feat: add auth_method and partition information

feat: allow users to download exports
feat: render a button to download the exports
2026-03-30 03:49:48 +00:00 · 2025-02-19 11:29:42 +01:00 · 2025-02-19 10:40:12 +01:00 · 2025-02-19 10:40:12 +01:00 · 2025-02-19 10:40:11 +01:00 · 2025-02-18 16:22:56 +01:00
1132 changed files with 21769 additions and 148491 deletions
--- a/.env
+++ b/.env
@@ -3,8 +3,8 @@
 # For production, it is recommended to use a secure method to store these variables and change the default secret keys.

 #### Prowler UI Configuration ####
-PROWLER_UI_VERSION="stable"
-AUTH_URL=http://localhost:3000
+PROWLER_UI_VERSION="latest"
+SITE_URL=http://localhost:3000
 API_BASE_URL=http://prowler-api:8080/api/v1
 NEXT_PUBLIC_API_DOCS_URL=http://prowler-api:8080/api/v1/docs
 AUTH_TRUST_HOST=true
@@ -32,27 +32,27 @@ VALKEY_DB=0

 # API scan settings

-# The path to the directory where scan output should be stored
+# The path to the directory where scan artifacts should be stored
 DJANGO_TMP_OUTPUT_DIRECTORY = "/tmp/prowler_api_output"

 # The maximum number of findings to process in a single batch
 DJANGO_FINDINGS_BATCH_SIZE = 1000

-# The AWS access key to be used when uploading scan output to an S3 bucket
+# The AWS access key to be used when uploading scan artifacts to an S3 bucket
 # If left empty, default AWS credentials resolution behavior will be used
-DJANGO_OUTPUT_S3_AWS_ACCESS_KEY_ID=""
+DJANGO_ARTIFACTS_AWS_ACCESS_KEY_ID=""

-# The AWS secret key to be used when uploading scan output to an S3 bucket
-DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY=""
+# The AWS secret key to be used when uploading scan artifacts to an S3 bucket
+DJANGO_ARTIFACTS_AWS_SECRET_ACCESS_KEY=""

 # An optional AWS session token
-DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN=""
+DJANGO_ARTIFACTS_AWS_SESSION_TOKEN=""

 # The AWS region where your S3 bucket is located (e.g., "us-east-1")
-DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION=""
+DJANGO_ARTIFACTS_AWS_DEFAULT_REGION=""

-# The name of the S3 bucket where scan output should be stored
-DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET=""
+# The name of the S3 bucket where scan artifacts should be stored
+DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET=""

 # Django settings
 DJANGO_ALLOWED_HOSTS=localhost,127.0.0.1,prowler-api
@@ -116,11 +116,3 @@ jQIDAQAB
 # openssl rand -base64 32
 DJANGO_SECRETS_ENCRYPTION_KEY="oE/ltOhp/n1TdbHjVmzcjDPLcLA41CVI/4Rk+UB5ESc="
 DJANGO_BROKER_VISIBILITY_TIMEOUT=86400
-DJANGO_SENTRY_DSN=
-
-# Sentry settings
-SENTRY_ENVIRONMENT=local
-SENTRY_RELEASE=local
-
-#### Prowler release version ####
-NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v5.5.0
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -92,13 +92,3 @@ component/api:
 component/ui:
  - changed-files:
      - any-glob-to-any-file: "ui/**"
-
-compliance:
-  - changed-files:
-      - any-glob-to-any-file: "prowler/compliance/**"
-      - any-glob-to-any-file: "prowler/lib/outputs/compliance/**"
-      - any-glob-to-any-file: "tests/lib/outputs/compliance/**"
-
-review-django-migrations:
-  - changed-files:
-      - any-glob-to-any-file: "api/src/backend/api/migrations/**"
--- a/.github/workflows/api-build-lint-push-containers.yml
+++ b/.github/workflows/api-build-lint-push-containers.yml
@@ -61,7 +61,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4

      - name: Set short git commit SHA
        id: vars
@@ -70,18 +70,18 @@ jobs:
          echo "SHORT_SHA=${shortSha}" >> $GITHUB_ENV

      - name: Login to DockerHub
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3

      - name: Build and push container image (latest)
        # Comment the following line for testing
        if: github.event_name == 'push'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          # Set push: false for testing
@@ -94,7 +94,7 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          push: true
@@ -103,12 +103,3 @@ jobs:
            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.STABLE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
-
-      - name: Trigger deployment
-        if: github.event_name == 'push'
-        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
-        with:
-          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
-          repository: ${{ secrets.CLOUD_DISPATCH }}
-          event-type: prowler-api-deploy
-          client-payload: '{"sha": "${{ github.sha }}", "short_sha": "${{ env.SHORT_SHA }}"}'
--- a/.github/workflows/api-codeql.yml
+++ b/.github/workflows/api-codeql.yml
@@ -44,16 +44,16 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@v4

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/api-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/analyze@v3
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/api-pull-request.yml
+++ b/.github/workflows/api-pull-request.yml
@@ -71,11 +71,11 @@ jobs:
          --health-retries 5

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
+        uses: tj-actions/changed-files@v45
        with:
          files: api/**
          files_ignore: |
@@ -90,11 +90,11 @@ jobs:
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==2.1.1
+          pipx install poetry==1.8.5

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
@@ -103,7 +103,7 @@ jobs:
        working-directory: ./api
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry install --no-root
+          poetry install
          poetry run pip list
          VERSION=$(curl --silent "https://api.github.com/repos/hadolint/hadolint/releases/latest" | \
            grep '"tag_name":' | \
@@ -167,7 +167,7 @@ jobs:

      - name: Upload coverage reports to Codecov
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@v5
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
        with:
@@ -175,11 +175,11 @@ jobs:
  test-container-build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3
      - name: Build Container
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.API_WORKING_DIR }}
          push: false
--- a/.github/workflows/backport.yml
+++ b/.github/workflows/backport.yml
@@ -23,7 +23,7 @@ jobs:
    steps:
      - name: Check labels
        id: preview_label_check
-        uses: agilepathway/label-checker@c3d16ad512e7cea5961df85ff2486bb774caf3c5 # v1.6.65
+        uses: docker://agilepathway/pull-request-label-checker:v1.6.55
        with:
          allow_failure: true
          prefix_mode: true
@@ -33,7 +33,7 @@ jobs:

      - name: Backport Action
        if: steps.preview_label_check.outputs.label_check == 'success'
-        uses: sorenlouv/backport-github-action@ad888e978060bc1b2798690dd9d03c4036560947 # v9.5.1
+        uses: sorenlouv/backport-github-action@v9.5.1
        with:
          github_token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          auto_backport_label_prefix: ${{ env.BACKPORT_LABEL_PREFIX }}
--- a/.github/workflows/build-documentation-on-pr.yml
+++ b/.github/workflows/build-documentation-on-pr.yml
@@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Leave PR comment with the Prowler Documentation URI
-        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
+        uses: peter-evans/create-or-update-comment@v4
        with:
          issue-number: ${{ env.PR_NUMBER }}
          body: |
--- a/.github/workflows/conventional-commit.yml
+++ b/.github/workflows/conventional-commit.yml
@@ -1,23 +0,0 @@
-name: Prowler - Conventional Commit
-
-on:
-  pull_request:
-    types:
-      - "opened"
-      - "edited"
-      - "synchronize"
-    branches:
-      - "master"
-      - "v3"
-      - "v4.*"
-      - "v5.*"
-
-jobs:
-  conventional-commit-check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: conventional-commit-check
-        id: conventional-commit-check
-        uses: agenthunt/conventional-commit-checker-action@9e552d650d0e205553ec7792d447929fc78e012b # v2.0.0
-        with:
-            pr-title-regex: '^([^\s(]+)(?:\(([^)]+)\))?: (.+)'
--- a/.github/workflows/find-secrets.yml
+++ b/.github/workflows/find-secrets.yml
@@ -7,11 +7,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@12164e38f0f1b673ab0594c7d94daf71b0be6823 # v3.88.17
+        uses: trufflesecurity/trufflehog@v3.88.9
        with:
          path: ./
          base: ${{ github.event.repository.default_branch }}
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -14,4 +14,4 @@ jobs:
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
+    - uses: actions/labeler@v5
--- a/.github/workflows/sdk-build-lint-push-containers.yml
+++ b/.github/workflows/sdk-build-lint-push-containers.yml
@@ -59,10 +59,10 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4

      - name: Setup Python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}

@@ -108,13 +108,13 @@ jobs:
          esac

      - name: Login to DockerHub
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Public ECR
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@v3
        with:
          registry: public.ecr.aws
          username: ${{ secrets.PUBLIC_ECR_AWS_ACCESS_KEY_ID }}
@@ -123,11 +123,11 @@ jobs:
          AWS_REGION: ${{ env.AWS_REGION }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3

      - name: Build and push container image (latest)
        if: github.event_name == 'push'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          push: true
          tags: |
@@ -140,7 +140,7 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          # Use local context to get changes
          # https://github.com/docker/build-push-action#path-context
--- a/.github/workflows/sdk-codeql.yml
+++ b/.github/workflows/sdk-codeql.yml
@@ -50,16 +50,16 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@v4

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/sdk-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/analyze@v3
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/sdk-pull-request.yml
+++ b/.github/workflows/sdk-pull-request.yml
@@ -21,11 +21,11 @@ jobs:
        python-version: ["3.9", "3.10", "3.11", "3.12"]

    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
+        uses: tj-actions/changed-files@v45
        with:
          files: ./**
          files_ignore: |
@@ -39,18 +39,16 @@ jobs:
            .backportrc.json
            .env
            docker-compose*
-            examples/**
-            .gitignore

      - name: Install poetry
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==2.1.1
+          pipx install poetry==1.8.5

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
@@ -58,7 +56,7 @@ jobs:
      - name: Install dependencies
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry install --no-root
+          poetry install
          poetry run pip list
          VERSION=$(curl --silent "https://api.github.com/repos/hadolint/hadolint/releases/latest" | \
            grep '"tag_name":' | \
@@ -113,7 +111,7 @@ jobs:

      - name: Upload coverage reports to Codecov
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@v5
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
        with:
--- a/.github/workflows/sdk-pypi-release.yml
+++ b/.github/workflows/sdk-pypi-release.yml
@@ -64,14 +64,14 @@ jobs:
              ;;
          esac

-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4

      - name: Install dependencies
        run: |
          pipx install poetry==1.8.5

      - name: Setup Python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
          cache: ${{ env.CACHE }}
--- a/.github/workflows/sdk-refresh-aws-services-regions.yml
+++ b/.github/workflows/sdk-refresh-aws-services-regions.yml
@@ -23,12 +23,12 @@ jobs:
    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4
        with:
          ref: ${{ env.GITHUB_BRANCH }}

      - name: setup python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@v5
        with:
          python-version: 3.9 #install the python needed

@@ -38,7 +38,7 @@ jobs:
          pip install boto3

      - name: Configure AWS Credentials -- DEV
-        uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
+        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: ${{ env.AWS_REGION_DEV }}
          role-to-assume: ${{ secrets.DEV_IAM_ROLE_ARN }}
@@ -50,7 +50,7 @@ jobs:

      # Create pull request
      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        uses: peter-evans/create-pull-request@v7
        with:
          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          commit-message: "feat(regions_update): Update regions for AWS services"
--- a/.github/workflows/ui-build-lint-push-containers.yml
+++ b/.github/workflows/ui-build-lint-push-containers.yml
@@ -61,7 +61,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4

      - name: Set short git commit SHA
        id: vars
@@ -70,22 +70,20 @@ jobs:
          echo "SHORT_SHA=${shortSha}" >> $GITHUB_ENV

      - name: Login to DockerHub
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3

      - name: Build and push container image (latest)
        # Comment the following line for testing
        if: github.event_name == 'push'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.WORKING_DIRECTORY }}
-          build-args: |
-            NEXT_PUBLIC_PROWLER_RELEASE_VERSION=${{ env.SHORT_SHA }}
          # Set push: false for testing
          push: true
          tags: |
@@ -96,23 +94,12 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.WORKING_DIRECTORY }}
-          build-args: |
-            NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v${{ env.RELEASE_TAG }}
          push: true
          tags: |
            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.RELEASE_TAG }}
            ${{ env.PROWLERCLOUD_DOCKERHUB_REPOSITORY }}/${{ env.PROWLERCLOUD_DOCKERHUB_IMAGE }}:${{ env.STABLE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
-
-      - name: Trigger deployment
-        if: github.event_name == 'push'
-        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
-        with:
-          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
-          repository: ${{ secrets.CLOUD_DISPATCH }}
-          event-type: prowler-ui-deploy
-          client-payload: '{"sha": "${{ github.sha }}", "short_sha": "${{ env.SHORT_SHA }}"}'
--- a/.github/workflows/ui-codeql.yml
+++ b/.github/workflows/ui-codeql.yml
@@ -44,16 +44,16 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
          config-file: ./.github/codeql/ui-codeql-config.yml

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+        uses: github/codeql-action/analyze@v3
        with:
          category: "/language:${{matrix.language}}"
--- a/.github/workflows/ui-pull-request.yml
+++ b/.github/workflows/ui-pull-request.yml
@@ -27,11 +27,11 @@ jobs:
        node-version: [20.x]
    steps:
      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@v4
        with:
          persist-credentials: false
      - name: Setup Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
+        uses: actions/setup-node@v4
        with:
          node-version: ${{ matrix.node-version }}
      - name: Install dependencies
@@ -46,11 +46,11 @@ jobs:
  test-container-build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@v4
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+        uses: docker/setup-buildx-action@v3
      - name: Build Container
-        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
+        uses: docker/build-push-action@v6
        with:
          context: ${{ env.UI_WORKING_DIR }}
          # Always build using `prod` target
--- a/.gitignore
+++ b/.gitignore
@@ -31,7 +31,7 @@ tags
 *.DS_Store

 # Prowler output
-/output
+output/

 # Prowler found secrets
 secrets-*/
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -59,7 +59,7 @@ repos:
        args: ["--ignore=E266,W503,E203,E501,W605"]

  - repo: https://github.com/python-poetry/poetry
-    rev: 2.1.1
+    rev: 1.8.0
    hooks:
      - id: poetry-check
        name: API - poetry-check
@@ -68,7 +68,7 @@ repos:

      - id: poetry-lock
        name: API - poetry-lock
-        args: ["--directory=./api"]
+        args: ["--no-update", "--directory=./api"]
        pass_filenames: false

      - id: poetry-check
@@ -78,7 +78,7 @@ repos:

      - id: poetry-lock
        name: SDK - poetry-lock
-        args: ["--directory=./"]
+        args: ["--no-update", "--directory=./"]
        pass_filenames: false


--- a/26
+++ b/26
@@ -1,10 +1,10 @@
-FROM python:3.12.9-alpine3.20
+FROM python:3.12.8-alpine3.20

 LABEL maintainer="https://github.com/prowler-cloud/prowler"

 # Update system dependencies and install essential tools
 #hadolint ignore=DL3018
-RUN apk --no-cache upgrade && apk --no-cache add curl git gcc python3-dev musl-dev linux-headers
+RUN apk --no-cache upgrade && apk --no-cache add curl git

 # Create non-root user
 RUN mkdir -p /home/prowler && \
@@ -18,25 +18,21 @@ WORKDIR /home/prowler
 COPY prowler/  /home/prowler/prowler/
 COPY dashboard/ /home/prowler/dashboard/
 COPY pyproject.toml /home/prowler
-COPY README.md /home/prowler/
+COPY README.md /home/prowler

 # Install Python dependencies
 ENV HOME='/home/prowler'
-ENV PATH="${HOME}/.local/bin:${PATH}"
-#hadolint ignore=DL3013
-RUN pip install --no-cache-dir --upgrade pip && \
-    pip install --no-cache-dir poetry
-
-# By default poetry does not compile Python source files to bytecode during installation.
-# This speeds up the installation process, but the first execution may take a little more
-# time because Python then compiles source files to bytecode automatically. If you want to
-# compile source files to bytecode during installation, you can use the --compile option
-RUN poetry install --compile && \
-    rm -rf ~/.cache/pip
+ENV PATH="$HOME/.local/bin:$PATH"
+RUN pip install --no-cache-dir --upgrade pip setuptools wheel && \
+    pip install --no-cache-dir .

 # Remove deprecated dash dependencies
 RUN pip uninstall dash-html-components -y && \
    pip uninstall dash-core-components -y

+# Remove Prowler directory and build files
+USER 0
+RUN rm -rf /home/prowler/prowler /home/prowler/pyproject.toml /home/prowler/README.md /home/prowler/build /home/prowler/prowler.egg-info
+
 USER prowler
-ENTRYPOINT ["poetry", "run", "prowler"]
+ENTRYPOINT ["prowler"]
--- a/README.md
+++ b/README.md
@@ -71,10 +71,10 @@ It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, Fe

 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
-| AWS | 564 | 82 | 33 | 10 |
-| GCP | 77 | 13 | 6 | 3 |
-| Azure | 140 | 18 | 7 | 3 |
-| Kubernetes | 83 | 7 | 4 | 7 |
+| AWS | 564 | 82 | 30 | 10 |
+| GCP | 77 | 13 | 4 | 3 |
+| Azure | 140 | 18 | 5 | 3 |
+| Kubernetes | 83 | 7 | 2 | 7 |
 | Microsoft365 | 5 | 2 | 1 | 0 |

 > You can list the checks, services, compliance frameworks and categories with `prowler <provider> --list-checks`, `prowler <provider> --list-services`, `prowler <provider> --list-compliance` and `prowler <provider> --list-categories`.
@@ -109,7 +109,7 @@ docker compose up -d
 **Requirements**

 * `git` installed.
-* `poetry` v2 installed: [poetry installation](https://python-poetry.org/docs/#installation).
+* `poetry` installed: [poetry installation](https://python-poetry.org/docs/#installation).
 * `npm` installed: [npm installation](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm).
 * `Docker Compose` installed: https://docs.docker.com/compose/install/.

@@ -119,7 +119,7 @@ docker compose up -d
 git clone https://github.com/prowler-cloud/prowler
 cd prowler/api
 poetry install
-eval $(poetry env activate)
+poetry shell
 set -a
 source .env
 docker compose up postgres valkey -d
@@ -127,11 +127,6 @@ cd src/backend
 python manage.py migrate --database admin
 gunicorn -c config/guniconf.py config.wsgi:application
 ```
-> [!IMPORTANT]
-> Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
->
-> If your poetry version is below 2.0.0 you must keep using `poetry shell` to activate your environment.
-> In case you have any doubts, consult the Poetry environment activation guide: https://python-poetry.org/docs/managing-environments/#activating-the-environment

 > Now, you can access the API documentation at http://localhost:8080/api/v1/docs.

@@ -141,7 +136,7 @@ gunicorn -c config/guniconf.py config.wsgi:application
 git clone https://github.com/prowler-cloud/prowler
 cd prowler/api
 poetry install
-eval $(poetry env activate)
+poetry shell
 set -a
 source .env
 cd src/backend
@@ -154,7 +149,7 @@ python -m celery -A config.celery worker -l info -E
 git clone https://github.com/prowler-cloud/prowler
 cd prowler/api
 poetry install
-eval $(poetry env activate)
+poetry shell
 set -a
 source .env
 cd src/backend
@@ -175,7 +170,7 @@ npm start

 ## Prowler CLI
 ### Pip package
-Prowler CLI is available as a project in [PyPI](https://pypi.org/project/prowler-cloud/), thus can be installed using pip with Python > 3.9.1, < 3.13:
+Prowler CLI is available as a project in [PyPI](https://pypi.org/project/prowler-cloud/), thus can be installed using pip with Python >= 3.9, < 3.13:

 ```console
 pip install prowler
@@ -205,21 +200,15 @@ The container images are available here:

 ### From GitHub

-Python > 3.9.1, < 3.13 is required with pip and poetry:
+Python >= 3.9, < 3.13 is required with pip and poetry:

 ``` console
 git clone https://github.com/prowler-cloud/prowler
 cd prowler
-eval $(poetry env activate)
+poetry shell
 poetry install
 python prowler.py -v
 ```
-> [!IMPORTANT]
-> Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
->
-> If your poetry version is below 2.0.0 you must keep using `poetry shell` to activate your environment.
-> In case you have any doubts, consult the Poetry environment activation guide: https://python-poetry.org/docs/managing-environments/#activating-the-environment
-
 > If you want to clone Prowler from Windows, use `git config core.longpaths true` to allow long file paths.
 # 📐✏️ High level architecture

--- a/api/.env.example
+++ b/api/.env.example
@@ -23,7 +23,6 @@ DJANGO_SECRETS_ENCRYPTION_KEY=""
 DJANGO_MANAGE_DB_PARTITIONS=[True|False]
 DJANGO_CELERY_DEADLOCK_ATTEMPTS=5
 DJANGO_BROKER_VISIBILITY_TIMEOUT=86400
-DJANGO_SENTRY_DSN=

 # PostgreSQL settings
 # If running django and celery on host, use 'localhost', else use 'postgres-db'
@@ -41,10 +40,6 @@ VALKEY_HOST=[localhost|valkey]
 VALKEY_PORT=6379
 VALKEY_DB=0

-# Sentry settings
-SENTRY_ENVIRONMENT=local
-SENTRY_RELEASE=local
-
 # Social login credentials
 DJANGO_GOOGLE_OAUTH_CLIENT_ID=""
 DJANGO_GOOGLE_OAUTH_CLIENT_SECRET=""
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -4,40 +4,26 @@ All notable changes to the **Prowler API** are documented in this file.

 ---

-## [v1.6.0] (Prowler UNRELEASED)
-
-### Added
-
- Support for developing new integrations [(#7167)](https://github.com/prowler-cloud/prowler/pull/7167).
-
---
-
-## [v1.5.1] (Prowler v5.4.1)
-
-### Fixed
- Added a handled response in case local files are missing [(#7183)](https://github.com/prowler-cloud/prowler/pull/7183).
- Fixed a race condition when deleting export files after the S3 upload [(#7172)](https://github.com/prowler-cloud/prowler/pull/7172).
-
---
-
-## [v1.5.0] (Prowler v5.4.0)
+## [v1.5.0] (Prowler UNRELEASED)

 ### Added
 - Social login integration with Google and GitHub [(#6906)](https://github.com/prowler-cloud/prowler/pull/6906)
- Add API scan report system, now all scans launched from the API will generate a compressed file with the report in OCSF, CSV and HTML formats [(#6878)](https://github.com/prowler-cloud/prowler/pull/6878).
- Configurable Sentry integration [(#6874)](https://github.com/prowler-cloud/prowler/pull/6874)
-
-### Changed
- Optimized `GET /findings` endpoint to improve response time and size [(#7019)](https://github.com/prowler-cloud/prowler/pull/7019).

 ---

-## [v1.4.0] (Prowler v5.3.0)
+## [v1.5.0] (Prowler v5.4.0) - 2025-XX-XX
+
+### Added
+- Add API scan report system, now all scans launched from the API will generate a compressed file with the report in OCSF, CSV and HTML formats [(#6878)](https://github.com/prowler-cloud/prowler/pull/6878).
+
+---
+
+## [v1.4.0] (Prowler v5.3.0) - 2025-02-10

 ### Changed
 - Daily scheduled scan instances are now created beforehand with `SCHEDULED` state [(#6700)](https://github.com/prowler-cloud/prowler/pull/6700).
 - Findings endpoints now require at least one date filter [(#6800)](https://github.com/prowler-cloud/prowler/pull/6800).
 - Findings metadata endpoint received a performance improvement [(#6863)](https://github.com/prowler-cloud/prowler/pull/6863).
- Increased the allowed length of the provider UID for Kubernetes providers [(#6869)](https://github.com/prowler-cloud/prowler/pull/6869).
+- Increase the allowed length of the provider UID for Kubernetes providers [(#6869)](https://github.com/prowler-cloud/prowler/pull/6869).

 ---
--- a/api/Dockerfile
+++ b/api/Dockerfile
@@ -21,8 +21,7 @@ COPY src/backend/  ./backend/

 ENV PATH="/home/prowler/.local/bin:$PATH"

-# Add `--no-root` to avoid installing the current project as a package
-RUN poetry install --no-root && \
+RUN poetry install && \
    rm -rf ~/.cache/pip

 COPY docker-entrypoint.sh ./docker-entrypoint.sh
--- a/api/README.md
+++ b/api/README.md
@@ -269,66 +269,3 @@ poetry shell
 cd src/backend
 pytest
 ```
-
-# Custom commands
-
-Django provides a way to create custom commands that can be run from the command line.
-
-> These commands can be found in: ```prowler/api/src/backend/api/management/commands```
-
-To run a custom command, you need to be in the `prowler/api/src/backend` directory and run:
-
-```console
-poetry shell
-python manage.py <command_name>
-```
-
-## Generate dummy data
-
-```console
-python manage.py findings --tenant
-<TENANT_ID> --findings <NUM_FINDINGS> --re
-sources <NUM_RESOURCES> --batch <TRANSACTION_BATCH_SIZE> --alias <ALIAS>
-```
-
-This command creates, for a given tenant, a provider, scan and a set of findings and resources related altogether.
-
-> Scan progress and state are updated in real time.
-> - 0-33%: Create resources.
-> - 33-66%: Create findings.
-> - 66%: Create resource-finding mapping.
->
-> The last step is required to access the findings details, since the UI needs that to print all the information.
-
-### Example
-
-```console
-~/backend $ poetry run python manage.py findings --tenant
-fffb1893-3fc7-4623-a5d9-fae47da1c528 --findings 25000 --re
-sources 1000 --batch 5000 --alias test-script
-
-Starting data population
-	Tenant: fffb1893-3fc7-4623-a5d9-fae47da1c528
-	Alias: test-script
-	Resources: 1000
-	Findings: 25000
-	Batch size: 5000
-
-
-Creating resources...
-100%|███████████████████████| 1/1 [00:00<00:00,  7.72it/s]
-Resources created successfully.
-
-
-Creating findings...
-100%|███████████████████████| 5/5 [00:05<00:00,  1.09s/it]
-Findings created successfully.
-
-
-Creating resource-finding mappings...
-100%|███████████████████████| 5/5 [00:02<00:00,  1.81it/s]
-Resource-finding mappings created successfully.
-
-
-Successfully populated test data.
-```
--- a/api/docker-entrypoint.sh
+++ b/api/docker-entrypoint.sh
@@ -28,7 +28,7 @@ start_prod_server() {

 start_worker() {
  echo "Starting the worker..."
-  poetry run python -m celery -A config.celery worker -l "${DJANGO_LOGGING_LEVEL:-info}" -Q celery,scans,scan-reports,deletion -E --max-tasks-per-child 1
+  poetry run python -m celery -A config.celery worker -l "${DJANGO_LOGGING_LEVEL:-info}" -Q celery,scans -E --max-tasks-per-child 1
 }

 start_worker_beat() {
--- a/api/poetry.lock
+++ b/api/poetry.lock
--- a/api/pyproject.toml
+++ b/api/pyproject.toml
@@ -2,42 +2,38 @@
 build-backend = "poetry.core.masonry.api"
 requires = ["poetry-core"]

-[project]
-authors = [{name = "Prowler Engineering", email = "engineering@prowler.com"}]
-dependencies = [
-  "celery[pytest] (>=5.4.0,<6.0.0)",
-  "dj-rest-auth[with_social,jwt] (==7.0.1)",
-  "django==5.1.7",
-  "django-celery-beat (>=2.7.0,<3.0.0)",
-  "django-celery-results (>=2.5.1,<3.0.0)",
-  "django-cors-headers==4.4.0",
-  "django-environ==0.11.2",
-  "django-filter==24.3",
-  "django-guid==3.5.0",
-  "django-postgres-extra (>=2.0.8,<3.0.0)",
-  "djangorestframework==3.15.2",
-  "djangorestframework-jsonapi==7.0.2",
-  "djangorestframework-simplejwt (>=5.3.1,<6.0.0)",
-  "drf-nested-routers (>=0.94.1,<1.0.0)",
-  "drf-spectacular==0.27.2",
-  "drf-spectacular-jsonapi==0.5.1",
-  "gunicorn==23.0.0",
-  "prowler @ git+https://github.com/prowler-cloud/prowler.git@master",
-  "psycopg2-binary==2.9.9",
-  "pytest-celery[redis] (>=1.0.1,<2.0.0)",
-  "sentry-sdk[django] (>=2.20.0,<3.0.0)",
-  "uuid6==2024.7.10"
-]
+[tool.poetry]
+authors = ["Prowler Team"]
 description = "Prowler's API (Django/DRF)"
 license = "Apache-2.0"
 name = "prowler-api"
 package-mode = false
-# Needed for the SDK compatibility
-requires-python = ">=3.11,<3.13"
-version = "1.6.0"
+version = "1.5.0"

-[project.scripts]
-celery = "src.backend.config.settings.celery"
+[tool.poetry.dependencies]
+celery = {extras = ["pytest"], version = "^5.4.0"}
+dj-rest-auth = {extras = ["with_social", "jwt"], version = "7.0.1"}
+django = "5.1.5"
+django-celery-beat = "^2.7.0"
+django-celery-results = "^2.5.1"
+django-cors-headers = "4.4.0"
+django-environ = "0.11.2"
+django-filter = "24.3"
+django-guid = "3.5.0"
+django-postgres-extra = "^2.0.8"
+djangorestframework = "3.15.2"
+djangorestframework-jsonapi = "7.0.2"
+djangorestframework-simplejwt = "^5.3.1"
+drf-nested-routers = "^0.94.1"
+drf-spectacular = "0.27.2"
+drf-spectacular-jsonapi = "0.5.1"
+gunicorn = "23.0.0"
+prowler = {git = "https://github.com/prowler-cloud/prowler.git", branch = "PRWLR-5956-Export-Artifacts-only"}
+psycopg2-binary = "2.9.9"
+pytest-celery = {extras = ["redis"], version = "^1.0.1"}
+# Needed for prowler compatibility
+python = ">=3.11,<3.13"
+uuid6 = "2024.7.10"

 [tool.poetry.group.dev.dependencies]
 bandit = "1.7.9"
@@ -55,5 +51,7 @@ pytest-randomly = "3.15.0"
 pytest-xdist = "3.6.1"
 ruff = "0.5.0"
 safety = "3.2.9"
-tqdm = "4.67.1"
 vulture = "2.14"
+
+[tool.poetry.scripts]
+celery = "src.backend.config.settings.celery"
--- a/api/src/backend/api/adapters.py
+++ b/api/src/backend/api/adapters.py
@@ -30,10 +30,6 @@ class ProwlerSocialAccountAdapter(DefaultSocialAccountAdapter):
        with transaction.atomic(using=MainRouter.admin_db):
            user = super().save_user(request, sociallogin, form)
            user.save(using=MainRouter.admin_db)
-            social_account_name = sociallogin.account.extra_data.get("name")
-            if social_account_name:
-                user.name = social_account_name
-                user.save(using=MainRouter.admin_db)

            tenant = Tenant.objects.using(MainRouter.admin_db).create(
                name=f"{user.email.split('@')[0]} default tenant"
--- a/api/src/backend/api/db_utils.py
+++ b/api/src/backend/api/db_utils.py
@@ -318,15 +318,3 @@ class InvitationStateEnum(EnumType):
 class InvitationStateEnumField(PostgresEnumField):
    def __init__(self, *args, **kwargs):
        super().__init__("invitation_state", *args, **kwargs)
-
-
-# Postgres enum definition for Integration type
-
-
-class IntegrationTypeEnum(EnumType):
-    enum_type_name = "integration_type"
-
-
-class IntegrationTypeEnumField(PostgresEnumField):
-    def __init__(self, *args, **kwargs):
-        super().__init__("integration_type", *args, **kwargs)
--- a/api/src/backend/api/filters.py
+++ b/api/src/backend/api/filters.py
@@ -24,7 +24,6 @@ from api.db_utils import (
 from api.models import (
    ComplianceOverview,
    Finding,
-    Integration,
    Invitation,
    Membership,
    PermissionChoices,
@@ -448,7 +447,9 @@ class FindingFilter(FilterSet):
            )

        return (
-            queryset.filter(id__gte=start).filter(id__lt=end).filter(scan_id=value_uuid)
+            queryset.filter(id__gte=start)
+            .filter(id__lt=end)
+            .filter(scan__id=value_uuid)
        )

    def filter_scan_id_in(self, queryset, name, value):
@@ -473,32 +474,31 @@ class FindingFilter(FilterSet):
                ]
            )
        if start == end:
-            return queryset.filter(id__gte=start).filter(scan_id__in=uuid_list)
+            return queryset.filter(id__gte=start).filter(scan__id__in=uuid_list)
        else:
            return (
                queryset.filter(id__gte=start)
                .filter(id__lt=end)
-                .filter(scan_id__in=uuid_list)
+                .filter(scan__id__in=uuid_list)
            )

    def filter_inserted_at(self, queryset, name, value):
-        datetime_value = self.maybe_date_to_datetime(value)
-        start = uuid7_start(datetime_to_uuid7(datetime_value))
-        end = uuid7_start(datetime_to_uuid7(datetime_value + timedelta(days=1)))
+        value = self.maybe_date_to_datetime(value)
+        start = uuid7_start(datetime_to_uuid7(value))

-        return queryset.filter(id__gte=start, id__lt=end)
+        return queryset.filter(id__gte=start).filter(inserted_at__date=value)

    def filter_inserted_at_gte(self, queryset, name, value):
-        datetime_value = self.maybe_date_to_datetime(value)
-        start = uuid7_start(datetime_to_uuid7(datetime_value))
+        value = self.maybe_date_to_datetime(value)
+        start = uuid7_start(datetime_to_uuid7(value))

-        return queryset.filter(id__gte=start)
+        return queryset.filter(id__gte=start).filter(inserted_at__gte=value)

    def filter_inserted_at_lte(self, queryset, name, value):
-        datetime_value = self.maybe_date_to_datetime(value)
-        end = uuid7_start(datetime_to_uuid7(datetime_value + timedelta(days=1)))
+        value = self.maybe_date_to_datetime(value)
+        end = uuid7_start(datetime_to_uuid7(value))

-        return queryset.filter(id__lt=end)
+        return queryset.filter(id__lte=end).filter(inserted_at__lte=value)

    def filter_resource_tag(self, queryset, name, value):
        overall_query = Q()
@@ -649,19 +649,3 @@ class ServiceOverviewFilter(ScanSummaryFilter):
                }
            )
        return super().is_valid()
-
-
-class IntegrationFilter(FilterSet):
-    inserted_at = DateFilter(field_name="inserted_at", lookup_expr="date")
-    integration_type = ChoiceFilter(choices=Integration.IntegrationChoices.choices)
-    integration_type__in = ChoiceInFilter(
-        choices=Integration.IntegrationChoices.choices,
-        field_name="integration_type",
-        lookup_expr="in",
-    )
-
-    class Meta:
-        model = Integration
-        fields = {
-            "inserted_at": ["date", "gte", "lte"],
-        }
--- a/api/src/backend/api/fixtures/dev/2_dev_providers.json
+++ b/api/src/backend/api/fixtures/dev/2_dev_providers.json
@@ -122,22 +122,6 @@
      "scanner_args": {}
    }
  },
-  {
-    "model": "api.provider",
-    "pk": "7791914f-d646-4fe2-b2ed-73f2c6499a36",
-    "fields": {
-      "tenant": "12646005-9067-4d2a-a098-8bb378604362",
-      "inserted_at": "2024-10-18T10:45:26.352Z",
-      "updated_at": "2024-10-18T11:16:23.533Z",
-      "provider": "kubernetes",
-      "uid": "gke_lucky-coast-419309_us-central1_autopilot-cluster-2",
-      "alias": "k8s_testing_2",
-      "connected": true,
-      "connection_last_checked_at": "2024-10-18T11:16:23.503Z",
-      "metadata": {},
-      "scanner_args": {}
-    }
-  },
  {
    "model": "api.providersecret",
    "pk": "11491b47-75ae-4f71-ad8d-3e630a72182e",
--- a/api/src/backend/api/fixtures/dev/3_dev_scans.json
+++ b/api/src/backend/api/fixtures/dev/3_dev_scans.json
@@ -11,7 +11,9 @@
      "unique_resource_count": 1,
      "duration": 5,
      "scanner_args": {
-        "checks_to_execute": ["accessanalyzer_enabled"]
+        "checks_to_execute": [
+          "accessanalyzer_enabled"
+        ]
      },
      "inserted_at": "2024-09-01T17:25:27.050Z",
      "started_at": "2024-09-01T17:25:27.050Z",
@@ -31,7 +33,9 @@
      "unique_resource_count": 1,
      "duration": 20,
      "scanner_args": {
-        "checks_to_execute": ["accessanalyzer_enabled"]
+        "checks_to_execute": [
+          "accessanalyzer_enabled"
+        ]
      },
      "inserted_at": "2024-09-02T17:24:27.050Z",
      "started_at": "2024-09-02T17:24:27.050Z",
@@ -51,7 +55,9 @@
      "unique_resource_count": 10,
      "duration": 10,
      "scanner_args": {
-        "checks_to_execute": ["cloudsql_instance_automated_backups"]
+        "checks_to_execute": [
+          "cloudsql_instance_automated_backups"
+        ]
      },
      "inserted_at": "2024-09-02T19:26:27.050Z",
      "started_at": "2024-09-02T19:26:27.050Z",
@@ -71,7 +77,9 @@
      "unique_resource_count": 1,
      "duration": 35,
      "scanner_args": {
-        "checks_to_execute": ["accessanalyzer_enabled"]
+        "checks_to_execute": [
+          "accessanalyzer_enabled"
+        ]
      },
      "inserted_at": "2024-09-02T19:27:27.050Z",
      "started_at": "2024-09-02T19:27:27.050Z",
@@ -89,7 +97,9 @@
      "name": "test scheduled aws scan",
      "state": "available",
      "scanner_args": {
-        "checks_to_execute": ["cloudformation_stack_outputs_find_secrets"]
+        "checks_to_execute": [
+          "cloudformation_stack_outputs_find_secrets"
+        ]
      },
      "scheduled_at": "2030-09-02T19:20:27.050Z",
      "inserted_at": "2024-09-02T19:24:27.050Z",
@@ -168,7 +178,9 @@
      "unique_resource_count": 19,
      "progress": 100,
      "scanner_args": {
-        "checks_to_execute": ["accessanalyzer_enabled"]
+        "checks_to_execute": [
+          "accessanalyzer_enabled"
+        ]
      },
      "duration": 7,
      "scheduled_at": null,
@@ -178,56 +190,6 @@
      "completed_at": "2024-10-18T10:46:05.127Z"
    }
  },
-  {
-    "model": "api.scan",
-    "pk": "6dd8925f-a52d-48de-a546-d2d90db30ab1",
-    "fields": {
-      "tenant": "12646005-9067-4d2a-a098-8bb378604362",
-      "name": "real scan azure",
-      "provider": "1b59e032-3eb6-4694-93a5-df84cd9b3ce2",
-      "trigger": "manual",
-      "state": "completed",
-      "unique_resource_count": 20,
-      "progress": 100,
-      "scanner_args": {
-        "checks_to_execute": [
-          "accessanalyzer_enabled",
-          "account_security_contact_information_is_registered"
-        ]
-      },
-      "duration": 4,
-      "scheduled_at": null,
-      "inserted_at": "2024-10-18T11:16:21.358Z",
-      "updated_at": "2024-10-18T11:16:26.060Z",
-      "started_at": "2024-10-18T11:16:21.593Z",
-      "completed_at": "2024-10-18T11:16:26.060Z"
-    }
-  },
-  {
-    "model": "api.scan",
-    "pk": "4ca7ce89-3236-41a8-a369-8937bc152af5",
-    "fields": {
-      "tenant": "12646005-9067-4d2a-a098-8bb378604362",
-      "name": "real scan k8s",
-      "provider": "7791914f-d646-4fe2-b2ed-73f2c6499a36",
-      "trigger": "manual",
-      "state": "completed",
-      "unique_resource_count": 20,
-      "progress": 100,
-      "scanner_args": {
-        "checks_to_execute": [
-          "accessanalyzer_enabled",
-          "account_security_contact_information_is_registered"
-        ]
-      },
-      "duration": 4,
-      "scheduled_at": null,
-      "inserted_at": "2024-10-18T11:16:21.358Z",
-      "updated_at": "2024-10-18T11:16:26.060Z",
-      "started_at": "2024-10-18T11:16:21.593Z",
-      "completed_at": "2024-10-18T11:16:26.060Z"
-    }
-  },
  {
    "model": "api.scan",
    "pk": "01929f57-c0ee-7553-be0b-cbde006fb6f7",
--- a/api/src/backend/api/management/commands/findings.py
+++ b/api/src/backend/api/management/commands/findings.py
@@ -1,237 +0,0 @@
-import random
-from datetime import datetime, timezone
-from math import ceil
-from uuid import uuid4
-
-from django.core.management.base import BaseCommand
-from tqdm import tqdm
-
-from api.db_utils import rls_transaction
-from api.models import (
-    Finding,
-    Provider,
-    Resource,
-    ResourceFindingMapping,
-    Scan,
-    StatusChoices,
-)
-from prowler.lib.check.models import CheckMetadata
-
-
-class Command(BaseCommand):
-    help = "Populates the database with test data for performance testing."
-
-    def add_arguments(self, parser):
-        parser.add_argument(
-            "--tenant",
-            type=str,
-            required=True,
-            help="Tenant id for which the data will be populated.",
-        )
-        parser.add_argument(
-            "--resources",
-            type=int,
-            required=True,
-            help="The number of resources to create.",
-        )
-        parser.add_argument(
-            "--findings",
-            type=int,
-            required=True,
-            help="The number of findings to create.",
-        )
-        parser.add_argument(
-            "--batch", type=int, required=True, help="The batch size for bulk creation."
-        )
-        parser.add_argument(
-            "--alias",
-            type=str,
-            required=False,
-            help="Optional alias for the provider and scan",
-        )
-
-    def handle(self, *args, **options):
-        tenant_id = options["tenant"]
-        num_resources = options["resources"]
-        num_findings = options["findings"]
-        batch_size = options["batch"]
-        alias = options["alias"] or "Testing"
-        uid_token = str(uuid4())
-
-        self.stdout.write(self.style.NOTICE("Starting data population"))
-        self.stdout.write(self.style.NOTICE(f"\tTenant: {tenant_id}"))
-        self.stdout.write(self.style.NOTICE(f"\tAlias: {alias}"))
-        self.stdout.write(self.style.NOTICE(f"\tResources: {num_resources}"))
-        self.stdout.write(self.style.NOTICE(f"\tFindings: {num_findings}"))
-        self.stdout.write(self.style.NOTICE(f"\tBatch size: {batch_size}\n\n"))
-
-        # Resource metadata
-        possible_regions = [
-            "us-east-1",
-            "us-east-2",
-            "us-west-1",
-            "us-west-2",
-            "ca-central-1",
-            "eu-central-1",
-            "eu-west-1",
-            "eu-west-2",
-            "eu-west-3",
-            "ap-southeast-1",
-            "ap-southeast-2",
-            "ap-northeast-1",
-            "ap-northeast-2",
-            "ap-south-1",
-            "sa-east-1",
-        ]
-        possible_services = []
-        possible_types = []
-
-        bulk_check_metadata = CheckMetadata.get_bulk(provider="aws")
-        for check_metadata in bulk_check_metadata.values():
-            if check_metadata.ServiceName not in possible_services:
-                possible_services.append(check_metadata.ServiceName)
-            if (
-                check_metadata.ResourceType
-                and check_metadata.ResourceType not in possible_types
-            ):
-                possible_types.append(check_metadata.ResourceType)
-
-        with rls_transaction(tenant_id):
-            provider, _ = Provider.all_objects.get_or_create(
-                tenant_id=tenant_id,
-                provider="aws",
-                connected=True,
-                uid=str(random.randint(100000000000, 999999999999)),
-                defaults={
-                    "alias": alias,
-                },
-            )
-
-        with rls_transaction(tenant_id):
-            scan = Scan.all_objects.create(
-                tenant_id=tenant_id,
-                provider=provider,
-                name=alias,
-                trigger="manual",
-                state="executing",
-                progress=0,
-                started_at=datetime.now(timezone.utc),
-            )
-        scan_state = "completed"
-
-        try:
-            # Create resources
-            resources = []
-
-            for i in range(num_resources):
-                resources.append(
-                    Resource(
-                        tenant_id=tenant_id,
-                        provider_id=provider.id,
-                        uid=f"testing-{uid_token}-{i}",
-                        name=f"Testing {uid_token}-{i}",
-                        region=random.choice(possible_regions),
-                        service=random.choice(possible_services),
-                        type=random.choice(possible_types),
-                    )
-                )
-
-            num_batches = ceil(len(resources) / batch_size)
-            self.stdout.write(self.style.WARNING("Creating resources..."))
-            for i in tqdm(range(0, len(resources), batch_size), total=num_batches):
-                with rls_transaction(tenant_id):
-                    Resource.all_objects.bulk_create(resources[i : i + batch_size])
-            self.stdout.write(self.style.SUCCESS("Resources created successfully.\n\n"))
-
-            with rls_transaction(tenant_id):
-                scan.progress = 33
-                scan.save()
-
-            # Create Findings
-            findings = []
-            possible_deltas = ["new", "changed", None]
-            possible_severities = ["critical", "high", "medium", "low"]
-            findings_resources_mapping = []
-
-            for i in range(num_findings):
-                severity = random.choice(possible_severities)
-                check_id = random.randint(1, 1000)
-                assigned_resource_num = random.randint(0, len(resources) - 1)
-                assigned_resource = resources[assigned_resource_num]
-                findings_resources_mapping.append(assigned_resource_num)
-
-                findings.append(
-                    Finding(
-                        tenant_id=tenant_id,
-                        scan=scan,
-                        uid=f"testing-{uid_token}-{i}",
-                        delta=random.choice(possible_deltas),
-                        check_id=f"check-{check_id}",
-                        status=random.choice(list(StatusChoices)),
-                        severity=severity,
-                        impact=severity,
-                        raw_result={},
-                        check_metadata={
-                            "checktitle": f"Test title for check {check_id}",
-                            "risk": f"Testing risk {uid_token}-{i}",
-                            "provider": "aws",
-                            "severity": severity,
-                            "categories": ["category1", "category2", "category3"],
-                            "description": "This is a random description that should not matter for testing purposes.",
-                            "servicename": assigned_resource.service,
-                            "resourcetype": assigned_resource.type,
-                        },
-                    )
-                )
-
-            num_batches = ceil(len(findings) / batch_size)
-            self.stdout.write(self.style.WARNING("Creating findings..."))
-            for i in tqdm(range(0, len(findings), batch_size), total=num_batches):
-                with rls_transaction(tenant_id):
-                    Finding.all_objects.bulk_create(findings[i : i + batch_size])
-            self.stdout.write(self.style.SUCCESS("Findings created successfully.\n\n"))
-
-            with rls_transaction(tenant_id):
-                scan.progress = 66
-                scan.save()
-
-            # Create ResourceFindingMapping
-            mappings = []
-            for index, f in enumerate(findings):
-                mappings.append(
-                    ResourceFindingMapping(
-                        tenant_id=tenant_id,
-                        resource=resources[findings_resources_mapping[index]],
-                        finding=f,
-                    )
-                )
-
-            num_batches = ceil(len(mappings) / batch_size)
-            self.stdout.write(
-                self.style.WARNING("Creating resource-finding mappings...")
-            )
-            for i in tqdm(range(0, len(mappings), batch_size), total=num_batches):
-                with rls_transaction(tenant_id):
-                    ResourceFindingMapping.objects.bulk_create(
-                        mappings[i : i + batch_size]
-                    )
-            self.stdout.write(
-                self.style.SUCCESS(
-                    "Resource-finding mappings created successfully.\n\n"
-                )
-            )
-        except Exception as e:
-            self.stdout.write(self.style.ERROR(f"Failed to populate test data: {e}"))
-            scan_state = "failed"
-        finally:
-            scan.completed_at = datetime.now(timezone.utc)
-            scan.duration = int(
-                (datetime.now(timezone.utc) - scan.started_at).total_seconds()
-            )
-            scan.progress = 100
-            scan.state = scan_state
-            scan.unique_resource_count = num_resources
-            with rls_transaction(tenant_id):
-                scan.save()
-
-        self.stdout.write(self.style.NOTICE("Successfully populated test data."))
--- a/api/src/backend/api/migrations/0010_findings_performance_indexes_partitions.py
+++ b/api/src/backend/api/migrations/0010_findings_performance_indexes_partitions.py
@@ -1,109 +0,0 @@
-from functools import partial
-
-from django.db import connection, migrations
-
-
-def create_index_on_partitions(
-    apps, schema_editor, parent_table: str, index_name: str, index_details: str
-):
-    with connection.cursor() as cursor:
-        cursor.execute(
-            """
-            SELECT inhrelid::regclass::text
-            FROM pg_inherits
-            WHERE inhparent = %s::regclass;
-        """,
-            [parent_table],
-        )
-        partitions = [row[0] for row in cursor.fetchall()]
-    # Iterate over partitions and create index concurrently.
-    # Note: PostgreSQL does not allow CONCURRENTLY inside a transaction,
-    # so we need atomic = False for this migration.
-    for partition in partitions:
-        sql = (
-            f"CREATE INDEX CONCURRENTLY IF NOT EXISTS {partition.replace('.', '_')}_{index_name} ON {partition} "
-            f"{index_details};"
-        )
-        schema_editor.execute(sql)
-
-
-def drop_index_on_partitions(apps, schema_editor, parent_table: str, index_name: str):
-    with schema_editor.connection.cursor() as cursor:
-        cursor.execute(
-            """
-            SELECT inhrelid::regclass::text
-            FROM pg_inherits
-            WHERE inhparent = %s::regclass;
-        """,
-            [parent_table],
-        )
-        partitions = [row[0] for row in cursor.fetchall()]
-
-    # Iterate over partitions and drop index concurrently.
-    for partition in partitions:
-        partition_index = f"{partition.replace('.', '_')}_{index_name}"
-        sql = f"DROP INDEX CONCURRENTLY IF EXISTS {partition_index};"
-        schema_editor.execute(sql)
-
-
-class Migration(migrations.Migration):
-    atomic = False
-
-    dependencies = [
-        ("api", "0009_increase_provider_uid_maximum_length"),
-    ]
-
-    operations = [
-        migrations.RunPython(
-            partial(
-                create_index_on_partitions,
-                parent_table="findings",
-                index_name="findings_tenant_and_id_idx",
-                index_details="(tenant_id, id)",
-            ),
-            reverse_code=partial(
-                drop_index_on_partitions,
-                parent_table="findings",
-                index_name="findings_tenant_and_id_idx",
-            ),
-        ),
-        migrations.RunPython(
-            partial(
-                create_index_on_partitions,
-                parent_table="findings",
-                index_name="find_tenant_scan_idx",
-                index_details="(tenant_id, scan_id)",
-            ),
-            reverse_code=partial(
-                drop_index_on_partitions,
-                parent_table="findings",
-                index_name="find_tenant_scan_idx",
-            ),
-        ),
-        migrations.RunPython(
-            partial(
-                create_index_on_partitions,
-                parent_table="findings",
-                index_name="find_tenant_scan_id_idx",
-                index_details="(tenant_id, scan_id, id)",
-            ),
-            reverse_code=partial(
-                drop_index_on_partitions,
-                parent_table="findings",
-                index_name="find_tenant_scan_id_idx",
-            ),
-        ),
-        migrations.RunPython(
-            partial(
-                create_index_on_partitions,
-                parent_table="findings",
-                index_name="find_delta_new_idx",
-                index_details="(tenant_id, id) where delta = 'new'",
-            ),
-            reverse_code=partial(
-                drop_index_on_partitions,
-                parent_table="findings",
-                index_name="find_delta_new_idx",
-            ),
-        ),
-    ]
--- a/api/src/backend/api/migrations/0010_scan_report_output.py
+++ b/api/src/backend/api/migrations/0010_scan_report_output.py
@@ -1,15 +1,17 @@
+# Generated by Django 5.1.5 on 2025-02-07 10:59
+
 from django.db import migrations, models


 class Migration(migrations.Migration):
    dependencies = [
-        ("api", "0011_findings_performance_indexes_parent"),
+        ("api", "0009_increase_provider_uid_maximum_length"),
    ]

    operations = [
        migrations.AddField(
            model_name="scan",
-            name="output_location",
+            name="output_path",
            field=models.CharField(blank=True, max_length=200, null=True),
        ),
    ]
--- a/api/src/backend/api/migrations/0011_findings_performance_indexes_parent.py
+++ b/api/src/backend/api/migrations/0011_findings_performance_indexes_parent.py
@@ -1,49 +0,0 @@
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-    dependencies = [
-        ("api", "0010_findings_performance_indexes_partitions"),
-    ]
-
-    operations = [
-        migrations.AddIndex(
-            model_name="finding",
-            index=models.Index(
-                fields=["tenant_id", "id"], name="findings_tenant_and_id_idx"
-            ),
-        ),
-        migrations.AddIndex(
-            model_name="finding",
-            index=models.Index(
-                fields=["tenant_id", "scan_id"], name="find_tenant_scan_idx"
-            ),
-        ),
-        migrations.AddIndex(
-            model_name="finding",
-            index=models.Index(
-                fields=["tenant_id", "scan_id", "id"], name="find_tenant_scan_id_idx"
-            ),
-        ),
-        migrations.AddIndex(
-            model_name="finding",
-            index=models.Index(
-                condition=models.Q(("delta", "new")),
-                fields=["tenant_id", "id"],
-                name="find_delta_new_idx",
-            ),
-        ),
-        migrations.AddIndex(
-            model_name="resourcetagmapping",
-            index=models.Index(
-                fields=["tenant_id", "resource_id"], name="resource_tag_tenant_idx"
-            ),
-        ),
-        migrations.AddIndex(
-            model_name="resource",
-            index=models.Index(
-                fields=["tenant_id", "service", "region", "type"],
-                name="resource_tenant_metadata_idx",
-            ),
-        ),
-    ]
--- a/api/src/backend/api/migrations/0013_integrations_enum.py
+++ b/api/src/backend/api/migrations/0013_integrations_enum.py
@@ -1,35 +0,0 @@
-# Generated by Django 5.1.5 on 2025-03-03 15:46
-
-from functools import partial
-
-from django.db import migrations
-
-from api.db_utils import IntegrationTypeEnum, PostgresEnumMigration, register_enum
-from api.models import Integration
-
-IntegrationTypeEnumMigration = PostgresEnumMigration(
-    enum_name="integration_type",
-    enum_values=tuple(
-        integration_type[0]
-        for integration_type in Integration.IntegrationChoices.choices
-    ),
-)
-
-
-class Migration(migrations.Migration):
-    atomic = False
-
-    dependencies = [
-        ("api", "0012_scan_report_output"),
-    ]
-
-    operations = [
-        migrations.RunPython(
-            IntegrationTypeEnumMigration.create_enum_type,
-            reverse_code=IntegrationTypeEnumMigration.drop_enum_type,
-        ),
-        migrations.RunPython(
-            partial(register_enum, enum_class=IntegrationTypeEnum),
-            reverse_code=migrations.RunPython.noop,
-        ),
-    ]
--- a/api/src/backend/api/migrations/0014_integrations.py
+++ b/api/src/backend/api/migrations/0014_integrations.py
@@ -1,131 +0,0 @@
-# Generated by Django 5.1.5 on 2025-03-03 15:46
-
-import uuid
-
-import django.db.models.deletion
-from django.db import migrations, models
-
-import api.db_utils
-import api.rls
-from api.rls import RowLevelSecurityConstraint
-
-
-class Migration(migrations.Migration):
-    dependencies = [
-        ("api", "0013_integrations_enum"),
-    ]
-
-    operations = [
-        migrations.CreateModel(
-            name="Integration",
-            fields=[
-                (
-                    "id",
-                    models.UUIDField(
-                        default=uuid.uuid4,
-                        editable=False,
-                        primary_key=True,
-                        serialize=False,
-                    ),
-                ),
-                ("inserted_at", models.DateTimeField(auto_now_add=True)),
-                ("updated_at", models.DateTimeField(auto_now=True)),
-                ("enabled", models.BooleanField(default=False)),
-                ("connected", models.BooleanField(blank=True, null=True)),
-                (
-                    "connection_last_checked_at",
-                    models.DateTimeField(blank=True, null=True),
-                ),
-                (
-                    "integration_type",
-                    api.db_utils.IntegrationTypeEnumField(
-                        choices=[
-                            ("amazon_s3", "Amazon S3"),
-                            ("saml", "SAML"),
-                            ("aws_security_hub", "AWS Security Hub"),
-                            ("jira", "JIRA"),
-                            ("slack", "Slack"),
-                        ]
-                    ),
-                ),
-                ("configuration", models.JSONField(default=dict)),
-                ("_credentials", models.BinaryField(db_column="credentials")),
-                (
-                    "tenant",
-                    models.ForeignKey(
-                        on_delete=django.db.models.deletion.CASCADE, to="api.tenant"
-                    ),
-                ),
-            ],
-            options={"db_table": "integrations", "abstract": False},
-        ),
-        migrations.AddConstraint(
-            model_name="integration",
-            constraint=RowLevelSecurityConstraint(
-                "tenant_id",
-                name="rls_on_integration",
-                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
-            ),
-        ),
-        migrations.CreateModel(
-            name="IntegrationProviderRelationship",
-            fields=[
-                (
-                    "id",
-                    models.UUIDField(
-                        default=uuid.uuid4,
-                        editable=False,
-                        primary_key=True,
-                        serialize=False,
-                    ),
-                ),
-                ("inserted_at", models.DateTimeField(auto_now_add=True)),
-                (
-                    "integration",
-                    models.ForeignKey(
-                        on_delete=django.db.models.deletion.CASCADE,
-                        to="api.integration",
-                    ),
-                ),
-                (
-                    "provider",
-                    models.ForeignKey(
-                        on_delete=django.db.models.deletion.CASCADE, to="api.provider"
-                    ),
-                ),
-                (
-                    "tenant",
-                    models.ForeignKey(
-                        on_delete=django.db.models.deletion.CASCADE, to="api.tenant"
-                    ),
-                ),
-            ],
-            options={
-                "db_table": "integration_provider_mappings",
-                "constraints": [
-                    models.UniqueConstraint(
-                        fields=("integration_id", "provider_id"),
-                        name="unique_integration_provider_rel",
-                    ),
-                ],
-            },
-        ),
-        migrations.AddConstraint(
-            model_name="IntegrationProviderRelationship",
-            constraint=RowLevelSecurityConstraint(
-                "tenant_id",
-                name="rls_on_integrationproviderrelationship",
-                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
-            ),
-        ),
-        migrations.AddField(
-            model_name="integration",
-            name="providers",
-            field=models.ManyToManyField(
-                blank=True,
-                related_name="integrations",
-                through="api.IntegrationProviderRelationship",
-                to="api.provider",
-            ),
-        ),
-    ]
--- a/api/src/backend/api/models.py
+++ b/api/src/backend/api/models.py
@@ -21,7 +21,6 @@ from uuid6 import uuid7
 from api.db_utils import (
    CustomUserManager,
    FindingDeltaEnumField,
-    IntegrationTypeEnumField,
    InvitationStateEnumField,
    MemberRoleEnumField,
    ProviderEnumField,
@@ -415,7 +414,7 @@ class Scan(RowLevelSecurityProtectedModel):
    scheduler_task = models.ForeignKey(
        PeriodicTask, on_delete=models.CASCADE, null=True, blank=True
    )
-    output_location = models.CharField(blank=True, null=True, max_length=200)
+    output_path = models.CharField(blank=True, null=True, max_length=200)
    # TODO: mutelist foreign key

    class Meta(RowLevelSecurityProtectedModel.Meta):
@@ -554,10 +553,6 @@ class Resource(RowLevelSecurityProtectedModel):
                fields=["uid", "region", "service", "name"],
                name="resource_uid_reg_serv_name_idx",
            ),
-            models.Index(
-                fields=["tenant_id", "service", "region", "type"],
-                name="resource_tenant_metadata_idx",
-            ),
            GinIndex(fields=["text_search"], name="gin_resources_search_idx"),
        ]

@@ -605,12 +600,6 @@ class ResourceTagMapping(RowLevelSecurityProtectedModel):
            ),
        ]

-        indexes = [
-            models.Index(
-                fields=["tenant_id", "resource_id"], name="resource_tag_tenant_idx"
-            ),
-        ]
-

 class Finding(PostgresPartitionedModel, RowLevelSecurityProtectedModel):
    """
@@ -709,17 +698,7 @@ class Finding(PostgresPartitionedModel, RowLevelSecurityProtectedModel):
                ],
                name="findings_filter_idx",
            ),
-            models.Index(fields=["tenant_id", "id"], name="findings_tenant_and_id_idx"),
            GinIndex(fields=["text_search"], name="gin_findings_search_idx"),
-            models.Index(fields=["tenant_id", "scan_id"], name="find_tenant_scan_idx"),
-            models.Index(
-                fields=["tenant_id", "scan_id", "id"], name="find_tenant_scan_id_idx"
-            ),
-            models.Index(
-                fields=["tenant_id", "id"],
-                condition=Q(delta="new"),
-                name="find_delta_new_idx",
-            ),
        ]

    class JSONAPIMeta:
@@ -1139,80 +1118,3 @@ class ScanSummary(RowLevelSecurityProtectedModel):

    class JSONAPIMeta:
        resource_name = "scan-summaries"
-
-
-class Integration(RowLevelSecurityProtectedModel):
-    class IntegrationChoices(models.TextChoices):
-        S3 = "amazon_s3", _("Amazon S3")
-        SAML = "saml", _("SAML")
-        AWS_SECURITY_HUB = "aws_security_hub", _("AWS Security Hub")
-        JIRA = "jira", _("JIRA")
-        SLACK = "slack", _("Slack")
-
-    id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
-    inserted_at = models.DateTimeField(auto_now_add=True, editable=False)
-    updated_at = models.DateTimeField(auto_now=True, editable=False)
-    enabled = models.BooleanField(default=False)
-    connected = models.BooleanField(null=True, blank=True)
-    connection_last_checked_at = models.DateTimeField(null=True, blank=True)
-    integration_type = IntegrationTypeEnumField(choices=IntegrationChoices.choices)
-    configuration = models.JSONField(default=dict)
-    _credentials = models.BinaryField(db_column="credentials")
-
-    providers = models.ManyToManyField(
-        Provider,
-        related_name="integrations",
-        through="IntegrationProviderRelationship",
-        blank=True,
-    )
-
-    class Meta(RowLevelSecurityProtectedModel.Meta):
-        db_table = "integrations"
-
-        constraints = [
-            RowLevelSecurityConstraint(
-                field="tenant_id",
-                name="rls_on_%(class)s",
-                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
-            ),
-        ]
-
-    class JSONAPIMeta:
-        resource_name = "integrations"
-
-    @property
-    def credentials(self):
-        if isinstance(self._credentials, memoryview):
-            encrypted_bytes = self._credentials.tobytes()
-        elif isinstance(self._credentials, str):
-            encrypted_bytes = self._credentials.encode()
-        else:
-            encrypted_bytes = self._credentials
-        decrypted_data = fernet.decrypt(encrypted_bytes)
-        return json.loads(decrypted_data.decode())
-
-    @credentials.setter
-    def credentials(self, value):
-        encrypted_data = fernet.encrypt(json.dumps(value).encode())
-        self._credentials = encrypted_data
-
-
-class IntegrationProviderRelationship(RowLevelSecurityProtectedModel):
-    id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
-    integration = models.ForeignKey(Integration, on_delete=models.CASCADE)
-    provider = models.ForeignKey(Provider, on_delete=models.CASCADE)
-    inserted_at = models.DateTimeField(auto_now_add=True)
-
-    class Meta:
-        db_table = "integration_provider_mappings"
-        constraints = [
-            models.UniqueConstraint(
-                fields=["integration_id", "provider_id"],
-                name="unique_integration_provider_rel",
-            ),
-            RowLevelSecurityConstraint(
-                field="tenant_id",
-                name="rls_on_%(class)s",
-                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
-            ),
-        ]
--- a/api/src/backend/api/rls.py
+++ b/api/src/backend/api/rls.py
@@ -2,7 +2,8 @@ from typing import Any
 from uuid import uuid4

 from django.core.exceptions import ValidationError
-from django.db import DEFAULT_DB_ALIAS, models
+from django.db import DEFAULT_DB_ALIAS
+from django.db import models
 from django.db.backends.ddl_references import Statement, Table

 from api.db_utils import DB_USER, POSTGRES_TENANT_VAR
@@ -58,11 +59,11 @@ class RowLevelSecurityConstraint(models.BaseConstraint):
    drop_sql_query = """
        ALTER TABLE %(table_name)s NO FORCE ROW LEVEL SECURITY;
        ALTER TABLE %(table_name)s DISABLE ROW LEVEL SECURITY;
-        REVOKE ALL ON TABLE %(table_name)s FROM %(db_user)s;
+        REVOKE ALL ON TABLE %(table_name) TO %(db_user)s;
    """

    drop_policy_sql_query = """
-        DROP POLICY IF EXISTS %(db_user)s_%(raw_table_name)s_{statement} ON %(table_name)s;
+        DROP POLICY IF EXISTS %(db_user)s_%(table_name)s_{statement} on %(table_name)s;
    """

    def __init__(
@@ -87,7 +88,9 @@ class RowLevelSecurityConstraint(models.BaseConstraint):
                f"{grant_queries}{self.grant_sql_query.format(statement=statement)}"
            )

-        full_create_sql_query = f"{self.rls_sql_query}{policy_queries}{grant_queries}"
+        full_create_sql_query = (
+            f"{self.rls_sql_query}" f"{policy_queries}" f"{grant_queries}"
+        )

        table_name = model._meta.db_table
        if self.partition_name:
@@ -104,20 +107,16 @@ class RowLevelSecurityConstraint(models.BaseConstraint):

    def remove_sql(self, model: Any, schema_editor: Any) -> Any:
        field_column = schema_editor.quote_name(self.target_field)
-        raw_table_name = model._meta.db_table
-        table_name = raw_table_name
-        if self.partition_name:
-            raw_table_name = f"{raw_table_name}_{self.partition_name}"
-            table_name = raw_table_name
-
        full_drop_sql_query = (
            f"{self.drop_sql_query}"
-            f"{''.join([self.drop_policy_sql_query.format(statement=statement) for statement in self.statements])}"
+            f"{''.join([self.drop_policy_sql_query.format(statement) for statement in self.statements])}"
        )
+        table_name = model._meta.db_table
+        if self.partition_name:
+            table_name = f"{table_name}_{self.partition_name}"
        return Statement(
            full_drop_sql_query,
            table_name=Table(table_name, schema_editor.quote_name),
-            raw_table_name=raw_table_name,
            field_column=field_column,
            db_user=DB_USER,
            partition_name=self.partition_name,
--- a/api/src/backend/api/specs/v1.yaml
+++ b/api/src/backend/api/specs/v1.yaml
--- a/api/src/backend/api/tests/test_rbac.py
+++ b/api/src/backend/api/tests/test_rbac.py
@@ -1,19 +1,7 @@
-from unittest.mock import ANY, Mock, patch
-
 import pytest
 from django.urls import reverse
 from rest_framework import status
-
-from api.models import (
-    Membership,
-    ProviderGroup,
-    ProviderGroupMembership,
-    Role,
-    RoleProviderGroupRelationship,
-    User,
-    UserRoleRelationship,
-)
-from api.v1.serializers import TokenSerializer
+from unittest.mock import patch, ANY, Mock


@pytest.mark.django_db
@@ -316,96 +304,3 @@ class TestProviderViewSet:
            reverse("provider-connection", kwargs={"pk": provider.id})
        )
        assert response.status_code == status.HTTP_403_FORBIDDEN
-
-
-@pytest.mark.django_db
-class TestLimitedVisibility:
-    TEST_EMAIL = "rbac@rbac.com"
-    TEST_PASSWORD = "thisisapassword123"
-
-    @pytest.fixture
-    def limited_admin_user(
-        self, django_db_setup, django_db_blocker, tenants_fixture, providers_fixture
-    ):
-        with django_db_blocker.unblock():
-            tenant = tenants_fixture[0]
-            provider = providers_fixture[0]
-            user = User.objects.create_user(
-                name="testing",
-                email=self.TEST_EMAIL,
-                password=self.TEST_PASSWORD,
-            )
-            Membership.objects.create(
-                user=user,
-                tenant=tenant,
-                role=Membership.RoleChoices.OWNER,
-            )
-
-            role = Role.objects.create(
-                name="limited_visibility",
-                tenant=tenant,
-                manage_users=True,
-                manage_account=True,
-                manage_billing=True,
-                manage_providers=True,
-                manage_integrations=True,
-                manage_scans=True,
-                unlimited_visibility=False,
-            )
-            UserRoleRelationship.objects.create(
-                user=user,
-                role=role,
-                tenant=tenant,
-            )
-
-            provider_group = ProviderGroup.objects.create(
-                name="limited_visibility_group",
-                tenant=tenant,
-            )
-            ProviderGroupMembership.objects.create(
-                tenant=tenant,
-                provider=provider,
-                provider_group=provider_group,
-            )
-
-            RoleProviderGroupRelationship.objects.create(
-                tenant=tenant, role=role, provider_group=provider_group
-            )
-
-        return user
-
-    @pytest.fixture
-    def authenticated_client_rbac_limited(
-        self, limited_admin_user, tenants_fixture, client
-    ):
-        client.user = limited_admin_user
-        tenant_id = tenants_fixture[0].id
-        serializer = TokenSerializer(
-            data={
-                "type": "tokens",
-                "email": self.TEST_EMAIL,
-                "password": self.TEST_PASSWORD,
-                "tenant_id": tenant_id,
-            }
-        )
-        serializer.is_valid(raise_exception=True)
-        access_token = serializer.validated_data["access"]
-        client.defaults["HTTP_AUTHORIZATION"] = f"Bearer {access_token}"
-        return client
-
-    def test_integrations(
-        self, authenticated_client_rbac_limited, integrations_fixture, providers_fixture
-    ):
-        # Integration 2 is related to provider1 and provider 2
-        # This user cannot see provider 2
-        integration = integrations_fixture[1]
-
-        response = authenticated_client_rbac_limited.get(
-            reverse("integration-detail", kwargs={"pk": integration.id})
-        )
-
-        assert response.status_code == status.HTTP_200_OK
-        assert integration.providers.count() == 2
-        assert (
-            response.json()["data"]["relationships"]["providers"]["meta"]["count"] == 1
-        )
--- a/api/src/backend/api/tests/test_views.py
+++ b/api/src/backend/api/tests/test_views.py
@@ -1,20 +1,18 @@
-import glob
-import io
 import json
-import os
 from datetime import datetime, timedelta, timezone
-from unittest.mock import ANY, Mock, patch
+from io import BytesIO
+from unittest.mock import ANY, Mock, mock_open, patch

 import jwt
 import pytest
-from botocore.exceptions import NoCredentialsError
+from botocore.exceptions import ClientError
 from conftest import API_JSON_CONTENT_TYPE, TEST_PASSWORD, TEST_USER
 from django.conf import settings
+from django.http import HttpResponse
 from django.urls import reverse
 from rest_framework import status

 from api.models import (
-    Integration,
    Invitation,
    Membership,
    Provider,
@@ -25,7 +23,6 @@ from api.models import (
    RoleProviderGroupRelationship,
    Scan,
    StateChoices,
-    Task,
    User,
    UserRoleRelationship,
 )
@@ -2085,9 +2082,9 @@ class TestScanViewSet:
                ("started_at.gte", "2024-01-01", 3),
                ("started_at.lte", "2024-01-01", 0),
                ("trigger", Scan.TriggerChoices.MANUAL, 1),
-                ("state", StateChoices.AVAILABLE, 1),
+                ("state", StateChoices.AVAILABLE, 2),
                ("state", StateChoices.FAILED, 1),
-                ("state.in", f"{StateChoices.FAILED},{StateChoices.AVAILABLE}", 2),
+                ("state.in", f"{StateChoices.FAILED},{StateChoices.AVAILABLE}", 3),
                ("trigger", Scan.TriggerChoices.MANUAL, 1),
            ]
        ),
@@ -2162,180 +2159,133 @@ class TestScanViewSet:
        response = authenticated_client.get(reverse("scan-list"), {"sort": "invalid"})
        assert response.status_code == status.HTTP_400_BAD_REQUEST

-    def test_report_executing(self, authenticated_client, scans_fixture):
+    def test_report_no_output(self, authenticated_client, scans_fixture):
        """
-        When the scan is still executing (state == EXECUTING), the view should return
-        the task data with HTTP 202 and a Content-Location header.
+        If the scan's output_path is empty, the view should return a 404 response.
        """
        scan = scans_fixture[0]
-        scan.state = StateChoices.EXECUTING
-        scan.save()
-
-        task = Task.objects.create(tenant_id=scan.tenant_id)
-        dummy_task_data = {"id": str(task.id), "state": StateChoices.EXECUTING}
-
-        scan.task = task
-        scan.save()
-
-        with patch(
-            "api.v1.views.TaskSerializer",
-            return_value=type("DummySerializer", (), {"data": dummy_task_data}),
-        ):
-            url = reverse("scan-report", kwargs={"pk": scan.id})
-            response = authenticated_client.get(url)
-            assert response.status_code == status.HTTP_202_ACCEPTED
-            assert "Content-Location" in response
-            assert dummy_task_data["id"] in response["Content-Location"]
-
-    def test_report_celery_task_executing(self, authenticated_client, scans_fixture):
-        """
-        When the scan is not executing but a related celery task exists and is running,
-        the view should return that task data with HTTP 202.
-        """
-        scan = scans_fixture[0]
-        scan.state = StateChoices.COMPLETED
-        scan.output_location = "dummy"
-        scan.save()
-
-        dummy_task = Task.objects.create(tenant_id=scan.tenant_id)
-        dummy_task.id = "dummy-task-id"
-        dummy_task_data = {"id": dummy_task.id, "state": StateChoices.EXECUTING}
-
-        with (
-            patch("api.v1.views.Task.objects.get", return_value=dummy_task),
-            patch(
-                "api.v1.views.TaskSerializer",
-                return_value=type("DummySerializer", (), {"data": dummy_task_data}),
-            ),
-        ):
-            url = reverse("scan-report", kwargs={"pk": scan.id})
-            response = authenticated_client.get(url)
-            assert response.status_code == status.HTTP_202_ACCEPTED
-            assert "Content-Location" in response
-            assert dummy_task_data["id"] in response["Content-Location"]
-
-    def test_report_no_output_location(self, authenticated_client, scans_fixture):
-        """
-        If the scan does not have an output_location, the view should return a 404.
-        """
-        scan = scans_fixture[0]
-        scan.state = StateChoices.COMPLETED
-        scan.output_location = ""
-        scan.save()
-
-        url = reverse("scan-report", kwargs={"pk": scan.id})
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
        response = authenticated_client.get(url)
        assert response.status_code == status.HTTP_404_NOT_FOUND
-        assert response.json()["errors"]["detail"] == "The scan has no reports."
+        assert response.data["detail"] == "No files found"

-    def test_report_s3_no_credentials(
-        self, authenticated_client, scans_fixture, monkeypatch
-    ):
+    def test_report_s3_get_client_fail(self, authenticated_client, scans_fixture):
        """
-        When output_location is an S3 URL and get_s3_client() raises a credentials exception,
-        the view should return HTTP 403 with the proper error message.
+        If output_path starts with "s3://", but get_s3_client() fails, the view should return a 403.
        """
        scan = scans_fixture[0]
-        bucket = "test-bucket"
-        key = "report.zip"
-        scan.output_location = f"s3://{bucket}/{key}"
-        scan.state = StateChoices.COMPLETED
+        scan.output_path = "s3://bucket/path/to/file.zip"
        scan.save()
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        # Patch get_s3_client to raise one of the expected exceptions
+        client_err = ClientError({"Error": {"Code": "AccessDenied"}}, "get_s3_client")
+        with patch("api.v1.views.get_s3_client", side_effect=client_err):
+            response = authenticated_client.get(url)
+            assert response.status_code == status.HTTP_403_FORBIDDEN
+            assert (
+                response.data["detail"]
+                == "There is a problem with the AWS credentials."
+            )

-        def fake_get_s3_client():
-            raise NoCredentialsError()
-
-        monkeypatch.setattr("api.v1.views.get_s3_client", fake_get_s3_client)
-
-        url = reverse("scan-report", kwargs={"pk": scan.id})
-        response = authenticated_client.get(url)
-        assert response.status_code == status.HTTP_403_FORBIDDEN
-        assert (
-            response.json()["errors"]["detail"]
-            == "There is a problem with credentials."
-        )
-
-    def test_report_s3_success(self, authenticated_client, scans_fixture, monkeypatch):
+    def test_report_s3_get_object_fail(self, authenticated_client, scans_fixture):
        """
-        When output_location is an S3 URL and the S3 client returns the file successfully,
-        the view should return the ZIP file with HTTP 200 and proper headers.
+        If output_path starts with "s3://", and get_s3_client() succeeds but get_object() fails,
+        the view should return a 500 error.
        """
        scan = scans_fixture[0]
-        bucket = "test-bucket"
-        key = "report.zip"
-        scan.output_location = f"s3://{bucket}/{key}"
-        scan.state = StateChoices.COMPLETED
+        scan.output_path = "s3://bucket/path/to/file.zip"
        scan.save()
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        client_err = ClientError({"Error": {"Code": "NoSuchKey"}}, "get_object")
+        with patch("api.v1.views.get_s3_client") as mock_get_s3_client, patch(
+            "api.v1.views.env.str", return_value="bucket"
+        ):
+            s3_client = mock_get_s3_client.return_value
+            s3_client.get_object.side_effect = client_err
+            response = authenticated_client.get(url)
+            assert response.status_code == status.HTTP_500_INTERNAL_SERVER_ERROR
+            assert response.data["detail"] == "Error accessing cloud storage"

-        monkeypatch.setattr(
-            "api.v1.views.env", type("env", (), {"str": lambda self, key: bucket})()
-        )
-
-        class FakeS3Client:
-            def get_object(self, Bucket, Key):
-                assert Bucket == bucket
-                assert Key == key
-                return {"Body": io.BytesIO(b"s3 zip content")}
-
-        monkeypatch.setattr("api.v1.views.get_s3_client", lambda: FakeS3Client())
-
-        url = reverse("scan-report", kwargs={"pk": scan.id})
-        response = authenticated_client.get(url)
-        assert response.status_code == 200
-        expected_filename = os.path.basename("report.zip")
-        content_disposition = response.get("Content-Disposition")
-        assert content_disposition.startswith('attachment; filename="')
-        assert f'filename="{expected_filename}"' in content_disposition
-        assert response.content == b"s3 zip content"
-
-    def test_report_s3_success_no_local_files(
-        self, authenticated_client, scans_fixture, monkeypatch
-    ):
+    def test_report_s3_success(self, authenticated_client, scans_fixture):
        """
-        When output_location is a local path and glob.glob returns an empty list,
-        the view should return HTTP 404 with detail "The scan has no reports."
+        If output_path starts with "s3://", and S3 functions succeed, the view should return an
+        HttpResponse with the ZIP content.
+        """
+        fake_file_content = b"fake s3 zip content"
+        scan = scans_fixture[0]
+        scan.output_path = "s3://bucket/path/to/file.zip"
+        scan.save()
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        # Create a dummy S3 object with a 'Body' that returns our fake file content
+        dummy_body = BytesIO(fake_file_content)
+        dummy_s3_object = {"Body": dummy_body}
+        with patch("api.v1.views.get_s3_client") as mock_get_s3_client, patch(
+            "api.v1.views.env.str", return_value="bucket"
+        ):
+            s3_client = mock_get_s3_client.return_value
+            s3_client.get_object.return_value = dummy_s3_object
+            response = authenticated_client.get(url)
+            # The view returns an HttpResponse (not a DRF Response) for file downloads
+            assert isinstance(response, HttpResponse)
+            assert response.status_code == 200
+            assert response.content == fake_file_content
+            # Check that the Content-Disposition header includes the filename "file.zip"
+            content_disp = response.get("Content-Disposition", "")
+            assert content_disp.startswith('attachment; filename="')
+            assert "file.zip" in content_disp
+
+    def test_report_local_no_files(self, authenticated_client, scans_fixture):
+        """
+        If output_path does not start with "s3://" and glob.glob finds no matching files,
+        the view should return a 404 response.
        """
        scan = scans_fixture[0]
-        scan.output_location = "/tmp/nonexistent_report_pattern.zip"
-        scan.state = StateChoices.COMPLETED
+        scan.output_path = "/non/existent/path/*.zip"
        scan.save()
-        monkeypatch.setattr("api.v1.views.glob.glob", lambda pattern: [])
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        with patch("api.v1.views.glob.glob", return_value=[]):
+            response = authenticated_client.get(url)
+            assert response.status_code == status.HTTP_404_NOT_FOUND
+            assert response.data["detail"] == "No local files found"

-        url = reverse("scan-report", kwargs={"pk": scan.id})
-        response = authenticated_client.get(url)
-
-        assert response.status_code == 404
-        assert response.json()["errors"]["detail"] == "The scan has no reports."
-
-    def test_report_local_file(
-        self, authenticated_client, scans_fixture, tmp_path, monkeypatch
-    ):
+    def test_report_local_ioerror(self, authenticated_client, scans_fixture):
        """
-        When output_location is a local file path, the view should read the file from disk
-        and return it with proper headers.
+        If output_path does not start with "s3://", glob.glob finds a file but reading it raises an IOError,
+        the view should return a 500 response.
        """
        scan = scans_fixture[0]
-        file_content = b"local zip file content"
-        file_path = tmp_path / "report.zip"
-        file_path.write_bytes(file_content)
-
-        scan.output_location = str(file_path)
-        scan.state = StateChoices.COMPLETED
+        scan.output_path = "/path/to/file.zip"
        scan.save()
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        with patch("api.v1.views.glob.glob", return_value=["/path/to/file.zip"]), patch(
+            "api.v1.views.open", side_effect=IOError
+        ):
+            response = authenticated_client.get(url)
+            assert response.status_code == status.HTTP_500_INTERNAL_SERVER_ERROR
+            assert response.data["detail"] == "Error reading local file"

-        monkeypatch.setattr(
-            glob,
-            "glob",
-            lambda pattern: [str(file_path)] if pattern == str(file_path) else [],
-        )
-
-        url = reverse("scan-report", kwargs={"pk": scan.id})
-        response = authenticated_client.get(url)
-        assert response.status_code == 200
-        assert response.content == file_content
-        content_disposition = response.get("Content-Disposition")
-        assert content_disposition.startswith('attachment; filename="')
-        assert f'filename="{file_path.name}"' in content_disposition
+    def test_report_local_success(self, authenticated_client, scans_fixture):
+        """
+        If output_path does not start with "s3://", and a local file is found and read successfully,
+        the view should return an HttpResponse with the file contents.
+        """
+        fake_file_content = b"local zip file content"
+        scan = scans_fixture[0]
+        scan.output_path = "/path/to/file.zip"
+        scan.save()
+        url = reverse("scan-report", kwargs={"pk": scan.pk})
+        m_open = mock_open(read_data=fake_file_content)
+        with patch("api.v1.views.glob.glob", return_value=["/path/to/file.zip"]), patch(
+            "api.v1.views.open", m_open
+        ):
+            response = authenticated_client.get(url)
+            assert isinstance(response, HttpResponse)
+            assert response.status_code == 200
+            assert response.content == fake_file_content
+            content_disp = response.get("Content-Disposition", "")
+            assert content_disp.startswith('attachment; filename="')
+            # The filename should be the basename of the file path
+            assert "file.zip" in content_disp


@pytest.mark.django_db
@@ -2616,7 +2566,7 @@ class TestFindingViewSet:
        [
            ("resources", ["resources"]),
            ("scan", ["scans"]),
-            ("resources,scan.provider", ["resources", "scans", "providers"]),
+            ("resources.provider,scan", ["resources", "scans", "providers"]),
        ],
    )
    def test_findings_list_include(
@@ -2672,8 +2622,8 @@ class TestFindingViewSet:
                ("search", "orange juice", 1),
                # full text search on resource
                ("search", "ec2", 2),
-                # full text search on finding tags (disabled for now)
-                # ("search", "value2", 2),
+                # full text search on finding tags
+                ("search", "value2", 2),
                # Temporary disabled until we implement tag filtering in the UI
                # ("resource_tag_key", "key", 2),
                # ("resource_tag_key__in", "key,key2", 2),
@@ -4591,415 +4541,3 @@ class TestScheduleViewSet:
            reverse("schedule-daily"), data=json_payload, format="json"
        )
        assert response.status_code == status.HTTP_404_NOT_FOUND
-
-
-@pytest.mark.django_db
-class TestIntegrationViewSet:
-    def test_integrations_list(self, authenticated_client, integrations_fixture):
-        response = authenticated_client.get(reverse("integration-list"))
-        assert response.status_code == status.HTTP_200_OK
-        assert len(response.json()["data"]) == len(integrations_fixture)
-
-    def test_integrations_retrieve(self, authenticated_client, integrations_fixture):
-        integration1, *_ = integrations_fixture
-        response = authenticated_client.get(
-            reverse("integration-detail", kwargs={"pk": integration1.id}),
-        )
-        assert response.status_code == status.HTTP_200_OK
-        assert response.json()["data"]["id"] == str(integration1.id)
-        assert (
-            response.json()["data"]["attributes"]["configuration"]
-            == integration1.configuration
-        )
-
-    def test_integrations_invalid_retrieve(self, authenticated_client):
-        response = authenticated_client.get(
-            reverse(
-                "integration-detail",
-                kwargs={"pk": "f498b103-c760-4785-9a3e-e23fafbb7b02"},
-            )
-        )
-        assert response.status_code == status.HTTP_404_NOT_FOUND
-
-    @pytest.mark.parametrize(
-        "include_values, expected_resources",
-        [
-            ("providers", ["providers"]),
-        ],
-    )
-    def test_integrations_list_include(
-        self,
-        include_values,
-        expected_resources,
-        authenticated_client,
-        integrations_fixture,
-    ):
-        response = authenticated_client.get(
-            reverse("integration-list"), {"include": include_values}
-        )
-        assert response.status_code == status.HTTP_200_OK
-        assert len(response.json()["data"]) == len(integrations_fixture)
-        assert "included" in response.json()
-
-        included_data = response.json()["included"]
-        for expected_type in expected_resources:
-            assert any(
-                d.get("type") == expected_type for d in included_data
-            ), f"Expected type '{expected_type}' not found in included data"
-
-    @pytest.mark.parametrize(
-        "integration_type, configuration, credentials",
-        [
-            # Amazon S3 - AWS credentials
-            (
-                Integration.IntegrationChoices.S3,
-                {
-                    "bucket_name": "bucket-name",
-                    "output_directory": "output-directory",
-                },
-                {
-                    "role_arn": "arn:aws",
-                    "external_id": "external-id",
-                },
-            ),
-            # Amazon S3 - No credentials (AWS self-hosted)
-            (
-                Integration.IntegrationChoices.S3,
-                {
-                    "bucket_name": "bucket-name",
-                    "output_directory": "output-directory",
-                },
-                {},
-            ),
-        ],
-    )
-    def test_integrations_create_valid(
-        self,
-        authenticated_client,
-        providers_fixture,
-        integration_type,
-        configuration,
-        credentials,
-    ):
-        provider = Provider.objects.first()
-
-        data = {
-            "data": {
-                "type": "integrations",
-                "attributes": {
-                    "integration_type": integration_type,
-                    "configuration": configuration,
-                    "credentials": credentials,
-                },
-                "relationships": {
-                    "providers": {
-                        "data": [{"type": "providers", "id": str(provider.id)}]
-                    }
-                },
-            }
-        }
-        response = authenticated_client.post(
-            reverse("integration-list"),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_201_CREATED
-        assert Integration.objects.count() == 1
-        integration = Integration.objects.first()
-        assert integration.configuration == data["data"]["attributes"]["configuration"]
-        assert (
-            integration.integration_type
-            == data["data"]["attributes"]["integration_type"]
-        )
-        assert "credentials" not in response.json()["data"]["attributes"]
-        assert (
-            str(provider.id)
-            == data["data"]["relationships"]["providers"]["data"][0]["id"]
-        )
-
-    def test_integrations_create_valid_relationships(
-        self,
-        authenticated_client,
-        providers_fixture,
-    ):
-        provider1, provider2, *_ = providers_fixture
-
-        data = {
-            "data": {
-                "type": "integrations",
-                "attributes": {
-                    "integration_type": Integration.IntegrationChoices.S3,
-                    "configuration": {
-                        "bucket_name": "bucket-name",
-                        "output_directory": "output-directory",
-                    },
-                    "credentials": {
-                        "role_arn": "arn:aws",
-                        "external_id": "external-id",
-                    },
-                },
-                "relationships": {
-                    "providers": {
-                        "data": [
-                            {"type": "providers", "id": str(provider1.id)},
-                            {"type": "providers", "id": str(provider2.id)},
-                        ]
-                    }
-                },
-            }
-        }
-        response = authenticated_client.post(
-            reverse("integration-list"),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_201_CREATED
-        assert Integration.objects.first().providers.count() == 2
-
-    @pytest.mark.parametrize(
-        "attributes, error_code, error_pointer",
-        (
-            [
-                (
-                    {
-                        "integration_type": "whatever",
-                        "configuration": {
-                            "bucket_name": "bucket-name",
-                            "output_directory": "output-directory",
-                        },
-                        "credentials": {
-                            "role_arn": "arn:aws",
-                            "external_id": "external-id",
-                        },
-                    },
-                    "invalid_choice",
-                    "integration_type",
-                ),
-                (
-                    {
-                        "integration_type": "amazon_s3",
-                        "configuration": {},
-                        "credentials": {
-                            "role_arn": "arn:aws",
-                            "external_id": "external-id",
-                        },
-                    },
-                    "required",
-                    "bucket_name",
-                ),
-                (
-                    {
-                        "integration_type": "amazon_s3",
-                        "configuration": {
-                            "bucket_name": "bucket_name",
-                            "output_directory": "output_directory",
-                            "invalid_key": "invalid_value",
-                        },
-                        "credentials": {
-                            "role_arn": "arn:aws",
-                            "external_id": "external-id",
-                        },
-                    },
-                    "invalid",
-                    None,
-                ),
-                (
-                    {
-                        "integration_type": "amazon_s3",
-                        "configuration": {
-                            "bucket_name": "bucket_name",
-                            "output_directory": "output_directory",
-                        },
-                        "credentials": {"invalid_key": "invalid_key"},
-                    },
-                    "invalid",
-                    None,
-                ),
-            ]
-        ),
-    )
-    def test_integrations_invalid_create(
-        self,
-        authenticated_client,
-        attributes,
-        error_code,
-        error_pointer,
-    ):
-        data = {
-            "data": {
-                "type": "integrations",
-                "attributes": attributes,
-            }
-        }
-        response = authenticated_client.post(
-            reverse("integration-list"),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
-        assert response.json()["errors"][0]["code"] == error_code
-        assert (
-            response.json()["errors"][0]["source"]["pointer"]
-            == f"/data/attributes/{error_pointer}"
-            if error_pointer
-            else "/data"
-        )
-
-    def test_integrations_partial_update(
-        self, authenticated_client, integrations_fixture
-    ):
-        integration, *_ = integrations_fixture
-        data = {
-            "data": {
-                "type": "integrations",
-                "id": str(integration.id),
-                "attributes": {
-                    "credentials": {
-                        "aws_access_key_id": "new_value",
-                    },
-                    # integration_type is `amazon_s3`
-                    "configuration": {
-                        "bucket_name": "new_bucket_name",
-                        "output_directory": "new_output_directory",
-                    },
-                },
-            }
-        }
-        response = authenticated_client.patch(
-            reverse("integration-detail", kwargs={"pk": integration.id}),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_200_OK
-        integration.refresh_from_db()
-        assert integration.credentials["aws_access_key_id"] == "new_value"
-        assert integration.configuration["bucket_name"] == "new_bucket_name"
-        assert integration.configuration["output_directory"] == "new_output_directory"
-
-    def test_integrations_partial_update_relationships(
-        self, authenticated_client, integrations_fixture
-    ):
-        integration, *_ = integrations_fixture
-        data = {
-            "data": {
-                "type": "integrations",
-                "id": str(integration.id),
-                "attributes": {
-                    "credentials": {
-                        "aws_access_key_id": "new_value",
-                    },
-                    # integration_type is `amazon_s3`
-                    "configuration": {
-                        "bucket_name": "new_bucket_name",
-                        "output_directory": "new_output_directory",
-                    },
-                },
-                "relationships": {"providers": {"data": []}},
-            }
-        }
-
-        assert integration.providers.count() > 0
-        response = authenticated_client.patch(
-            reverse("integration-detail", kwargs={"pk": integration.id}),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_200_OK
-        integration.refresh_from_db()
-        assert integration.providers.count() == 0
-
-    def test_integrations_partial_update_invalid_content_type(
-        self, authenticated_client, integrations_fixture
-    ):
-        integration, *_ = integrations_fixture
-        response = authenticated_client.patch(
-            reverse("integration-detail", kwargs={"pk": integration.id}),
-            data={},
-        )
-        assert response.status_code == status.HTTP_415_UNSUPPORTED_MEDIA_TYPE
-
-    def test_integrations_partial_update_invalid_content(
-        self, authenticated_client, integrations_fixture
-    ):
-        integration, *_ = integrations_fixture
-        data = {
-            "data": {
-                "type": "integrations",
-                "id": str(integration.id),
-                "attributes": {"invalid_config": "value"},
-            }
-        }
-        response = authenticated_client.patch(
-            reverse("integration-detail", kwargs={"pk": integration.id}),
-            data=json.dumps(data),
-            content_type="application/vnd.api+json",
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
-
-    def test_integrations_delete(
-        self,
-        authenticated_client,
-        integrations_fixture,
-    ):
-        integration, *_ = integrations_fixture
-        response = authenticated_client.delete(
-            reverse("integration-detail", kwargs={"pk": integration.id})
-        )
-        assert response.status_code == status.HTTP_204_NO_CONTENT
-
-    def test_integrations_delete_invalid(self, authenticated_client):
-        response = authenticated_client.delete(
-            reverse(
-                "integration-detail",
-                kwargs={"pk": "e67d0283-440f-48d1-b5f8-38d0763474f4"},
-            )
-        )
-        assert response.status_code == status.HTTP_404_NOT_FOUND
-
-    @pytest.mark.parametrize(
-        "filter_name, filter_value, expected_count",
-        (
-            [
-                ("inserted_at", TODAY, 2),
-                ("inserted_at.gte", "2024-01-01", 2),
-                ("inserted_at.lte", "2024-01-01", 0),
-                ("integration_type", Integration.IntegrationChoices.S3, 2),
-                ("integration_type", Integration.IntegrationChoices.SLACK, 0),
-                (
-                    "integration_type__in",
-                    f"{Integration.IntegrationChoices.S3},{Integration.IntegrationChoices.SLACK}",
-                    2,
-                ),
-            ]
-        ),
-    )
-    def test_integrations_filters(
-        self,
-        authenticated_client,
-        integrations_fixture,
-        filter_name,
-        filter_value,
-        expected_count,
-    ):
-        response = authenticated_client.get(
-            reverse("integration-list"),
-            {f"filter[{filter_name}]": filter_value},
-        )
-
-        assert response.status_code == status.HTTP_200_OK
-        assert len(response.json()["data"]) == expected_count
-
-    @pytest.mark.parametrize(
-        "filter_name",
-        (
-            [
-                "invalid",
-            ]
-        ),
-    )
-    def test_integrations_filters_invalid(self, authenticated_client, filter_name):
-        response = authenticated_client.get(
-            reverse("integration-list"),
-            {f"filter[{filter_name}]": "whatever"},
-        )
-        assert response.status_code == status.HTTP_400_BAD_REQUEST
--- a/api/src/backend/api/uuid_utils.py
+++ b/api/src/backend/api/uuid_utils.py
@@ -106,7 +106,7 @@ def uuid7_end(uuid_obj: UUID, offset_months: int = 1) -> UUID:

    Args:
        uuid_obj: A UUIDv7 object.
-        offset_months: Number of months to offset from the given UUID's date. Defaults to 1 to handle if
+        offset_days: Number of months to offset from the given UUID's date. Defaults to 1 to handle if
        partitions are not being used, if so the value will be the one set at FINDINGS_TABLE_PARTITION_MONTHS.

    Returns:
--- a/api/src/backend/api/v1/serializer_utils/integrations.py
+++ b/api/src/backend/api/v1/serializer_utils/integrations.py
@@ -1,122 +0,0 @@
-from drf_spectacular.utils import extend_schema_field
-from rest_framework_json_api import serializers
-from rest_framework_json_api.serializers import ValidationError
-
-
-class BaseValidateSerializer(serializers.Serializer):
-    def validate(self, data):
-        if hasattr(self, "initial_data"):
-            initial_data = set(self.initial_data.keys()) - {"id", "type"}
-            unknown_keys = initial_data - set(self.fields.keys())
-            if unknown_keys:
-                raise ValidationError(f"Invalid fields: {unknown_keys}")
-        return data
-
-
-# Integrations
-
-
-class S3ConfigSerializer(BaseValidateSerializer):
-    bucket_name = serializers.CharField()
-    output_directory = serializers.CharField()
-
-    class Meta:
-        resource_name = "integrations"
-
-
-class AWSCredentialSerializer(BaseValidateSerializer):
-    role_arn = serializers.CharField(required=False)
-    external_id = serializers.CharField(required=False)
-    role_session_name = serializers.CharField(required=False)
-    session_duration = serializers.IntegerField(
-        required=False, min_value=900, max_value=43200
-    )
-    aws_access_key_id = serializers.CharField(required=False)
-    aws_secret_access_key = serializers.CharField(required=False)
-    aws_session_token = serializers.CharField(required=False)
-
-    class Meta:
-        resource_name = "integrations"
-
-
-@extend_schema_field(
-    {
-        "oneOf": [
-            {
-                "type": "object",
-                "title": "AWS Credentials",
-                "properties": {
-                    "role_arn": {
-                        "type": "string",
-                        "description": "The Amazon Resource Name (ARN) of the role to assume. Required for AWS role "
-                        "assumption.",
-                    },
-                    "external_id": {
-                        "type": "string",
-                        "description": "An identifier to enhance security for role assumption.",
-                    },
-                    "aws_access_key_id": {
-                        "type": "string",
-                        "description": "The AWS access key ID. Only required if the environment lacks pre-configured "
-                        "AWS credentials.",
-                    },
-                    "aws_secret_access_key": {
-                        "type": "string",
-                        "description": "The AWS secret access key. Required if 'aws_access_key_id' is provided or if "
-                        "no AWS credentials are pre-configured.",
-                    },
-                    "aws_session_token": {
-                        "type": "string",
-                        "description": "The session token for temporary credentials, if applicable.",
-                    },
-                    "session_duration": {
-                        "type": "integer",
-                        "minimum": 900,
-                        "maximum": 43200,
-                        "default": 3600,
-                        "description": "The duration (in seconds) for the role session.",
-                    },
-                    "role_session_name": {
-                        "type": "string",
-                        "description": "An identifier for the role session, useful for tracking sessions in AWS logs. "
-                        "The regex used to validate this parameter is a string of characters consisting of "
-                        "upper- and lower-case alphanumeric characters with no spaces. You can also include "
-                        "underscores or any of the following characters: =,.@-\n\n"
-                        "Examples:\n"
-                        "- MySession123\n"
-                        "- User_Session-1\n"
-                        "- Test.Session@2",
-                        "pattern": "^[a-zA-Z0-9=,.@_-]+$",
-                    },
-                },
-            },
-        ]
-    }
-)
-class IntegrationCredentialField(serializers.JSONField):
-    pass
-
-
-@extend_schema_field(
-    {
-        "oneOf": [
-            {
-                "type": "object",
-                "title": "Amazon S3",
-                "properties": {
-                    "bucket_name": {
-                        "type": "string",
-                        "description": "The name of the S3 bucket where files will be stored.",
-                    },
-                    "output_directory": {
-                        "type": "string",
-                        "description": "The directory path within the bucket where files will be saved.",
-                    },
-                },
-                "required": ["bucket_name", "output_directory"],
-            },
-        ]
-    }
-)
-class IntegrationConfigField(serializers.JSONField):
-    pass
--- a/api/src/backend/api/v1/serializers.py
+++ b/api/src/backend/api/v1/serializers.py
@@ -16,8 +16,6 @@ from rest_framework_simplejwt.tokens import RefreshToken
 from api.models import (
    ComplianceOverview,
    Finding,
-    Integration,
-    IntegrationProviderRelationship,
    Invitation,
    InvitationRoleRelationship,
    Membership,
@@ -36,12 +34,6 @@ from api.models import (
    UserRoleRelationship,
 )
 from api.rls import Tenant
-from api.v1.serializer_utils.integrations import (
-    AWSCredentialSerializer,
-    IntegrationConfigField,
-    IntegrationCredentialField,
-    S3ConfigSerializer,
-)

 # Tokens

@@ -753,43 +745,6 @@ class ProviderSerializer(RLSSerializer):
        }


-class ProviderIncludeSerializer(RLSSerializer):
-    """
-    Serializer for the Provider model.
-    """
-
-    provider = ProviderEnumSerializerField()
-    connection = serializers.SerializerMethodField(read_only=True)
-
-    class Meta:
-        model = Provider
-        fields = [
-            "id",
-            "inserted_at",
-            "updated_at",
-            "provider",
-            "uid",
-            "alias",
-            "connection",
-            # "scanner_args",
-        ]
-
-    @extend_schema_field(
-        {
-            "type": "object",
-            "properties": {
-                "connected": {"type": "boolean"},
-                "last_checked_at": {"type": "string", "format": "date-time"},
-            },
-        }
-    )
-    def get_connection(self, obj):
-        return {
-            "connected": obj.connected,
-            "last_checked_at": obj.connection_last_checked_at,
-        }
-
-
 class ProviderCreateSerializer(RLSSerializer, BaseWriteSerializer):
    class Meta:
        model = Provider
@@ -852,35 +807,6 @@ class ScanSerializer(RLSSerializer):
        ]


-class ScanIncludeSerializer(RLSSerializer):
-    trigger = serializers.ChoiceField(
-        choices=Scan.TriggerChoices.choices, read_only=True
-    )
-    state = StateEnumSerializerField(read_only=True)
-
-    class Meta:
-        model = Scan
-        fields = [
-            "id",
-            "name",
-            "trigger",
-            "state",
-            "unique_resource_count",
-            "progress",
-            # "scanner_args",
-            "duration",
-            "inserted_at",
-            "started_at",
-            "completed_at",
-            "scheduled_at",
-            "provider",
-        ]
-
-    included_serializers = {
-        "provider": "api.v1.serializers.ProviderIncludeSerializer",
-    }
-
-
 class ScanCreateSerializer(RLSSerializer, BaseWriteSerializer):
    class Meta:
        model = Scan
@@ -1020,51 +946,6 @@ class ResourceSerializer(RLSSerializer):
        return fields


-class ResourceIncludeSerializer(RLSSerializer):
-    """
-    Serializer for the Resource model.
-    """
-
-    tags = serializers.SerializerMethodField()
-    type_ = serializers.CharField(read_only=True)
-
-    class Meta:
-        model = Resource
-        fields = [
-            "id",
-            "inserted_at",
-            "updated_at",
-            "uid",
-            "name",
-            "region",
-            "service",
-            "type_",
-            "tags",
-        ]
-        extra_kwargs = {
-            "id": {"read_only": True},
-            "inserted_at": {"read_only": True},
-            "updated_at": {"read_only": True},
-        }
-
-    @extend_schema_field(
-        {
-            "type": "object",
-            "description": "Tags associated with the resource",
-            "example": {"env": "prod", "owner": "johndoe"},
-        }
-    )
-    def get_tags(self, obj):
-        return obj.get_tags(self.context.get("tenant_id"))
-
-    def get_fields(self):
-        """`type` is a Python reserved keyword."""
-        fields = super().get_fields()
-        type_ = fields.pop("type_")
-        fields["type"] = type_
-        return fields
-
-
 class FindingSerializer(RLSSerializer):
    """
    Serializer for the Finding model.
@@ -1094,8 +975,8 @@ class FindingSerializer(RLSSerializer):
        ]

    included_serializers = {
-        "scan": ScanIncludeSerializer,
-        "resources": ResourceIncludeSerializer,
+        "scan": ScanSerializer,
+        "resources": ResourceSerializer,
    }


@@ -1614,8 +1495,8 @@ class RoleSerializer(RLSSerializer, BaseWriteSerializer):
            "manage_account",
            # Disable for the first release
            # "manage_billing",
+            # "manage_integrations",
            # /Disable for the first release
-            "manage_integrations",
            "manage_providers",
            "manage_scans",
            "permission_state",
@@ -2021,201 +1902,3 @@ class ScheduleDailyCreateSerializer(serializers.Serializer):
            if unknown_keys:
                raise ValidationError(f"Invalid fields: {unknown_keys}")
        return data
-
-
-# Integrations
-
-
-class BaseWriteIntegrationSerializer(BaseWriteSerializer):
-    @staticmethod
-    def validate_integration_data(
-        integration_type: str,
-        providers: list[Provider],  # noqa
-        configuration: dict,
-        credentials: dict,
-    ):
-        if integration_type == Integration.IntegrationChoices.S3:
-            config_serializer = S3ConfigSerializer
-            credentials_serializers = [AWSCredentialSerializer]
-            # TODO: This will be required for AWS Security Hub
-            # if providers and not all(
-            #     provider.provider == Provider.ProviderChoices.AWS
-            #     for provider in providers
-            # ):
-            #     raise serializers.ValidationError(
-            #         {"providers": "All providers must be AWS for the S3 integration."}
-            #     )
-        else:
-            raise serializers.ValidationError(
-                {
-                    "integration_type": f"Integration type not supported yet: {integration_type}"
-                }
-            )
-
-        config_serializer(data=configuration).is_valid(raise_exception=True)
-
-        for cred_serializer in credentials_serializers:
-            try:
-                cred_serializer(data=credentials).is_valid(raise_exception=True)
-                break
-            except ValidationError:
-                continue
-        else:
-            raise ValidationError(
-                {"credentials": "Invalid credentials for the integration type."}
-            )
-
-
-class IntegrationSerializer(RLSSerializer):
-    """
-    Serializer for the Integration model.
-    """
-
-    providers = serializers.ResourceRelatedField(
-        queryset=Provider.objects.all(), many=True
-    )
-
-    class Meta:
-        model = Integration
-        fields = [
-            "id",
-            "inserted_at",
-            "updated_at",
-            "enabled",
-            "connected",
-            "connection_last_checked_at",
-            "integration_type",
-            "configuration",
-            "providers",
-            "url",
-        ]
-
-    included_serializers = {
-        "providers": "api.v1.serializers.ProviderIncludeSerializer",
-    }
-
-    def to_representation(self, instance):
-        representation = super().to_representation(instance)
-        allowed_providers = self.context.get("allowed_providers")
-        if allowed_providers:
-            allowed_provider_ids = {str(provider.id) for provider in allowed_providers}
-            representation["providers"] = [
-                provider
-                for provider in representation["providers"]
-                if provider["id"] in allowed_provider_ids
-            ]
-        return representation
-
-
-class IntegrationCreateSerializer(BaseWriteIntegrationSerializer):
-    credentials = IntegrationCredentialField(write_only=True)
-    configuration = IntegrationConfigField()
-    providers = serializers.ResourceRelatedField(
-        queryset=Provider.objects.all(), many=True, required=False
-    )
-
-    class Meta:
-        model = Integration
-        fields = [
-            "inserted_at",
-            "updated_at",
-            "enabled",
-            "connected",
-            "connection_last_checked_at",
-            "integration_type",
-            "configuration",
-            "credentials",
-            "providers",
-        ]
-        extra_kwargs = {
-            "inserted_at": {"read_only": True},
-            "updated_at": {"read_only": True},
-            "connected": {"read_only": True},
-            "enabled": {"read_only": True},
-            "connection_last_checked_at": {"read_only": True},
-        }
-
-    def validate(self, attrs):
-        integration_type = attrs.get("integration_type")
-        providers = attrs.get("providers")
-        configuration = attrs.get("configuration")
-        credentials = attrs.get("credentials")
-
-        validated_attrs = super().validate(attrs)
-        self.validate_integration_data(
-            integration_type, providers, configuration, credentials
-        )
-        return validated_attrs
-
-    def create(self, validated_data):
-        tenant_id = self.context.get("tenant_id")
-
-        providers = validated_data.pop("providers", [])
-        integration = Integration.objects.create(tenant_id=tenant_id, **validated_data)
-
-        through_model_instances = [
-            IntegrationProviderRelationship(
-                integration=integration,
-                provider=provider,
-                tenant_id=tenant_id,
-            )
-            for provider in providers
-        ]
-        IntegrationProviderRelationship.objects.bulk_create(through_model_instances)
-
-        return integration
-
-
-class IntegrationUpdateSerializer(BaseWriteIntegrationSerializer):
-    credentials = IntegrationCredentialField(write_only=True, required=False)
-    configuration = IntegrationConfigField(required=False)
-    providers = serializers.ResourceRelatedField(
-        queryset=Provider.objects.all(), many=True, required=False
-    )
-
-    class Meta:
-        model = Integration
-        fields = [
-            "inserted_at",
-            "updated_at",
-            "enabled",
-            "connected",
-            "connection_last_checked_at",
-            "integration_type",
-            "configuration",
-            "credentials",
-            "providers",
-        ]
-        extra_kwargs = {
-            "inserted_at": {"read_only": True},
-            "updated_at": {"read_only": True},
-            "connected": {"read_only": True},
-            "connection_last_checked_at": {"read_only": True},
-            "integration_type": {"read_only": True},
-        }
-
-    def validate(self, attrs):
-        integration_type = self.instance.integration_type
-        providers = attrs.get("providers")
-        configuration = attrs.get("configuration") or self.instance.configuration
-        credentials = attrs.get("credentials") or self.instance.credentials
-
-        validated_attrs = super().validate(attrs)
-        self.validate_integration_data(
-            integration_type, providers, configuration, credentials
-        )
-        return validated_attrs
-
-    def update(self, instance, validated_data):
-        tenant_id = self.context.get("tenant_id")
-        if validated_data.get("providers") is not None:
-            instance.providers.clear()
-            new_relationships = [
-                IntegrationProviderRelationship(
-                    integration=instance, provider=provider, tenant_id=tenant_id
-                )
-                for provider in validated_data["providers"]
-            ]
-            IntegrationProviderRelationship.objects.bulk_create(new_relationships)
-
-        return super().update(instance, validated_data)
--- a/api/src/backend/api/v1/urls.py
+++ b/api/src/backend/api/v1/urls.py
@@ -10,7 +10,6 @@ from api.v1.views import (
    FindingViewSet,
    GithubSocialLoginView,
    GoogleSocialLoginView,
-    IntegrationViewSet,
    InvitationAcceptViewSet,
    InvitationViewSet,
    MembershipViewSet,
@@ -48,7 +47,6 @@ router.register(
 )
 router.register(r"overviews", OverviewViewSet, basename="overview")
 router.register(r"schedules", ScheduleViewSet, basename="schedule")
-router.register(r"integrations", IntegrationViewSet, basename="integration")

 tenants_router = routers.NestedSimpleRouter(router, r"tenants", lookup="tenant")
 tenants_router.register(
--- a/api/src/backend/api/v1/views.py
+++ b/api/src/backend/api/v1/views.py
@@ -1,7 +1,6 @@
 import glob
 import os

-import sentry_sdk
 from allauth.socialaccount.providers.github.views import GitHubOAuth2Adapter
 from allauth.socialaccount.providers.google.views import GoogleOAuth2Adapter
 from botocore.exceptions import ClientError, NoCredentialsError, ParamValidationError
@@ -16,7 +15,7 @@ from django.conf import settings as django_settings
 from django.contrib.postgres.aggregates import ArrayAgg
 from django.contrib.postgres.search import SearchQuery
 from django.db import transaction
-from django.db.models import Count, Exists, F, OuterRef, Prefetch, Q, Subquery, Sum
+from django.db.models import Count, F, OuterRef, Prefetch, Q, Subquery, Sum
 from django.db.models.functions import Coalesce
 from django.http import HttpResponse
 from django.urls import reverse
@@ -58,7 +57,6 @@ from api.db_router import MainRouter
 from api.filters import (
    ComplianceOverviewFilter,
    FindingFilter,
-    IntegrationFilter,
    InvitationFilter,
    MembershipFilter,
    ProviderFilter,
@@ -76,7 +74,6 @@ from api.filters import (
 from api.models import (
    ComplianceOverview,
    Finding,
-    Integration,
    Invitation,
    Membership,
    Provider,
@@ -84,7 +81,6 @@ from api.models import (
    ProviderGroupMembership,
    ProviderSecret,
    Resource,
-    ResourceFindingMapping,
    Role,
    RoleProviderGroupRelationship,
    Scan,
@@ -99,15 +95,13 @@ from api.pagination import ComplianceOverviewPagination
 from api.rbac.permissions import Permissions, get_providers, get_role
 from api.rls import Tenant
 from api.utils import CustomOAuth2Client, validate_invitation
+from api.uuid_utils import datetime_to_uuid7
 from api.v1.serializers import (
    ComplianceOverviewFullSerializer,
    ComplianceOverviewSerializer,
    FindingDynamicFilterSerializer,
    FindingMetadataSerializer,
    FindingSerializer,
-    IntegrationCreateSerializer,
-    IntegrationSerializer,
-    IntegrationUpdateSerializer,
    InvitationAcceptSerializer,
    InvitationCreateSerializer,
    InvitationSerializer,
@@ -245,7 +239,7 @@ class SchemaView(SpectacularAPIView):

    def get(self, request, *args, **kwargs):
        spectacular_settings.TITLE = "Prowler API"
-        spectacular_settings.VERSION = "1.6.0"
+        spectacular_settings.VERSION = "1.5.0"
        spectacular_settings.DESCRIPTION = (
            "Prowler API specification.\n\nThis file is auto-generated."
        )
@@ -301,11 +295,6 @@ class SchemaView(SpectacularAPIView):
                "description": "Endpoints for task management, allowing retrieval of task status and "
                "revoking tasks that have not started.",
            },
-            {
-                "name": "Integration",
-                "description": "Endpoints for managing third-party integrations, including registration, configuration,"
-                " retrieval, and deletion of integrations such as S3, JIRA, or other services.",
-            },
        ]
        return super().get(request, *args, **kwargs)

@@ -1134,18 +1123,6 @@ class ProviderViewSet(BaseRLSViewSet):
        request=ScanCreateSerializer,
        responses={202: OpenApiResponse(response=TaskSerializer)},
    ),
-    report=extend_schema(
-        tags=["Scan"],
-        summary="Download ZIP report",
-        description="Returns a ZIP file containing the requested report",
-        request=ScanReportSerializer,
-        responses={
-            200: OpenApiResponse(description="Report obtained successfully"),
-            202: OpenApiResponse(description="The task is in progress"),
-            403: OpenApiResponse(description="There is a problem with credentials"),
-            404: OpenApiResponse(description="The scan has no reports"),
-        },
-    ),
 )
@method_decorator(CACHE_DECORATOR, name="list")
@method_decorator(CACHE_DECORATOR, name="retrieve")
@@ -1195,8 +1172,6 @@ class ScanViewSet(BaseRLSViewSet):
        elif self.action == "partial_update":
            return ScanUpdateSerializer
        elif self.action == "report":
-            if hasattr(self, "response_serializer_class"):
-                return self.response_serializer_class
            return ScanReportSerializer
        return super().get_serializer_class()

@@ -1215,93 +1190,65 @@ class ScanViewSet(BaseRLSViewSet):
        )
        return Response(data=read_serializer.data, status=status.HTTP_200_OK)

+    @extend_schema(
+        tags=["Scan"],
+        summary="Download ZIP report",
+        description="Returns a ZIP file containing the requested report",
+        request=ScanReportSerializer,
+        responses={
+            200: OpenApiResponse(description="Report obtained successfully"),
+            403: OpenApiResponse(
+                description="There is a problem with the AWS credentials"
+            ),
+        },
+    )
    @action(detail=True, methods=["get"], url_name="report")
    def report(self, request, pk=None):
-        scan_instance = self.get_object()
+        scan_instance = Scan.objects.get(pk=pk)
+        output_path = scan_instance.output_path

-        if scan_instance.state == StateChoices.EXECUTING:
-            # If the scan is still running, return the task
-            prowler_task = Task.objects.get(id=scan_instance.task.id)
-            self.response_serializer_class = TaskSerializer
-            output_serializer = self.get_serializer(prowler_task)
+        if not output_path:
            return Response(
-                data=output_serializer.data,
-                status=status.HTTP_202_ACCEPTED,
-                headers={
-                    "Content-Location": reverse(
-                        "task-detail", kwargs={"pk": output_serializer.data["id"]}
-                    )
-                },
+                {"detail": "No files found"}, status=status.HTTP_404_NOT_FOUND
            )

-        try:
-            output_celery_task = Task.objects.get(
-                task_runner_task__task_name="scan-report",
-                task_runner_task__task_args__contains=pk,
-            )
-            self.response_serializer_class = TaskSerializer
-            output_serializer = self.get_serializer(output_celery_task)
-            if output_serializer.data["state"] == StateChoices.EXECUTING:
-                # If the task is still running, return the task
-                return Response(
-                    data=output_serializer.data,
-                    status=status.HTTP_202_ACCEPTED,
-                    headers={
-                        "Content-Location": reverse(
-                            "task-detail", kwargs={"pk": output_serializer.data["id"]}
-                        )
-                    },
-                )
-        except Task.DoesNotExist:
-            # If the task does not exist, it means that the task is removed from the database
-            pass
-
-        output_location = scan_instance.output_location
-        if not output_location:
-            return Response(
-                {"detail": "The scan has no reports."},
-                status=status.HTTP_404_NOT_FOUND,
-            )
-
-        if scan_instance.output_location.startswith("s3://"):
+        if scan_instance.output_path.startswith("s3://"):
            try:
                s3_client = get_s3_client()
            except (ClientError, NoCredentialsError, ParamValidationError):
                return Response(
-                    {"detail": "There is a problem with credentials."},
+                    {"detail": "There is a problem with the AWS credentials."},
                    status=status.HTTP_403_FORBIDDEN,
                )

-            bucket_name = env.str("DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET")
-            key = output_location[len(f"s3://{bucket_name}/") :]
+            bucket_name = env.str("DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET")
            try:
+                key = output_path[len(f"s3://{bucket_name}/") :]
                s3_object = s3_client.get_object(Bucket=bucket_name, Key=key)
-            except ClientError as e:
-                error_code = e.response.get("Error", {}).get("Code")
-                if error_code == "NoSuchKey":
-                    return Response(
-                        {"detail": "The scan has no reports."},
-                        status=status.HTTP_404_NOT_FOUND,
-                    )
+                file_content = s3_object["Body"].read()
+                filename = os.path.basename(output_path.split("/")[-1])
+            except ClientError:
                return Response(
-                    {"detail": "There is a problem with credentials."},
-                    status=status.HTTP_403_FORBIDDEN,
+                    {"detail": "Error accessing cloud storage"},
+                    status=status.HTTP_500_INTERNAL_SERVER_ERROR,
                )
-            file_content = s3_object["Body"].read()
-            filename = os.path.basename(output_location.split("/")[-1])
        else:
-            zip_files = glob.glob(output_location)
+            zip_files = glob.glob(output_path)
+            if not zip_files:
+                return Response(
+                    {"detail": "No local files found"}, status=status.HTTP_404_NOT_FOUND
+                )
+
            try:
                file_path = zip_files[0]
-            except IndexError as e:
-                sentry_sdk.capture_exception(e)
+                with open(file_path, "rb") as f:
+                    file_content = f.read()
+                filename = os.path.basename(file_path)
+            except IOError:
                return Response(
-                    {"detail": "The scan has no reports."},
-                    status=status.HTTP_404_NOT_FOUND,
+                    {"detail": "Error reading local file"},
+                    status=status.HTTP_500_INTERNAL_SERVER_ERROR,
                )
-            with open(file_path, "rb") as f:
-                file_content = f.read()
-            filename = os.path.basename(file_path)

        response = HttpResponse(
            file_content, content_type="application/x-zip-compressed"
@@ -1525,10 +1472,17 @@ class ResourceViewSet(BaseRLSViewSet):
@method_decorator(CACHE_DECORATOR, name="list")
@method_decorator(CACHE_DECORATOR, name="retrieve")
 class FindingViewSet(BaseRLSViewSet):
-    queryset = Finding.all_objects.all()
+    queryset = Finding.objects.all()
    serializer_class = FindingSerializer
-    filterset_class = FindingFilter
+    prefetch_for_includes = {
+        "__all__": [],
+        "resources": [
+            Prefetch("resources", queryset=Resource.objects.select_related("findings"))
+        ],
+        "scan": [Prefetch("scan", queryset=Scan.objects.select_related("findings"))],
+    }
    http_method_names = ["get"]
+    filterset_class = FindingFilter
    ordering = ["-inserted_at"]
    ordering_fields = [
        "status",
@@ -1537,18 +1491,6 @@ class FindingViewSet(BaseRLSViewSet):
        "inserted_at",
        "updated_at",
    ]
-    prefetch_for_includes = {
-        "__all__": [],
-        "resources": [
-            Prefetch(
-                "resources",
-                queryset=Resource.all_objects.prefetch_related("tags", "findings"),
-            )
-        ],
-        "scan": [
-            Prefetch("scan", queryset=Scan.all_objects.select_related("findings"))
-        ],
-    }
    # RBAC required permissions (implicit -> MANAGE_PROVIDERS enable unlimited visibility or check the visibility of
    # the provider through the provider group)
    required_permissions = []
@@ -1562,34 +1504,41 @@ class FindingViewSet(BaseRLSViewSet):
        return super().get_serializer_class()

    def get_queryset(self):
-        tenant_id = self.request.tenant_id
        user_roles = get_role(self.request.user)
        if user_roles.unlimited_visibility:
-            # User has unlimited visibility, return all findings
-            queryset = Finding.all_objects.filter(tenant_id=tenant_id)
+            # User has unlimited visibility, return all scans
+            queryset = Finding.objects.filter(tenant_id=self.request.tenant_id)
        else:
-            # User lacks permission, filter findings based on provider groups associated with the role
-            queryset = Finding.all_objects.filter(
+            # User lacks permission, filter providers based on provider groups associated with the role
+            queryset = Finding.objects.filter(
                scan__provider__in=get_providers(user_roles)
            )

        search_value = self.request.query_params.get("filter[search]", None)
        if search_value:
+            # Django's ORM will build a LEFT JOIN and OUTER JOIN on any "through" tables, resulting in duplicates
+            # The duplicates then require a `distinct` query
            search_query = SearchQuery(
                search_value, config="simple", search_type="plain"
            )
-
-            resource_match = Resource.all_objects.filter(
-                text_search=search_query,
-                id__in=ResourceFindingMapping.objects.filter(
-                    resource_id=OuterRef("pk"),
-                    tenant_id=tenant_id,
-                ).values("resource_id"),
-            )
-
            queryset = queryset.filter(
-                Q(text_search=search_query) | Q(Exists(resource_match))
-            )
+                Q(impact_extended__contains=search_value)
+                | Q(status_extended__contains=search_value)
+                | Q(check_id=search_value)
+                | Q(check_id__icontains=search_value)
+                | Q(text_search=search_query)
+                | Q(resources__uid=search_value)
+                | Q(resources__name=search_value)
+                | Q(resources__region=search_value)
+                | Q(resources__service=search_value)
+                | Q(resources__type=search_value)
+                | Q(resources__uid__contains=search_value)
+                | Q(resources__name__contains=search_value)
+                | Q(resources__region__contains=search_value)
+                | Q(resources__service__contains=search_value)
+                | Q(resources__tags__text_search=search_query)
+                | Q(resources__text_search=search_query)
+            ).distinct()

        return queryset

@@ -1599,22 +1548,10 @@ class FindingViewSet(BaseRLSViewSet):
            return queryset
        return super().filter_queryset(queryset)

-    def list(self, request, *args, **kwargs):
-        base_qs = self.filter_queryset(self.get_queryset())
-        paginated_ids = self.paginate_queryset(base_qs.values_list("id", flat=True))
-        if paginated_ids is not None:
-            ids = list(paginated_ids)
-            findings = (
-                Finding.all_objects.filter(tenant_id=self.request.tenant_id, id__in=ids)
-                .select_related("scan")
-                .prefetch_related("resources")
-            )
-            # Re-sort in Python to preserve ordering:
-            findings = sorted(findings, key=lambda x: ids.index(x.id))
-            serializer = self.get_serializer(findings, many=True)
-            return self.get_paginated_response(serializer.data)
-        serializer = self.get_serializer(base_qs, many=True)
-        return Response(serializer.data)
+    def inserted_at_to_uuidv7(self, inserted_at):
+        if inserted_at is None:
+            return None
+        return datetime_to_uuid7(inserted_at)

    @action(detail=False, methods=["get"], url_name="findings_services_regions")
    def findings_services_regions(self, request):
@@ -2451,67 +2388,3 @@ class ScheduleViewSet(BaseRLSViewSet):
                )
            },
        )
-
-
-@extend_schema_view(
-    list=extend_schema(
-        tags=["Integration"],
-        summary="List all integrations",
-        description="Retrieve a list of all configured integrations with options for filtering by various criteria.",
-    ),
-    retrieve=extend_schema(
-        tags=["Integration"],
-        summary="Retrieve integration details",
-        description="Fetch detailed information about a specific integration by its ID.",
-    ),
-    create=extend_schema(
-        tags=["Integration"],
-        summary="Create a new integration",
-        description="Register a new integration with the system, providing necessary configuration details.",
-    ),
-    partial_update=extend_schema(
-        tags=["Integration"],
-        summary="Partially update an integration",
-        description="Modify certain fields of an existing integration without affecting other settings.",
-    ),
-    destroy=extend_schema(
-        tags=["Integration"],
-        summary="Delete an integration",
-        description="Remove an integration from the system by its ID.",
-    ),
-)
-@method_decorator(CACHE_DECORATOR, name="list")
-@method_decorator(CACHE_DECORATOR, name="retrieve")
-class IntegrationViewSet(BaseRLSViewSet):
-    queryset = Integration.objects.all()
-    serializer_class = IntegrationSerializer
-    http_method_names = ["get", "post", "patch", "delete"]
-    filterset_class = IntegrationFilter
-    ordering = ["integration_type", "-inserted_at"]
-    # RBAC required permissions
-    required_permissions = [Permissions.MANAGE_INTEGRATIONS]
-    allowed_providers = None
-
-    def get_queryset(self):
-        user_roles = get_role(self.request.user)
-        if user_roles.unlimited_visibility:
-            # User has unlimited visibility, return all integrations
-            queryset = Integration.objects.filter(tenant_id=self.request.tenant_id)
-        else:
-            # User lacks permission, filter providers based on provider groups associated with the role
-            allowed_providers = get_providers(user_roles)
-            queryset = Integration.objects.filter(providers__in=allowed_providers)
-            self.allowed_providers = allowed_providers
-        return queryset
-
-    def get_serializer_class(self):
-        if self.action == "create":
-            return IntegrationCreateSerializer
-        elif self.action == "partial_update":
-            return IntegrationUpdateSerializer
-        return super().get_serializer_class()
-
-    def get_serializer_context(self):
-        context = super().get_serializer_context()
-        context["allowed_providers"] = self.allowed_providers
-        return context
--- a/api/src/backend/config/custom_logging.py
+++ b/api/src/backend/config/custom_logging.py
@@ -2,9 +2,10 @@ import json
 import logging
 from enum import StrEnum

-from config.env import env
 from django_guid.log_filters import CorrelationId

+from config.env import env
+

 class BackendLogger(StrEnum):
    GUNICORN = "gunicorn"
@@ -38,9 +39,9 @@ class NDJSONFormatter(logging.Formatter):
            "funcName": record.funcName,
            "process": record.process,
            "thread": record.thread,
-            "transaction_id": (
-                record.transaction_id if hasattr(record, "transaction_id") else None
-            ),
+            "transaction_id": record.transaction_id
+            if hasattr(record, "transaction_id")
+            else None,
        }

        # Add REST API extra fields
--- a/api/src/backend/config/django/base.py
+++ b/api/src/backend/config/django/base.py
@@ -4,7 +4,6 @@ from config.custom_logging import LOGGING  # noqa
 from config.env import BASE_DIR, env  # noqa
 from config.settings.celery import *  # noqa
 from config.settings.partitions import *  # noqa
-from config.settings.sentry import *  # noqa
 from config.settings.social_login import *  # noqa

 SECRET_KEY = env("SECRET_KEY", default="secret")
@@ -219,7 +218,6 @@ CACHE_STALE_WHILE_REVALIDATE = env.int("DJANGO_STALE_WHILE_REVALIDATE", 60)


 TESTING = False
-
 FINDINGS_MAX_DAYS_IN_RANGE = env.int("DJANGO_FINDINGS_MAX_DAYS_IN_RANGE", 7)


@@ -229,10 +227,12 @@ DJANGO_TMP_OUTPUT_DIRECTORY = env.str(
 )
 DJANGO_FINDINGS_BATCH_SIZE = env.str("DJANGO_FINDINGS_BATCH_SIZE", 1000)

-DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET = env.str("DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET", "")
-DJANGO_OUTPUT_S3_AWS_ACCESS_KEY_ID = env.str("DJANGO_OUTPUT_S3_AWS_ACCESS_KEY_ID", "")
-DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY = env.str(
-    "DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY", ""
+DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET = env.str(
+    "DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET", ""
 )
-DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN = env.str("DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN", "")
-DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION = env.str("DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION", "")
+DJANGO_ARTIFACTS_AWS_ACCESS_KEY_ID = env.str("DJANGO_ARTIFACTS_AWS_ACCESS_KEY_ID", "")
+DJANGO_ARTIFACTS_AWS_SECRET_ACCESS_KEY = env.str(
+    "DJANGO_ARTIFACTS_AWS_SECRET_ACCESS_KEY", ""
+)
+DJANGO_ARTIFACTS_AWS_SESSION_TOKEN = env.str("DJANGO_ARTIFACTS_AWS_SESSION_TOKEN", "")
+DJANGO_ARTIFACTS_AWS_DEFAULT_REGION = env.str("DJANGO_ARTIFACTS_AWS_DEFAULT_REGION", "")
--- a/api/src/backend/config/settings/sentry.py
+++ b/api/src/backend/config/settings/sentry.py
@@ -1,88 +0,0 @@
-import sentry_sdk
-from config.env import env
-
-IGNORED_EXCEPTIONS = [
-    # Provider is not connected due to credentials errors
-    "is not connected",
-    # Authentication Errors from AWS
-    "InvalidToken",
-    "AccessDeniedException",
-    "AuthorizationErrorException",
-    "UnrecognizedClientException",
-    "UnauthorizedOperation",
-    "AuthFailure",
-    "InvalidClientTokenId",
-    "AccessDenied",
-    "No Shodan API Key",  # Shodan Check
-    "RequestLimitExceeded",  # For now we don't want to log the RequestLimitExceeded errors
-    "ThrottlingException",
-    "Rate exceeded",
-    "SubscriptionRequiredException",
-    "UnknownOperationException",
-    "OptInRequired",
-    "ReadTimeout",
-    "LimitExceeded",
-    "ConnectTimeoutError",
-    "ExpiredToken",
-    "IncompleteSignature",
-    "RegionDisabledException",
-    "TooManyRequestsException",
-    "SignatureDoesNotMatch",
-    "InvalidParameterValueException",
-    "InvalidInputException",
-    "ValidationException",
-    "AWSSecretAccessKeyInvalidError",
-    "InvalidAction",
-    "Pool is closed",  # The following comes from urllib3: eu-west-1 -- HTTPClientError[126]: An HTTP Client raised an unhandled exception: AWSHTTPSConnectionPool(host='hostname.s3.eu-west-1.amazonaws.com', port=443): Pool is closed.
-    # Authentication Errors from GCP
-    "ClientAuthenticationError",
-    "AuthorizationFailed",
-    "Reauthentication is needed",
-    "Permission denied to get service",
-    "API has not been used in project",
-    "HttpError 404 when requesting",
-    "GCPNoAccesibleProjectsError",
-    # Authentication Errors from Azure
-    "ClientAuthenticationError",
-    "AuthorizationFailed",
-    "Subscription Not Registered",
-    "AzureNotValidClientIdError",
-    "AzureNotValidClientSecretError",
-    "AzureNotValidTenantIdError",
-    "AzureTenantIdAndClientSecretNotBelongingToClientIdError",
-    "AzureTenantIdAndClientIdNotBelongingToClientSecretError",
-    "AzureClientIdAndClientSecretNotBelongingToTenantIdError",
-    "AzureHTTPResponseError",
-    "Error with credentials provided",
-]
-
-
-def before_send(event, hint):
-    """
-    before_send handles the Sentry events in order to sent them or not
-    """
-    # Ignore logs with the ignored_exceptions
-    # https://docs.python.org/3/library/logging.html#logrecord-objects
-    if "log_record" in hint:
-        log_msg = hint["log_record"].msg
-        log_lvl = hint["log_record"].levelno
-
-        # Handle Error events and discard the rest
-        if log_lvl == 40 and any(ignored in log_msg for ignored in IGNORED_EXCEPTIONS):
-            return
-    return event
-
-
-sentry_sdk.init(
-    dsn=env.str("DJANGO_SENTRY_DSN", ""),
-    # Add data like request headers and IP for users,
-    # see https://docs.sentry.io/platforms/python/data-management/data-collected/ for more info
-    before_send=before_send,
-    send_default_pii=True,
-    _experiments={
-        # Set continuous_profiling_auto_start to True
-        # to automatically start the profiler on when
-        # possible.
-        "continuous_profiling_auto_start": True,
-    },
-)
--- a/api/src/backend/config/settings/social_login.py
+++ b/api/src/backend/config/settings/social_login.py
@@ -1,13 +1,13 @@
 from config.env import env

-# Provider Oauth settings
-GOOGLE_OAUTH_CLIENT_ID = env("SOCIAL_GOOGLE_OAUTH_CLIENT_ID", default="")
-GOOGLE_OAUTH_CLIENT_SECRET = env("SOCIAL_GOOGLE_OAUTH_CLIENT_SECRET", default="")
-GOOGLE_OAUTH_CALLBACK_URL = env("SOCIAL_GOOGLE_OAUTH_CALLBACK_URL", default="")
+# Google Oauth settings
+GOOGLE_OAUTH_CLIENT_ID = env("DJANGO_GOOGLE_OAUTH_CLIENT_ID", default="")
+GOOGLE_OAUTH_CLIENT_SECRET = env("DJANGO_GOOGLE_OAUTH_CLIENT_SECRET", default="")
+GOOGLE_OAUTH_CALLBACK_URL = env("DJANGO_GOOGLE_OAUTH_CALLBACK_URL", default="")

-GITHUB_OAUTH_CLIENT_ID = env("SOCIAL_GITHUB_OAUTH_CLIENT_ID", default="")
-GITHUB_OAUTH_CLIENT_SECRET = env("SOCIAL_GITHUB_OAUTH_CLIENT_SECRET", default="")
-GITHUB_OAUTH_CALLBACK_URL = env("SOCIAL_GITHUB_OAUTH_CALLBACK_URL", default="")
+GITHUB_OAUTH_CLIENT_ID = env("DJANGO_GITHUB_OAUTH_CLIENT_ID", default="")
+GITHUB_OAUTH_CLIENT_SECRET = env("DJANGO_GITHUB_OAUTH_CLIENT_SECRET", default="")
+GITHUB_OAUTH_CALLBACK_URL = env("DJANGO_GITHUB_OAUTH_CALLBACK_URL", default="")

 # Allauth settings
 ACCOUNT_LOGIN_METHODS = {"email"}  # Use Email / Password authentication
--- a/api/src/backend/conftest.py
+++ b/api/src/backend/conftest.py
@@ -15,8 +15,6 @@ from api.db_utils import rls_transaction
 from api.models import (
    ComplianceOverview,
    Finding,
-    Integration,
-    IntegrationProviderRelationship,
    Invitation,
    Membership,
    Provider,
@@ -488,7 +486,7 @@ def scans_fixture(tenants_fixture, providers_fixture):
        name="Scan 1",
        provider=provider,
        trigger=Scan.TriggerChoices.MANUAL,
-        state=StateChoices.COMPLETED,
+        state=StateChoices.AVAILABLE,
        tenant_id=tenant.id,
        started_at="2024-01-02T00:00:00Z",
    )
@@ -879,46 +877,6 @@ def scan_summaries_fixture(tenants_fixture, providers_fixture):
    )


-@pytest.fixture
-def integrations_fixture(providers_fixture):
-    provider1, provider2, *_ = providers_fixture
-    tenant_id = provider1.tenant_id
-    integration1 = Integration.objects.create(
-        tenant_id=tenant_id,
-        enabled=True,
-        connected=True,
-        integration_type="amazon_s3",
-        configuration={"key": "value"},
-        credentials={"psswd": "1234"},
-    )
-    IntegrationProviderRelationship.objects.create(
-        tenant_id=tenant_id,
-        integration=integration1,
-        provider=provider1,
-    )
-
-    integration2 = Integration.objects.create(
-        tenant_id=tenant_id,
-        enabled=True,
-        connected=True,
-        integration_type="amazon_s3",
-        configuration={"key": "value"},
-        credentials={"psswd": "1234"},
-    )
-    IntegrationProviderRelationship.objects.create(
-        tenant_id=tenant_id,
-        integration=integration2,
-        provider=provider1,
-    )
-    IntegrationProviderRelationship.objects.create(
-        tenant_id=tenant_id,
-        integration=integration2,
-        provider=provider2,
-    )
-
-    return integration1, integration2
-
-
 def get_authorization_header(access_token: str) -> dict:
    return {"Authorization": f"Bearer {access_token}"}

--- a/api/src/backend/tasks/jobs/export.py
+++ b/api/src/backend/tasks/jobs/export.py
@@ -5,7 +5,7 @@ import boto3
 import config.django.base as base
 from botocore.exceptions import ClientError, NoCredentialsError, ParamValidationError
 from celery.utils.log import get_task_logger
-from django.conf import settings
+from config.env import env

 from prowler.config.config import (
    csv_file_suffix,
@@ -48,7 +48,7 @@ def _compress_output_files(output_directory: str) -> str:
        for suffix in [config["suffix"] for config in OUTPUT_FORMATS_MAPPING.values()]:
            zipf.write(
                f"{output_directory}{suffix}",
-                f"output/{output_directory.split('/')[-1]}{suffix}",
+                f"artifacts/{output_directory.split('/')[-1]}{suffix}",
            )

    return zip_path
@@ -74,13 +74,13 @@ def get_s3_client():
    try:
        s3_client = boto3.client(
            "s3",
-            aws_access_key_id=settings.DJANGO_OUTPUT_S3_AWS_ACCESS_KEY_ID,
-            aws_secret_access_key=settings.DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY,
-            aws_session_token=settings.DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN,
-            region_name=settings.DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION,
+            aws_access_key_id=env.str("DJANGO_ARTIFACTS_AWS_ACCESS_KEY_ID"),
+            aws_secret_access_key=env.str("DJANGO_ARTIFACTS_AWS_SECRET_ACCESS_KEY"),
+            aws_session_token=env.str("DJANGO_ARTIFACTS_AWS_SESSION_TOKEN"),
+            region_name=env.str("DJANGO_ARTIFACTS_AWS_DEFAULT_REGION"),
        )
        s3_client.list_buckets()
-    except (ClientError, NoCredentialsError, ParamValidationError, ValueError):
+    except (ClientError, NoCredentialsError, ParamValidationError):
        s3_client = boto3.client("s3")
        s3_client.list_buckets()

@@ -102,20 +102,21 @@ def _upload_to_s3(tenant_id: str, zip_path: str, scan_id: str) -> str:
    Raises:
        botocore.exceptions.ClientError: If the upload attempt to S3 fails for any reason.
    """
-    if not base.DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET:
+    if not base.DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET:
        return

+    s3 = get_s3_client()
+    s3_key = f"{tenant_id}/{scan_id}/{os.path.basename(zip_path)}"
    try:
-        s3 = get_s3_client()
-        s3_key = f"{tenant_id}/{scan_id}/{os.path.basename(zip_path)}"
        s3.upload_file(
            Filename=zip_path,
-            Bucket=base.DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET,
+            Bucket=base.DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET,
            Key=s3_key,
        )
-        return f"s3://{base.DJANGO_OUTPUT_S3_AWS_OUTPUT_BUCKET}/{s3_key}"
-    except (ClientError, NoCredentialsError, ParamValidationError, ValueError) as e:
+        return f"s3://{base.DJANGO_ARTIFACTS_AWS_S3_OUTPUT_BUCKET}/{s3_key}"
+    except ClientError as e:
        logger.error(f"S3 upload failed: {str(e)}")
+        raise e


 def _generate_output_directory(
--- a/api/src/backend/tasks/jobs/scan.py
+++ b/api/src/backend/tasks/jobs/scan.py
@@ -344,18 +344,9 @@ def perform_prowler_scan(
                        total_requirements=compliance["total_requirements"],
                    )
                )
-        try:
-            with rls_transaction(tenant_id):
-                ComplianceOverview.objects.bulk_create(
-                    compliance_overview_objects, batch_size=100
-                )
-        except Exception as overview_exception:
-            import sentry_sdk
+        with rls_transaction(tenant_id):
+            ComplianceOverview.objects.bulk_create(compliance_overview_objects)

-            sentry_sdk.capture_exception(overview_exception)
-            logger.error(
-                f"Error storing compliance overview for scan {scan_id}: {overview_exception}"
-            )
    if exception is not None:
        raise exception

--- a/api/src/backend/tasks/tasks.py
+++ b/api/src/backend/tasks/tasks.py
@@ -1,6 +1,3 @@
-from pathlib import Path
-from shutil import rmtree
-
 from celery import chain, shared_task
 from celery.utils.log import get_task_logger
 from config.celery import RLSTask
@@ -15,7 +12,7 @@ from tasks.jobs.export import (
    _upload_to_s3,
 )
 from tasks.jobs.scan import aggregate_findings, perform_prowler_scan
-from tasks.utils import batched, get_next_execution_datetime
+from tasks.utils import get_next_execution_datetime

 from api.db_utils import rls_transaction
 from api.decorators import set_tenant
@@ -43,7 +40,7 @@ def check_provider_connection_task(provider_id: str):
    return check_provider_connection(provider_id=provider_id)


-@shared_task(base=RLSTask, name="provider-deletion", queue="deletion")
+@shared_task(base=RLSTask, name="provider-deletion")
@set_tenant
 def delete_provider_task(provider_id: str):
    """
@@ -91,10 +88,8 @@ def perform_scan_task(
    )

    chain(
-        perform_scan_summary_task.si(tenant_id, scan_id),
-        generate_outputs.si(
-            scan_id=scan_id, provider_id=provider_id, tenant_id=tenant_id
-        ),
+        perform_scan_summary_task.s(tenant_id, scan_id),
+        generate_outputs.si(scan_id, provider_id, tenant_id=tenant_id),
    ).apply_async()

    return result
@@ -160,10 +155,8 @@ def perform_scheduled_scan_task(self, tenant_id: str, provider_id: str):
            )

    chain(
-        perform_scan_summary_task.si(tenant_id, scan_instance.id),
-        generate_outputs.si(
-            scan_id=str(scan_instance.id), provider_id=provider_id, tenant_id=tenant_id
-        ),
+        perform_scan_summary_task.s(tenant_id, scan_instance.id),
+        generate_outputs.si(str(scan_instance.id), provider_id, tenant_id=tenant_id),
    ).apply_async()

    return result
@@ -174,16 +167,36 @@ def perform_scan_summary_task(tenant_id: str, scan_id: str):
    return aggregate_findings(tenant_id=tenant_id, scan_id=scan_id)


-@shared_task(name="tenant-deletion", queue="deletion")
+@shared_task(name="tenant-deletion")
 def delete_tenant_task(tenant_id: str):
    return delete_tenant(pk=tenant_id)


-@shared_task(
-    base=RLSTask,
-    name="scan-report",
-    queue="scan-reports",
-)
+def batched(iterable, batch_size):
+    """
+    Yield successive batches from an iterable.
+
+    Args:
+        iterable: An iterable source of items.
+        batch_size (int): The number of items per batch.
+
+    Yields:
+        tuple: A pair (batch, is_last_batch) where:
+            - batch (list): A list of items (with length equal to batch_size,
+              except possibly for the last batch).
+            - is_last_batch (bool): True if this is the final batch, False otherwise.
+    """
+    batch = []
+    for item in iterable:
+        batch.append(item)
+        if len(batch) == batch_size:
+            yield batch, False
+            batch = []
+
+    yield batch, True
+
+
+@shared_task(base=RLSTask, name="scan-output", queue="scans")
@set_tenant(keep_tenant=True)
 def generate_outputs(scan_id: str, provider_id: str, tenant_id: str):
    """
@@ -219,15 +232,14 @@ def generate_outputs(scan_id: str, provider_id: str, tenant_id: str):
    )

    # Retrieve findings queryset
-    findings_qs = Finding.all_objects.filter(scan_id=scan_id).order_by("uid")
+    findings_qs = Finding.objects.filter(scan_id=scan_id).order_by("uid")

    # Process findings in batches
    for batch, is_last_batch in batched(
        findings_qs.iterator(), DJANGO_FINDINGS_BATCH_SIZE
    ):
        finding_outputs = [
-            FindingOutput.transform_api_finding(finding, prowler_provider)
-            for finding in batch
+            FindingOutput.transform_api_finding(finding) for finding in batch
        ]

        # Generate output files
@@ -265,20 +277,18 @@ def generate_outputs(scan_id: str, provider_id: str, tenant_id: str):
    uploaded = _upload_to_s3(tenant_id, output_directory, scan_id)

    if uploaded:
-        # Remove the local files after upload
-        try:
-            rmtree(Path(output_directory).parent, ignore_errors=True)
-        except FileNotFoundError as e:
-            logger.error(f"Error deleting output files: {e}")
-
        output_directory = uploaded
        uploaded = True
    else:
        uploaded = False

    # Update the scan instance with the output path
-    Scan.all_objects.filter(id=scan_id).update(output_location=output_directory)
+    Scan.objects.filter(id=scan_id).update(output_path=output_directory)

    logger.info(f"Scan output files generated, output location: {output_directory}")

-    return {"upload": uploaded}
+    return {
+        "upload": uploaded,
+        "scan_id": scan_id,
+        "provider_id": provider_id,
+    }
--- a/api/src/backend/tasks/tests/test_utils.py
+++ b/api/src/backend/tasks/tests/test_utils.py
@@ -4,7 +4,7 @@ from unittest.mock import patch
 import pytest
 from django_celery_beat.models import IntervalSchedule, PeriodicTask
 from django_celery_results.models import TaskResult
-from tasks.utils import batched, get_next_execution_datetime
+from tasks.utils import get_next_execution_datetime


@pytest.mark.django_db
@@ -74,29 +74,3 @@ class TestGetNextExecutionDatetime:
            get_next_execution_datetime(
                task_id=task_result.task_id, provider_id="nonexistent"
            )
-
-
-class TestBatchedFunction:
-    def test_empty_iterable(self):
-        result = list(batched([], 3))
-        assert result == [([], True)]
-
-    def test_exact_batches(self):
-        result = list(batched([1, 2, 3, 4], 2))
-        expected = [([1, 2], False), ([3, 4], False), ([], True)]
-        assert result == expected
-
-    def test_inexact_batches(self):
-        result = list(batched([1, 2, 3, 4, 5], 2))
-        expected = [([1, 2], False), ([3, 4], False), ([5], True)]
-        assert result == expected
-
-    def test_batch_size_one(self):
-        result = list(batched([1, 2, 3], 1))
-        expected = [([1], False), ([2], False), ([3], False), ([], True)]
-        assert result == expected
-
-    def test_batch_size_greater_than_length(self):
-        result = list(batched([1, 2, 3], 5))
-        expected = [([1, 2, 3], True)]
-        assert result == expected
--- a/api/src/backend/tasks/utils.py
+++ b/api/src/backend/tasks/utils.py
@@ -24,27 +24,3 @@ def get_next_execution_datetime(task_id: int, provider_id: str) -> datetime:
    )

    return current_scheduled_time + timedelta(**{interval.period: interval.every})
-
-
-def batched(iterable, batch_size):
-    """
-    Yield successive batches from an iterable.
-
-    Args:
-        iterable: An iterable source of items.
-        batch_size (int): The number of items per batch.
-
-    Yields:
-        tuple: A pair (batch, is_last_batch) where:
-            - batch (list): A list of items (with length equal to batch_size,
-              except possibly for the last batch).
-            - is_last_batch (bool): True if this is the final batch, False otherwise.
-    """
-    batch = []
-    for item in iterable:
-        batch.append(item)
-        if len(batch) == batch_size:
-            yield batch, False
-            batch = []
-
-    yield batch, True
--- a/dashboard/common_methods.py
+++ b/dashboard/common_methods.py
@@ -562,11 +562,8 @@ def get_section_containers_format1(data, section_1, section_2):

            direct_internal_items.append(internal_section_container)

-        # Cut the title if it's too long
-        tittle_external = section[:70] + " ..." if len(section) > 70 else section
-
        accordion_item = dbc.AccordionItem(
-            title=f"{tittle_external}", children=direct_internal_items
+            title=f"{section}", children=direct_internal_items
        )
        section_container = html.Div(
            [
--- a/dashboard/compliance/cis_4_0_aws.py
+++ b/dashboard/compliance/cis_4_0_aws.py
@@ -1,24 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_cis
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_DESCRIPTION",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ].copy()
-
-    return get_section_containers_cis(
-        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
-    )
--- a/dashboard/compliance/iso27001_2022_aws.py
+++ b/dashboard/compliance/iso27001_2022_aws.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_container_iso
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_container_iso(
-        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
-    )
--- a/dashboard/compliance/iso27001_2022_azure.py
+++ b/dashboard/compliance/iso27001_2022_azure.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_container_iso
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_container_iso(
-        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
-    )
--- a/dashboard/compliance/iso27001_2022_gcp.py
+++ b/dashboard/compliance/iso27001_2022_gcp.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_container_iso
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_container_iso(
-        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
-    )
--- a/dashboard/compliance/iso27001_2022_kubernetes.py
+++ b/dashboard/compliance/iso27001_2022_kubernetes.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_container_iso
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
-            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_container_iso(
-        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
-    )
--- a/dashboard/compliance/pci_3_2_1_aws.py
+++ b/dashboard/compliance/pci_3_2_1_aws.py
@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_format1
+from dashboard.common_methods import get_section_containers_format4

 warnings.filterwarnings("ignore")

@@ -9,15 +9,12 @@ def get_table(data):
    aux = data[
        [
            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
            "CHECKID",
            "STATUS",
            "REGION",
            "ACCOUNTID",
            "RESOURCEID",
        ]
-    ].copy()
+    ]

-    return get_section_containers_format1(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )
+    return get_section_containers_format4(aux, "REQUIREMENTS_ID")
--- a/dashboard/compliance/pci_4_0_aws.py
+++ b/dashboard/compliance/pci_4_0_aws.py
@@ -1,24 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format3
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "REQUIREMENTS_DESCRIPTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-
-    return get_section_containers_format3(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )
--- a/dashboard/compliance/pci_4_0_azure.py
+++ b/dashboard/compliance/pci_4_0_azure.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format3
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "REQUIREMENTS_DESCRIPTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_containers_format3(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )
--- a/dashboard/compliance/pci_4_0_gcp.py
+++ b/dashboard/compliance/pci_4_0_gcp.py
@@ -1,23 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format3
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "REQUIREMENTS_DESCRIPTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-    return get_section_containers_format3(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )
--- a/dashboard/compliance/pci_4_0_kubernetes.py
+++ b/dashboard/compliance/pci_4_0_kubernetes.py
@@ -1,24 +0,0 @@
-import warnings
-
-from dashboard.common_methods import get_section_containers_format3
-
-warnings.filterwarnings("ignore")
-
-
-def get_table(data):
-    aux = data[
-        [
-            "REQUIREMENTS_ID",
-            "REQUIREMENTS_ATTRIBUTES_SECTION",
-            "REQUIREMENTS_DESCRIPTION",
-            "CHECKID",
-            "STATUS",
-            "REGION",
-            "ACCOUNTID",
-            "RESOURCEID",
-        ]
-    ]
-
-    return get_section_containers_format3(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
-    )
--- a/dashboard/pages/compliance.py
+++ b/dashboard/pages/compliance.py
@@ -76,6 +76,7 @@ def load_csv_files(csv_files):
                result = result.replace("_AZURE", " - AZURE")
            if "KUBERNETES" in result:
                result = result.replace("_KUBERNETES", " - KUBERNETES")
+                result = result[result.find("CIS_") :]
            results.append(result)

    unique_results = set(results)
--- a/dashboard/pages/overview.py
+++ b/dashboard/pages/overview.py
@@ -165,21 +165,9 @@ else:
        )

    # For the timestamp, remove the two columns and keep only the date
+
    data["TIMESTAMP"] = pd.to_datetime(data["TIMESTAMP"])
-    # Handle findings from v3 outputs
-    if "FINDING_UNIQUE_ID" in data.columns:
-        data.rename(columns={"FINDING_UNIQUE_ID": "FINDING_UID"}, inplace=True)
-    if "ACCOUNT_ID" in data.columns:
-        data.rename(columns={"ACCOUNT_ID": "ACCOUNT_UID"}, inplace=True)
-    if "ASSESSMENT_START_TIME" in data.columns:
-        data.rename(columns={"ASSESSMENT_START_TIME": "TIMESTAMP"}, inplace=True)
-    if "RESOURCE_ID" in data.columns:
-        data.rename(columns={"RESOURCE_ID": "RESOURCE_UID"}, inplace=True)
-
-    # Remove dupplicates on the finding_uid colummn but keep the last one taking into account the timestamp
-    data = data.sort_values("TIMESTAMP").drop_duplicates("FINDING_UID", keep="last")
-
-    data["ASSESSMENT_TIME"] = data["TIMESTAMP"].dt.strftime("%Y-%m-%d")
+    data["ASSESSMENT_TIME"] = data["TIMESTAMP"].dt.strftime("%Y-%m-%d %H:%M:%S")
    data_valid = pd.DataFrame()
    for account in data["ACCOUNT_UID"].unique():
        all_times = data[data["ACCOUNT_UID"] == account]["ASSESSMENT_TIME"].unique()
--- a/docs/developer-guide/checks.md
+++ b/docs/developer-guide/checks.md
@@ -294,7 +294,7 @@ Each Prowler check has metadata associated which is stored at the same level of
    # Code holds different methods to remediate the FAIL finding
    "Code": {
      # CLI holds the command in the provider native CLI to remediate it
-      "CLI": "aws ec2 modify-image-attribute --region <REGION> --image-id <EC2_AMI_ID> --launch-permission {\"Remove\":[{\"Group\":\"all\"}]}",
+      "CLI": "https://docs.prowler.com/checks/public_8#cli-command",
      # NativeIaC holds the native IaC code to remediate it, use "https://docs.bridgecrew.io/docs"
      "NativeIaC": "",
      # Other holds the other commands, scripts or code to remediate it, use "https://www.trendmicro.com/cloudoneconformity"
--- a/docs/developer-guide/introduction.md
+++ b/docs/developer-guide/introduction.md
@@ -19,13 +19,8 @@ For isolation and to avoid conflicts with other environments, we recommend using
 Then install all dependencies including the ones for developers:
 ```
 poetry install --with dev
-eval $(poetry env activate) \
+poetry shell
 ```
-> [!IMPORTANT]
-> Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
->
-> If your poetry version is below 2.0.0 you must keep using `poetry shell` to activate your environment.
-> In case you have any doubts, consult the Poetry environment activation guide: https://python-poetry.org/docs/managing-environments/#activating-the-environment

 ## Contributing with your code or fixes to Prowler

--- a/docs/img/download_output.png
+++ b/docs/img/download_output.png
--- a/docs/img/output_folder.png
+++ b/docs/img/output_folder.png
--- a/docs/img/sts-configuration.png
+++ b/docs/img/sts-configuration.png
--- a/docs/index.md
+++ b/docs/index.md
@@ -76,7 +76,7 @@ Prowler App can be installed in different ways, depending on your environment:
    git clone https://github.com/prowler-cloud/prowler \
    cd prowler/api \
    poetry install \
-    eval $(poetry env activate) \
+    poetry shell \
    set -a \
    source .env \
    docker compose up postgres valkey -d \
@@ -85,12 +85,6 @@ Prowler App can be installed in different ways, depending on your environment:
    gunicorn -c config/guniconf.py config.wsgi:application
    ```

-    ???+ important
-        Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
-
-        If your poetry version is below 2.0.0 you must keep using `poetry shell` to activate your environment.
-        In case you have any doubts, consult the Poetry environment activation guide: https://python-poetry.org/docs/managing-environments/#activating-the-environment
-
    > Now, you can access the API documentation at http://localhost:8080/api/v1/docs.

    _Commands to run the API Worker_:
@@ -99,7 +93,7 @@ Prowler App can be installed in different ways, depending on your environment:
    git clone https://github.com/prowler-cloud/prowler \
    cd prowler/api \
    poetry install \
-    eval $(poetry env activate) \
+    poetry shell \
    set -a \
    source .env \
    cd src/backend \
@@ -112,7 +106,7 @@ Prowler App can be installed in different ways, depending on your environment:
    git clone https://github.com/prowler-cloud/prowler \
    cd prowler/api \
    poetry install \
-    eval $(poetry env activate) \
+    poetry shell \
    set -a \
    source .env \
    cd src/backend \
--- a/docs/tutorials/aws/cloudshell.md
+++ b/docs/tutorials/aws/cloudshell.md
@@ -27,12 +27,7 @@ cd prowler
 pip install poetry
 mkdir /tmp/poetry
 poetry config cache-dir /tmp/poetry
-eval $(poetry env activate)
+poetry shell
 poetry install
 python prowler.py -v
 ```
-> [!IMPORTANT]
-> Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
->
-> If your poetry version is below 2.0.0 you must keep using `poetry shell` to activate your environment.
-> In case you have any doubts, consult the Poetry environment activation guide: https://python-poetry.org/docs/managing-environments/#activating-the-environment
--- a/docs/tutorials/configuration_file.md
+++ b/docs/tutorials/configuration_file.md
@@ -47,7 +47,6 @@ The following list includes all the AWS checks with configurable variables that
 | `ecr_repositories_scan_vulnerabilities_in_latest_image`       | `ecr_repository_vulnerability_minimum_severity`  | String          |
 | `eks_cluster_uses_a_supported_version`                        | `eks_cluster_oldest_version_supported`           | String          |
 | `eks_control_plane_logging_all_types_enabled`                 | `eks_required_log_types`                         | List of Strings |
-| `elasticache_redis_cluster_backup_enabled`                    | `minimum_snapshot_retention_period`              | Integer         |
 | `elb_is_in_multiple_az`                                       | `elb_min_azs`                                    | Integer         |
 | `elbv2_is_in_multiple_az`                                     | `elbv2_min_azs`                                  | Integer         |
 | `guardduty_is_enabled`                                        | `mute_non_default_regions`                       | Boolean         |
@@ -86,7 +85,7 @@ The following list includes all the Azure checks with configurable variables tha
 ## Kubernetes

 ### Configurable Checks
-The following list includes all the Kubernetes checks with configurable variables that can be changed in the configuration yaml file:
+The following list includes all the Azure checks with configurable variables that can be changed in the configuration yaml file:

 | Check Name                                                    | Value                                            | Type            |
 |---------------------------------------------------------------|--------------------------------------------------|-----------------|
@@ -96,17 +95,6 @@ The following list includes all the Kubernetes checks with configurable variable
 | `apiserver_strong_ciphers`                                    | `apiserver_strong_ciphers`                       | String          |
 | `kubelet_strong_ciphers_only`                                 | `kubelet_strong_ciphers`                         | String          |

-
-## Microsoft365
-
-### Configurable Checks
-The following list includes all the Microsoft365 checks with configurable variables that can be changed in the configuration yaml file:
-
-| Check Name                                                    | Value                                            | Type            |
-|---------------------------------------------------------------|--------------------------------------------------|-----------------|
-| `entra_admin_users_sign_in_frequency_enabled`                 | `sign_in_frequency`                              | Integer         |
-
-
 ## Config YAML File Structure

 ???+ note
@@ -504,10 +492,4 @@ kubernetes:
      "TLS_RSA_WITH_AES_128_GCM_SHA256",
    ]

-# Microsoft365 Configuration
-microsoft365:
-  # Conditional Access Policy
-  # policy.session_controls.sign_in_frequency.frequency in hours
-  sign_in_frequency: 4
-
 ```
--- a/docs/tutorials/dashboard.md
+++ b/docs/tutorials/dashboard.md
@@ -36,7 +36,7 @@ In this page you can do multiple functions:
    * Severity
    * Service
    * Status
-* See which files has been scanned to generate the dashboard placing your mouse on the `?` icon:
+* See wich files has been scanned to generate the dashboard placing your mouse on the `?` icon:
    <img src="../img/dashboard/dashboard-files-scanned.png">
 * Download the `Top Findings by Severity` table using the button `DOWNLOAD THIS TABLE AS CSV` or `DOWNLOAD THIS TABLE AS XLSX`
 * Click on the provider cards to filter by provider.
--- a/docs/tutorials/gcp/authentication.md
+++ b/docs/tutorials/gcp/authentication.md
@@ -25,9 +25,6 @@ Prowler will follow the same credentials search as [Google authentication librar

 Those credentials must be associated to a user or service account with proper permissions to do all checks. To make sure, add the `Viewer` role to the member associated with the credentials.

-???+ note
-    Prowler will use the enabled Google Cloud APIs to get the information needed to perform the checks.
-
 ## Impersonate Service Account

 If you want to impersonate a GCP service account, you can use the `--impersonate-service-account` argument:
@@ -37,3 +34,23 @@ prowler gcp --impersonate-service-account <service-account-email>
 ```

 This argument will use the default credentials to impersonate the service account provided.
+
+## Service APIs
+
+Prowler will use the Google Cloud APIs to get the information needed to perform the checks. Make sure that the following APIs are enabled in the project:
+
+- apikeys.googleapis.com
+- artifactregistry.googleapis.com
+- bigquery.googleapis.com
+- sqladmin.googleapis.com
+- storage.googleapis.com
+- compute.googleapis.com
+- dataproc.googleapis.com
+- dns.googleapis.com
+- containerregistry.googleapis.com
+- container.googleapis.com
+- iam.googleapis.com
+- cloudkms.googleapis.com
+- logging.googleapis.com
+
+You can enable them automatically using our script [enable_apis_in_projects.sh](https://github.com/prowler-cloud/prowler/blob/master/contrib/gcp/enable_apis_in_projects.sh)
--- a/docs/tutorials/img/rbac/invitation_details.png
+++ b/docs/tutorials/img/rbac/invitation_details.png
--- a/docs/tutorials/img/rbac/invitation_details_1.png
+++ b/docs/tutorials/img/rbac/invitation_details_1.png
--- a/docs/tutorials/img/rbac/invitation_edit.png
+++ b/docs/tutorials/img/rbac/invitation_edit.png
--- a/docs/tutorials/img/rbac/invitation_edit_1.png
+++ b/docs/tutorials/img/rbac/invitation_edit_1.png
--- a/docs/tutorials/img/rbac/invitation_info.png
+++ b/docs/tutorials/img/rbac/invitation_info.png
--- a/docs/tutorials/img/rbac/invitation_revoke.png
+++ b/docs/tutorials/img/rbac/invitation_revoke.png
--- a/docs/tutorials/img/rbac/invitation_sign-up.png
+++ b/docs/tutorials/img/rbac/invitation_sign-up.png
--- a/docs/tutorials/img/rbac/invite.png
+++ b/docs/tutorials/img/rbac/invite.png
--- a/docs/tutorials/img/rbac/membership.png
+++ b/docs/tutorials/img/rbac/membership.png
--- a/docs/tutorials/img/rbac/provider_group.png
+++ b/docs/tutorials/img/rbac/provider_group.png
--- a/docs/tutorials/img/rbac/provider_group_edit.png
+++ b/docs/tutorials/img/rbac/provider_group_edit.png
--- a/docs/tutorials/img/rbac/provider_group_edit_1.png
+++ b/docs/tutorials/img/rbac/provider_group_edit_1.png
--- a/docs/tutorials/img/rbac/provider_group_remove.png
+++ b/docs/tutorials/img/rbac/provider_group_remove.png
--- a/docs/tutorials/img/rbac/role_create.png
+++ b/docs/tutorials/img/rbac/role_create.png
--- a/docs/tutorials/img/rbac/role_create_1.png
+++ b/docs/tutorials/img/rbac/role_create_1.png
--- a/docs/tutorials/img/rbac/role_edit.png
+++ b/docs/tutorials/img/rbac/role_edit.png
--- a/docs/tutorials/img/rbac/role_edit_details.png
+++ b/docs/tutorials/img/rbac/role_edit_details.png
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Adrián Jesús Peña Rodríguez	772667c8cc	feat: add auth_method and partition information	2025-02-19 11:29:42 +01:00
Pablo Lara	eb0f6addb4	feat: allow users to download exports	2025-02-19 10:40:12 +01:00
Pablo Lara	526b20ca0a	feat: render a button to download the exports	2025-02-19 10:40:12 +01:00
Pablo Lara	b2911f4161	chore: update env to make the API work	2025-02-19 10:40:11 +01:00
Adrián Jesús Peña Rodríguez	afce5dcf0d	chore: api format	2025-02-18 16:22:56 +01:00
Adrián Jesús Peña Rodríguez	38fb72e819	fix: s3 unittests tests	2025-02-18 16:17:10 +01:00
Adrián Jesús Peña Rodríguez	97d55d7aa7	fix: fix the batch writing when launching the CLI	2025-02-18 14:27:43 +01:00
Adrián Jesús Peña Rodríguez	79aded5aa3	Merge branch 'master' into PRWLR-5956-Export-Artifacts-only	2025-02-18 13:37:22 +01:00
Adrián Jesús Peña Rodríguez	7139683809	chore: rename variables	2025-02-18 10:11:54 +01:00
Adrián Jesús Peña Rodríguez	d9889776ad	test: add export unittests	2025-02-13 21:28:44 +01:00
Adrián Jesús Peña Rodríguez	621e71cfbe	ref: improve code	2025-02-13 20:31:39 +01:00
Adrián Jesús Peña Rodríguez	41aec46578	Merge branch 'master' into PRWLR-5956-Export-Artifacts-only	2025-02-12 18:49:12 +01:00
Adrián Jesús Peña Rodríguez	820a8809b5	chore: ruff format	2025-02-12 18:41:55 +01:00
Adrián Jesús Peña Rodríguez	cbf8cf73cf	fix: html close file	2025-02-12 17:53:44 +01:00
Adrián Jesús Peña Rodríguez	7e7da99628	ref: move the api output folder	2025-02-12 17:23:23 +01:00
Adrián Jesús Peña Rodríguez	d90b4fa324	chore: remove comment	2025-02-12 17:14:29 +01:00
Adrián Jesús Peña Rodríguez	32e880e9c4	chore: restore rls.py	2025-02-12 16:53:06 +01:00
Adrián Jesús Peña Rodríguez	492e9f24a2	fix: solve duplicated findings	2025-02-12 15:52:53 +01:00
Adrián Jesús Peña Rodríguez	f7e27402aa	fix: add condition before close the csv file	2025-02-12 14:37:01 +01:00
Adrián Jesús Peña Rodríguez	747b97fe87	ref: improve export code	2025-02-12 10:47:31 +01:00
Adrián Jesús Peña Rodríguez	d5e2d75c9b	chore: update api changelog	2025-02-10 17:26:01 +01:00
Adrián Jesús Peña Rodríguez	82d53c5158	chore: update api schema	2025-02-10 16:39:41 +01:00
Adrián Jesús Peña Rodríguez	326fddd206	Merge branch 'master' into PRWLR-5956-Export-Artifacts-only	2025-02-10 16:28:20 +01:00
Adrián Jesús Peña Rodríguez	63b59e4d42	chore: apply ruff	2025-02-10 16:23:37 +01:00
Adrián Jesús Peña Rodríguez	a790a5060e	feat(export): add api export system	2025-02-10 16:09:18 +01:00