prowler():
         sys.exit()
 
     # Provider to scan
-    Provider.set_global_provider(args)
-    global_provider = Provider.get_global_provider()
+    global_provider = set_global_provider_object(args)
 
     # Print Provider Credentials
     if not args.only_logs:
@@ -215,6 +215,7 @@ def prowler():
             checks_to_execute,
             global_provider,
             custom_checks_metadata,
+            global_provider.mutelist_file_path,
             args.config_file,
         )
     else:
@@ -244,24 +245,16 @@ def prowler():
     stats = extract_findings_statistics(findings)
 
     if args.slack:
-        # TODO: this should be also in a config file
-        if "SLACK_API_TOKEN" in environ and (
-            "SLACK_CHANNEL_NAME" in environ or "SLACK_CHANNEL_ID" in environ
-        ):
-
-            token = environ["SLACK_API_TOKEN"]
-            channel = (
-                environ["SLACK_CHANNEL_NAME"]
-                if "SLACK_CHANNEL_NAME" in environ
-                else environ["SLACK_CHANNEL_ID"]
+        if "SLACK_API_TOKEN" in environ and "SLACK_CHANNEL_ID" in environ:
+            _ = send_slack_message(
+                environ["SLACK_API_TOKEN"],
+                environ["SLACK_CHANNEL_ID"],
+                stats,
+                global_provider,
             )
-            prowler_args = " ".join(sys.argv[1:])
-            slack = Slack(token, channel, global_provider)
-            _ = slack.send(stats, prowler_args)
         else:
-            # Refactor(CLI)
             logger.critical(
-                "Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_NAME environment variables (see more in https://docs.prowler.cloud/en/latest/tutorials/integrations/#slack)."
+                "Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_ID environment variables (see more in https://docs.prowler.cloud/en/latest/tutorials/integrations/#slack)."
             )
             sys.exit(1)
 
@@ -271,21 +264,10 @@ def prowler():
             if "json" in mode:
                 close_json(
                     global_provider.output_options.output_filename,
-                    global_provider.output_options.output_directory,
+                    args.output_directory,
                     mode,
                 )
 
-            if "html" in mode:
-                add_html_footer(
-                    global_provider.output_options.output_filename,
-                    global_provider.output_options.output_directory,
-                )
-                fill_html_overview_statistics(
-                    stats,
-                    global_provider.output_options.output_filename,
-                    global_provider.output_options.output_directory,
-                )
-
             # Send output to S3 if needed (-B / -D)
             if provider == "aws" and (
                 args.output_bucket or args.output_bucket_no_assume
@@ -316,43 +298,42 @@ def prowler():
             if not global_provider.identity.audited_regions
             else global_provider.identity.audited_regions
         )
-        security_hub = SecurityHub(global_provider)
-
         for region in security_hub_regions:
             # Save the regions where AWS Security Hub is enabled
-            if security_hub.verify_security_hub_integration_enabled_per_region(
+            if verify_security_hub_integration_enabled_per_region(
+                global_provider.identity.partition,
                 region,
+                global_provider.session.current_session,
+                global_provider.identity.account,
             ):
                 aws_security_enabled_regions.append(region)
 
         # Prepare the findings to be sent to Security Hub
-        security_hub_findings_per_region = security_hub.prepare_security_hub_findings(
+        security_hub_findings_per_region = prepare_security_hub_findings(
             findings,
+            global_provider,
+            global_provider.output_options,
             aws_security_enabled_regions,
         )
 
         # Send the findings to Security Hub
-        findings_sent_to_security_hub = security_hub.batch_send_to_security_hub(
-            security_hub_findings_per_region
+        findings_sent_to_security_hub = batch_send_to_security_hub(
+            security_hub_findings_per_region, global_provider.session.current_session
         )
 
-        # Refactor(CLI)
         print(
             f"{Style.BRIGHT}{Fore.GREEN}\n{findings_sent_to_security_hub} findings sent to AWS Security Hub!{Style.RESET_ALL}"
         )
 
         # Resolve previous fails of Security Hub
         if not args.skip_sh_update:
-            # Refactor(CLI)
             print(
                 f"{Style.BRIGHT}\nArchiving previous findings in AWS Security Hub, please wait...{Style.RESET_ALL}"
             )
-            findings_archived_in_security_hub = (
-                security_hub.resolve_security_hub_previous_findings(
-                    security_hub_findings_per_region,
-                )
+            findings_archived_in_security_hub = resolve_security_hub_previous_findings(
+                security_hub_findings_per_region,
+                global_provider,
             )
-            # Refactor(CLI)
             print(
                 f"{Style.BRIGHT}{Fore.GREEN}\n{findings_archived_in_security_hub} findings archived in AWS Security Hub!{Style.RESET_ALL}"
             )

prowler/compliance/aws/aws_foundational_technical_review_aws.json

@@ -363,7 +363,7 @@
       "Checks": [
         "ec2_ami_public",
         "ec2_instance_public_ip",
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",

prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json

@@ -236,7 +236,6 @@
         "awslambda_function_no_secrets_in_variables",
         "cloudformation_stack_outputs_find_secrets",
         "ec2_instance_secrets_user_data",
-        "ec2_launch_template_no_secrets",
         "ecs_task_definitions_no_environment_secrets",
         "ssm_document_secrets"
       ]
@@ -720,7 +719,7 @@
         "ec2_networkacl_allow_ingress_any_port",
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",

prowler/compliance/aws/cis_1.4_aws.json

@@ -1168,7 +1168,7 @@
       "Id": "5.2",
       "Description": "Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],

prowler/compliance/aws/cis_1.5_aws.json

@@ -1252,7 +1252,7 @@
       "Id": "5.2",
       "Description": "Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],
@@ -1275,7 +1275,7 @@
       "Id": "5.3",
       "Description": "Ensure no security groups allow ingress from ::/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],

prowler/compliance/aws/cis_2.0_aws.json

@@ -1250,7 +1250,7 @@
       "Id": "5.2",
       "Description": "Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],
@@ -1273,7 +1273,7 @@
       "Id": "5.3",
       "Description": "Ensure no security groups allow ingress from ::/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],

prowler/compliance/aws/cis_3.0_aws.json

@@ -1208,7 +1208,7 @@
       "Id": "5.2",
       "Description": "Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],
@@ -1231,7 +1231,7 @@
       "Id": "5.3",
       "Description": "Ensure no security groups allow ingress from ::/0 to remote server administration ports",
       "Checks": [
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389"
       ],

prowler/compliance/aws/cisa_aws.json

@@ -134,7 +134,7 @@
         "vpc_endpoint_connections_trust_boundaries",
         "ec2_securitygroup_default_restrict_traffic",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports"
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port"
       ]
     },
     {
@@ -297,7 +297,7 @@
         "vpc_flow_logs_enabled",
         "ec2_networkacl_allow_ingress_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
-        "ec2_securitygroup_allow_ingress_from_internet_to_all_ports"
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port"
       ]
     },
     {