revert: fix(findings): increase uid max length to 600 (#7529 )

Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
chore(changelog): prepare for 5.5.1 (#7524 )
2026-03-28 02:49:53 +00:00 · 2025-04-15 16:02:43 +05:45 · 2025-04-15 11:59:04 +05:45 · 2025-04-14 17:47:53 -04:00 · 2025-04-14 16:51:34 -04:00 · 2025-04-14 14:08:07 -04:00
369 changed files with 10854 additions and 1552 deletions
--- a/.env
+++ b/.env
@@ -123,7 +123,7 @@ SENTRY_ENVIRONMENT=local
 SENTRY_RELEASE=local

 #### Prowler release version ####
-NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v5.5.0
+NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v5.5.1

 # Social login credentials
 SOCIAL_GOOGLE_OAUTH_CALLBACK_URL="${AUTH_URL}/api/auth/callback/google"
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -94,17 +94,18 @@ updates:
      - "docker"
      - "v4"

+  # Dependabot Updates are temporary disabled - 2025/03/19
  # v3
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "monthly"
-    open-pull-requests-limit: 10
-    target-branch: v3
-    labels:
-      - "dependencies"
-      - "pip"
-      - "v3"
+  # - package-ecosystem: "pip"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "monthly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v3
+  #   labels:
+  #     - "dependencies"
+  #     - "pip"
+  #     - "v3"

  - package-ecosystem: "github-actions"
    directory: "/"
--- a/.github/workflows/api-codeql.yml
+++ b/.github/workflows/api-codeql.yml
@@ -48,12 +48,12 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/api-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/api-pull-request.yml
+++ b/.github/workflows/api-pull-request.yml
@@ -75,7 +75,7 @@ jobs:

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
        with:
          files: api/**
          files_ignore: |
@@ -94,7 +94,7 @@ jobs:

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
--- a/.github/workflows/find-secrets.yml
+++ b/.github/workflows/find-secrets.yml
@@ -11,7 +11,7 @@ jobs:
        with:
          fetch-depth: 0
      - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@ded5f45b92c00939718787ce586b520bbe795f3b # v3.88.18
+        uses: trufflesecurity/trufflehog@690e5c7aff8347c3885096f3962a0633d9129607 # v3.88.23
        with:
          path: ./
          base: ${{ github.event.repository.default_branch }}
--- a/.github/workflows/sdk-build-lint-push-containers.yml
+++ b/.github/workflows/sdk-build-lint-push-containers.yml
@@ -62,13 +62,13 @@ jobs:
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Setup Python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: ${{ env.PYTHON_VERSION }}

      - name: Install Poetry
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry==2.*
          pipx inject poetry poetry-bumpversion

      - name: Get Prowler version
--- a/.github/workflows/sdk-codeql.yml
+++ b/.github/workflows/sdk-codeql.yml
@@ -54,12 +54,12 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/sdk-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+      uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/sdk-pull-request.yml
+++ b/.github/workflows/sdk-pull-request.yml
@@ -25,7 +25,7 @@ jobs:

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
        with:
          files: ./**
          files_ignore: |
@@ -34,6 +34,7 @@ jobs:
            permissions/**
            api/**
            ui/**
+            prowler/CHANGELOG.md
            README.md
            mkdocs.yml
            .backportrc.json
@@ -50,7 +51,7 @@ jobs:

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
--- a/.github/workflows/sdk-pypi-release.yml
+++ b/.github/workflows/sdk-pypi-release.yml
@@ -68,10 +68,10 @@ jobs:

      - name: Install dependencies
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry==2.1.1

      - name: Setup Python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: ${{ env.PYTHON_VERSION }}
          cache: ${{ env.CACHE }}
--- a/.github/workflows/sdk-refresh-aws-services-regions.yml
+++ b/.github/workflows/sdk-refresh-aws-services-regions.yml
@@ -28,7 +28,7 @@ jobs:
          ref: ${{ env.GITHUB_BRANCH }}

      - name: setup python
-        uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
+        uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
        with:
          python-version: 3.9 #install the python needed

@@ -56,7 +56,7 @@ jobs:
          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          commit-message: "feat(regions_update): Update regions for AWS services"
          branch: "aws-services-regions-updated-${{ github.sha }}"
-          labels: "status/waiting-for-revision, severity/low, provider/aws, backport-to-v3"
+          labels: "status/waiting-for-revision, severity/low, provider/aws"
          title: "chore(regions_update): Changes in regions for AWS services"
          body: |
            ### Description
--- a/.github/workflows/ui-codeql.yml
+++ b/.github/workflows/ui-codeql.yml
@@ -48,12 +48,12 @@ jobs:

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+        uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          languages: ${{ matrix.language }}
          config-file: ./.github/codeql/ui-codeql-config.yml

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
+        uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
        with:
          category: "/language:${{matrix.language}}"
--- a/README.md
+++ b/README.md
@@ -72,10 +72,11 @@ It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, Fe
 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
 | AWS | 564 | 82 | 33 | 10 |
-| GCP | 77 | 13 | 6 | 3 |
+| GCP | 78 | 13 | 7 | 3 |
 | Azure | 140 | 18 | 7 | 3 |
 | Kubernetes | 83 | 7 | 4 | 7 |
 | Microsoft365 | 5 | 2 | 1 | 0 |
+| NHN (Unofficial) | 6 | 2 | 1 | 0 |

 > You can list the checks, services, compliance frameworks and categories with `prowler <provider> --list-checks`, `prowler <provider> --list-services`, `prowler <provider> --list-compliance` and `prowler <provider> --list-categories`.

--- a/api/.env.example
+++ b/api/.env.example
@@ -53,3 +53,6 @@ DJANGO_GOOGLE_OAUTH_CALLBACK_URL=""
 DJANGO_GITHUB_OAUTH_CLIENT_ID=""
 DJANGO_GITHUB_OAUTH_CLIENT_SECRET=""
 DJANGO_GITHUB_OAUTH_CALLBACK_URL=""
+
+# Deletion Task Batch Size
+DJANGO_DELETION_BATCH_SIZE=5000
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -2,14 +2,38 @@

 All notable changes to the **Prowler API** are documented in this file.

---

-## [v1.6.0] (Prowler UNRELEASED)
+## [v1.6.0] (Prowler v5.5.0)

 ### Added

 - Support for developing new integrations [(#7167)](https://github.com/prowler-cloud/prowler/pull/7167).
 - HTTP Security Headers [(#7289)](https://github.com/prowler-cloud/prowler/pull/7289).
+- New endpoint to get the compliance overviews metadata [(#7333)](https://github.com/prowler-cloud/prowler/pull/7333).
+- Support for muted findings [(#7378)](https://github.com/prowler-cloud/prowler/pull/7378).
+- Added missing fields to API findings and resources [(#7318)](https://github.com/prowler-cloud/prowler/pull/7318).
+
+---
+
+## [v1.5.4] (Prowler v5.4.4)
+
+### Fixed
+- Fixed a bug with periodic tasks when trying to delete a provider ([#7466])(https://github.com/prowler-cloud/prowler/pull/7466).
+
+---
+
+## [v1.5.3] (Prowler v5.4.3)
+
+### Fixed
+- Added duplicated scheduled scans handling ([#7401])(https://github.com/prowler-cloud/prowler/pull/7401).
+- Added environment variable to configure the deletion task batch size ([#7423])(https://github.com/prowler-cloud/prowler/pull/7423).
+
+---
+
+## [v1.5.2] (Prowler v5.4.2)
+
+### Changed
+- Refactored deletion logic and implemented retry mechanism for deletion tasks [(#7349)](https://github.com/prowler-cloud/prowler/pull/7349).

 ---

@@ -18,6 +42,12 @@ All notable changes to the **Prowler API** are documented in this file.
 ### Fixed
 - Added a handled response in case local files are missing [(#7183)](https://github.com/prowler-cloud/prowler/pull/7183).
 - Fixed a race condition when deleting export files after the S3 upload [(#7172)](https://github.com/prowler-cloud/prowler/pull/7172).
+- Handled exception when a provider has no secret in test connection [(#7283)](https://github.com/prowler-cloud/prowler/pull/7283).
+
+
+### Added
+
+- Support for developing new integrations [(#7167)](https://github.com/prowler-cloud/prowler/pull/7167).

 ---

--- a/api/poetry.lock
+++ b/api/poetry.lock
@@ -331,14 +331,14 @@ aio = ["aiohttp (>=3.0)"]

 [[package]]
 name = "azure-identity"
-version = "1.19.0"
+version = "1.21.0"
 description = "Microsoft Azure Identity Library for Python"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure_identity-1.19.0-py3-none-any.whl", hash = "sha256:e3f6558c181692d7509f09de10cca527c7dce426776454fb97df512a46527e81"},
-    {file = "azure_identity-1.19.0.tar.gz", hash = "sha256:500144dc18197d7019b81501165d4fa92225f03778f17d7ca8a2a180129a9c83"},
+    {file = "azure_identity-1.21.0-py3-none-any.whl", hash = "sha256:258ea6325537352440f71b35c3dffe9d240eae4a5126c1b7ce5efd5766bd9fd9"},
+    {file = "azure_identity-1.21.0.tar.gz", hash = "sha256:ea22ce6e6b0f429bc1b8d9212d5b9f9877bd4c82f1724bfa910760612c07a9a6"},
 ]

 [package.dependencies]
@@ -368,20 +368,21 @@ typing-extensions = ">=4.0.1"

 [[package]]
 name = "azure-mgmt-applicationinsights"
-version = "4.0.0"
+version = "4.1.0"
 description = "Microsoft Azure Application Insights Management Client Library for Python"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure-mgmt-applicationinsights-4.0.0.zip", hash = "sha256:50c3db05573e0cc2d56314a0556fb346ef05ec489ac000f4d720d92c6b647e06"},
-    {file = "azure_mgmt_applicationinsights-4.0.0-py3-none-any.whl", hash = "sha256:2b1ffd9a0114974455795c73a3a5d17c849e32b961d707d2db393b99254b576f"},
+    {file = "azure_mgmt_applicationinsights-4.1.0-py3-none-any.whl", hash = "sha256:9e71f29b01e505a773501451d12fd6a10482cf4b13e9ac2bff72f5380496d979"},
+    {file = "azure_mgmt_applicationinsights-4.1.0.tar.gz", hash = "sha256:15531390f12ce3d767cd3f1949af36aa39077c145c952fec4d80303c86ec7b6c"},
 ]

 [package.dependencies]
-azure-common = ">=1.1,<2.0"
-azure-mgmt-core = ">=1.3.2,<2.0.0"
-isodate = ">=0.6.1,<1.0.0"
+azure-common = ">=1.1"
+azure-mgmt-core = ">=1.3.2"
+isodate = ">=0.6.1"
+typing-extensions = ">=4.6.0"

 [[package]]
 name = "azure-mgmt-authorization"
@@ -420,31 +421,32 @@ typing-extensions = ">=4.6.0"

 [[package]]
 name = "azure-mgmt-containerregistry"
-version = "10.3.0"
+version = "12.0.0"
 description = "Microsoft Azure Container Registry Client Library for Python"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure-mgmt-containerregistry-10.3.0.tar.gz", hash = "sha256:ae21651855dfb19c42d91d6b3a965c6c611e23f8bc4bf7138835e652d2f918e3"},
-    {file = "azure_mgmt_containerregistry-10.3.0-py3-none-any.whl", hash = "sha256:851e1c57f9bc4a3589c6b21fb627c11fd6cbb57a0388b7dfccd530ba3160805f"},
+    {file = "azure_mgmt_containerregistry-12.0.0-py3-none-any.whl", hash = "sha256:464abd4d3d9ecc0456ed8f63a6b9b93afc2e3e194f2d34f26a758afb67ad3b5c"},
+    {file = "azure_mgmt_containerregistry-12.0.0.tar.gz", hash = "sha256:f19f8faa7881deaf2b5015c0eb050a92e2380cd9d18dee33cdb5f27d44a06c03"},
 ]

 [package.dependencies]
-azure-common = ">=1.1,<2.0"
-azure-mgmt-core = ">=1.3.2,<2.0.0"
-isodate = ">=0.6.1,<1.0.0"
+azure-common = ">=1.1"
+azure-mgmt-core = ">=1.3.2"
+isodate = ">=0.6.1"
+typing-extensions = ">=4.6.0"

 [[package]]
 name = "azure-mgmt-containerservice"
-version = "34.0.0"
+version = "34.1.0"
 description = "Microsoft Azure Container Service Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure_mgmt_containerservice-34.0.0-py3-none-any.whl", hash = "sha256:34be8172241e3c2c444682407970a938f60e3b2bd06304eaae0a1ba641f2262d"},
-    {file = "azure_mgmt_containerservice-34.0.0.tar.gz", hash = "sha256:822d07828b746a5ea5408a8b3770f41dc424d6c4c28de53c29611b62bef8aea3"},
+    {file = "azure_mgmt_containerservice-34.1.0-py3-none-any.whl", hash = "sha256:1faa1714e0100c6ee4cfb8d2eadb1c270b548a84b0070c74e9fe646056a5cb12"},
+    {file = "azure_mgmt_containerservice-34.1.0.tar.gz", hash = "sha256:637a6cf8f06636c016ad151d76f9c7ba75bd05d4334b3dd7837eb8b517f30dbe"},
 ]

 [package.dependencies]
@@ -558,14 +560,14 @@ msrest = ">=0.6.21"

 [[package]]
 name = "azure-mgmt-resource"
-version = "23.2.0"
+version = "23.3.0"
 description = "Microsoft Azure Resource Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure_mgmt_resource-23.2.0-py3-none-any.whl", hash = "sha256:7af2bca928ecd58e57ea7f7731d245f45e9d927036d82f1d30b96baa0c26b569"},
-    {file = "azure_mgmt_resource-23.2.0.tar.gz", hash = "sha256:747b750df7af23ab30e53d3f36247ab0c16de1e267d666b1a5077c39a4292529"},
+    {file = "azure_mgmt_resource-23.3.0-py3-none-any.whl", hash = "sha256:ab216ee28e29db6654b989746e0c85a1181f66653929d2cb6e48fba66d9af323"},
+    {file = "azure_mgmt_resource-23.3.0.tar.gz", hash = "sha256:fc4f1fd8b6aad23f8af4ed1f913df5f5c92df117449dc354fea6802a2829fea4"},
 ]

 [package.dependencies]
@@ -627,20 +629,21 @@ msrest = ">=0.6.21"

 [[package]]
 name = "azure-mgmt-storage"
-version = "21.2.1"
+version = "22.1.1"
 description = "Microsoft Azure Storage Management Client Library for Python"
 optional = false
 python-versions = ">=3.8"
 groups = ["main"]
 files = [
-    {file = "azure-mgmt-storage-21.2.1.tar.gz", hash = "sha256:503a7ff9c31254092b0656445f5728bfdfda2d09d46a82e97019eaa9a1ecec64"},
-    {file = "azure_mgmt_storage-21.2.1-py3-none-any.whl", hash = "sha256:f97df1fa39cde9dbacf2cd96c9cba1fc196932185e24853e276f74b18a0bd031"},
+    {file = "azure_mgmt_storage-22.1.1-py3-none-any.whl", hash = "sha256:a4a4064918dcfa4f1cbebada5bf064935d66f2a3647a2f46a1f1c9348736f5d9"},
+    {file = "azure_mgmt_storage-22.1.1.tar.gz", hash = "sha256:25aaa5ae8c40c30e2f91f8aae6f52906b0557e947d5c1b9817d4ff9decc11340"},
 ]

 [package.dependencies]
 azure-common = ">=1.1"
 azure-mgmt-core = ">=1.3.2"
 isodate = ">=0.6.1"
+typing-extensions = ">=4.6.0"

 [[package]]
 name = "azure-mgmt-subscription"
@@ -2091,14 +2094,14 @@ grpcio-gcp = ["grpcio-gcp (>=0.2.2,<1.0.dev0)"]

 [[package]]
 name = "google-api-python-client"
-version = "2.161.0"
+version = "2.163.0"
 description = "Google API Client Library for Python"
 optional = false
 python-versions = ">=3.7"
 groups = ["main"]
 files = [
-    {file = "google_api_python_client-2.161.0-py2.py3-none-any.whl", hash = "sha256:9476a5a4f200bae368140453df40f9cda36be53fa7d0e9a9aac4cdb859a26448"},
-    {file = "google_api_python_client-2.161.0.tar.gz", hash = "sha256:324c0cce73e9ea0a0d2afd5937e01b7c2d6a4d7e2579cdb6c384f9699d6c9f37"},
+    {file = "google_api_python_client-2.163.0-py2.py3-none-any.whl", hash = "sha256:080e8bc0669cb4c1fb8efb8da2f5b91a2625d8f0e7796cfad978f33f7016c6c4"},
+    {file = "google_api_python_client-2.163.0.tar.gz", hash = "sha256:88dee87553a2d82176e2224648bf89272d536c8f04dcdda37ef0a71473886dd7"},
 ]

 [package.dependencies]
@@ -2434,14 +2437,14 @@ files = [

 [[package]]
 name = "jinja2"
-version = "3.1.6"
+version = "3.1.5"
 description = "A very fast and expressive template engine."
 optional = false
 python-versions = ">=3.7"
 groups = ["main", "dev"]
 files = [
-    {file = "jinja2-3.1.6-py3-none-any.whl", hash = "sha256:85ece4451f492d0c13c5dd7c13a64681a86afae63a5f347908daf103ce6d2f67"},
-    {file = "jinja2-3.1.6.tar.gz", hash = "sha256:0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d"},
+    {file = "jinja2-3.1.5-py3-none-any.whl", hash = "sha256:aba0f4dc9ed8013c424088f68a5c226f7d6097ed89b246d7749c2ec4175c6adb"},
+    {file = "jinja2-3.1.5.tar.gz", hash = "sha256:8fefff8dc3034e27bb80d67c671eb8a9bc424c0ef4c0826edbff304cceff43bb"},
 ]

 [package.dependencies]
@@ -3574,7 +3577,7 @@ files = [

 [[package]]
 name = "prowler"
-version = "5.4.0"
+version = "5.5.0"
 description = "Prowler is an Open Source security tool to perform AWS, GCP and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security Pillar, AWS Foundational Technical Review (FTR), ENS (Spanish National Security Scheme) and your custom security frameworks."
 optional = false
 python-versions = ">3.9.1,<3.13"
@@ -3585,23 +3588,23 @@ develop = false
 [package.dependencies]
 alive-progress = "3.2.0"
 awsipranges = "0.3.3"
-azure-identity = "1.19.0"
+azure-identity = "1.21.0"
 azure-keyvault-keys = "4.10.0"
-azure-mgmt-applicationinsights = "4.0.0"
+azure-mgmt-applicationinsights = "4.1.0"
 azure-mgmt-authorization = "4.0.0"
 azure-mgmt-compute = "34.0.0"
-azure-mgmt-containerregistry = "10.3.0"
-azure-mgmt-containerservice = "34.0.0"
+azure-mgmt-containerregistry = "12.0.0"
+azure-mgmt-containerservice = "34.1.0"
 azure-mgmt-cosmosdb = "9.7.0"
 azure-mgmt-keyvault = "10.3.1"
 azure-mgmt-monitor = "6.0.2"
 azure-mgmt-network = "28.1.0"
 azure-mgmt-rdbms = "10.1.0"
-azure-mgmt-resource = "23.2.0"
+azure-mgmt-resource = "23.3.0"
 azure-mgmt-search = "9.1.0"
 azure-mgmt-security = "7.0.0"
 azure-mgmt-sql = "3.0.1"
-azure-mgmt-storage = "21.2.1"
+azure-mgmt-storage = "22.1.1"
 azure-mgmt-subscription = "3.1.1"
 azure-mgmt-web = "8.0.0"
 azure-storage-blob = "12.24.1"
@@ -3612,7 +3615,7 @@ cryptography = "44.0.1"
 dash = "2.18.2"
 dash-bootstrap-components = "1.6.0"
 detect-secrets = "1.5.0"
-google-api-python-client = "2.161.0"
+google-api-python-client = "2.163.0"
 google-auth-httplib2 = ">=0.1,<0.3"
 jsonschema = "4.23.0"
 kubernetes = "32.0.1"
@@ -3622,19 +3625,19 @@ numpy = "2.0.2"
 pandas = "2.2.3"
 py-ocsf-models = "0.3.1"
 pydantic = "1.10.21"
-python-dateutil = "^2.9.0.post0"
+python-dateutil = ">=2.9.0.post0,<3.0.0"
 pytz = "2025.1"
 schema = "0.7.7"
 shodan = "1.31.0"
 slack-sdk = "3.34.0"
 tabulate = "0.9.0"
-tzlocal = "5.2"
+tzlocal = "5.3.1"

 [package.source]
 type = "git"
 url = "https://github.com/prowler-cloud/prowler.git"
-reference = "master"
-resolved_reference = "931df361bf5ee287139112f485580241099094cb"
+reference = "v5.5"
+resolved_reference = "c1b70ed0fc6bd586c8c69a121411f1d710d94845"

 [[package]]
 name = "psutil"
@@ -4605,6 +4608,7 @@ files = [
    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f66efbc1caa63c088dead1c4170d148eabc9b80d95fb75b6c92ac0aad2437d76"},
    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:22353049ba4181685023b25b5b51a574bce33e7f51c759371a7422dcae5402a6"},
    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:932205970b9f9991b34f55136be327501903f7c66830e9760a8ffb15b07f05cd"},
+    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:a52d48f4e7bf9005e8f0a89209bf9a73f7190ddf0489eee5eb51377385f59f2a"},
    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-win32.whl", hash = "sha256:3eac5a91891ceb88138c113f9db04f3cebdae277f5d44eaa3651a4f573e6a5da"},
    {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-win_amd64.whl", hash = "sha256:ab007f2f5a87bd08ab1499bdf96f3d5c6ad4dcfa364884cb4549aa0154b13a28"},
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-macosx_13_0_arm64.whl", hash = "sha256:4a6679521a58256a90b0d89e03992c15144c5f3858f40d7c18886023d7943db6"},
@@ -4613,6 +4617,7 @@ files = [
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:811ea1594b8a0fb466172c384267a4e5e367298af6b228931f273b111f17ef52"},
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:cf12567a7b565cbf65d438dec6cfbe2917d3c1bdddfce84a9930b7d35ea59642"},
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:7dd5adc8b930b12c8fc5b99e2d535a09889941aa0d0bd06f4749e9a9397c71d2"},
+    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:1492a6051dab8d912fc2adeef0e8c72216b24d57bd896ea607cb90bb0c4981d3"},
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-win32.whl", hash = "sha256:bd0a08f0bab19093c54e18a14a10b4322e1eacc5217056f3c063bd2f59853ce4"},
    {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-win_amd64.whl", hash = "sha256:a274fb2cb086c7a3dea4322ec27f4cb5cc4b6298adb583ab0e211a4682f241eb"},
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-macosx_14_0_arm64.whl", hash = "sha256:20b0f8dc160ba83b6dcc0e256846e1a02d044e13f7ea74a3d1d56ede4e48c632"},
@@ -4621,6 +4626,7 @@ files = [
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:749c16fcc4a2b09f28843cda5a193e0283e47454b63ec4b81eaa2242f50e4ccd"},
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:bf165fef1f223beae7333275156ab2022cffe255dcc51c27f066b4370da81e31"},
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:32621c177bbf782ca5a18ba4d7af0f1082a3f6e517ac2a18b3974d4edf349680"},
+    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:b82a7c94a498853aa0b272fd5bc67f29008da798d4f93a2f9f289feb8426a58d"},
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-win32.whl", hash = "sha256:e8c4ebfcfd57177b572e2040777b8abc537cdef58a2120e830124946aa9b42c5"},
    {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-win_amd64.whl", hash = "sha256:0467c5965282c62203273b838ae77c0d29d7638c8a4e3a1c8bdd3602c10904e4"},
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-macosx_14_0_arm64.whl", hash = "sha256:4c8c5d82f50bb53986a5e02d1b3092b03622c02c2eb78e29bec33fd9593bae1a"},
@@ -4629,6 +4635,7 @@ files = [
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:96777d473c05ee3e5e3c3e999f5d23c6f4ec5b0c38c098b3a5229085f74236c6"},
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-musllinux_1_1_i686.whl", hash = "sha256:3bc2a80e6420ca8b7d3590791e2dfc709c88ab9152c00eeb511c9875ce5778bf"},
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:e188d2699864c11c36cdfdada94d781fd5d6b0071cd9c427bceb08ad3d7c70e1"},
+    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:4f6f3eac23941b32afccc23081e1f50612bdbe4e982012ef4f5797986828cd01"},
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-win32.whl", hash = "sha256:6442cb36270b3afb1b4951f060eccca1ce49f3d087ca1ca4563a6eb479cb3de6"},
    {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-win_amd64.whl", hash = "sha256:e5b8daf27af0b90da7bb903a876477a9e6d7270be6146906b276605997c7e9a3"},
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-macosx_12_0_arm64.whl", hash = "sha256:fc4b630cd3fa2cf7fce38afa91d7cfe844a9f75d7f0f36393fa98815e911d987"},
@@ -4637,6 +4644,7 @@ files = [
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e2f1c3765db32be59d18ab3953f43ab62a761327aafc1594a2a1fbe038b8b8a7"},
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:d85252669dc32f98ebcd5d36768f5d4faeaeaa2d655ac0473be490ecdae3c285"},
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:e143ada795c341b56de9418c58d028989093ee611aa27ffb9b7f609c00d813ed"},
+    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:2c59aa6170b990d8d2719323e628aaf36f3bfbc1c26279c0eeeb24d05d2d11c7"},
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-win32.whl", hash = "sha256:beffaed67936fbbeffd10966a4eb53c402fafd3d6833770516bf7314bc6ffa12"},
    {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-win_amd64.whl", hash = "sha256:040ae85536960525ea62868b642bdb0c2cc6021c9f9d507810c0c604e66f5a7b"},
    {file = "ruamel.yaml.clib-0.2.12.tar.gz", hash = "sha256:6c8fbb13ec503f99a91901ab46e0b07ae7941cd527393187039aec586fdfd36f"},
@@ -5078,14 +5086,14 @@ markers = {dev = "sys_platform == \"win32\""}

 [[package]]
 name = "tzlocal"
-version = "5.2"
+version = "5.3.1"
 description = "tzinfo object for the local timezone"
 optional = false
-python-versions = ">=3.8"
+python-versions = ">=3.9"
 groups = ["main"]
 files = [
-    {file = "tzlocal-5.2-py3-none-any.whl", hash = "sha256:49816ef2fe65ea8ac19d19aa7a1ae0551c834303d5014c6d5a62e4cbda8047b8"},
-    {file = "tzlocal-5.2.tar.gz", hash = "sha256:8d399205578f1a9342816409cc1e46a93ebd5755e39ea2d85334bea911bf0e6e"},
+    {file = "tzlocal-5.3.1-py3-none-any.whl", hash = "sha256:eb1a66c3ef5847adf7a834f1be0800581b683b5608e74f86ecbcef8ab91bb85d"},
+    {file = "tzlocal-5.3.1.tar.gz", hash = "sha256:cceffc7edecefea1f595541dbd6e990cb1ea3d19bf01b2809f362a03dd7921fd"},
 ]

 [package.dependencies]
@@ -5428,4 +5436,4 @@ type = ["pytest-mypy"]
 [metadata]
 lock-version = "2.1"
 python-versions = ">=3.11,<3.13"
-content-hash = "5892eb6b702f29a7eebff3f9dc899ea8d78cac622aa8f299ef4c662df8f5b51d"
+content-hash = "7dae4c2a4c35a6d226e1ec9ff8fc75784d2c008810929586dca5c8f095c515a3"
--- a/api/pyproject.toml
+++ b/api/pyproject.toml
@@ -8,6 +8,7 @@ dependencies = [
  "celery[pytest] (>=5.4.0,<6.0.0)",
  "dj-rest-auth[with_social,jwt] (==7.0.1)",
  "django==5.1.7",
+  "django-allauth==65.4.1",
  "django-celery-beat (>=2.7.0,<3.0.0)",
  "django-celery-results (>=2.5.1,<3.0.0)",
  "django-cors-headers==4.4.0",
@@ -22,7 +23,7 @@ dependencies = [
  "drf-spectacular==0.27.2",
  "drf-spectacular-jsonapi==0.5.1",
  "gunicorn==23.0.0",
-  "prowler @ git+https://github.com/prowler-cloud/prowler.git@master",
+  "prowler @ git+https://github.com/prowler-cloud/prowler.git@v5.5",
  "psycopg2-binary==2.9.9",
  "pytest-celery[redis] (>=1.0.1,<2.0.0)",
  "sentry-sdk[django] (>=2.20.0,<3.0.0)",
--- a/api/src/backend/api/db_utils.py
+++ b/api/src/backend/api/db_utils.py
@@ -6,6 +6,7 @@ from datetime import datetime, timedelta, timezone
 from django.conf import settings
 from django.contrib.auth.models import BaseUserManager
 from django.db import connection, models, transaction
+from django_celery_beat.models import PeriodicTask
 from psycopg2 import connect as psycopg2_connect
 from psycopg2.extensions import AsIs, new_type, register_adapter, register_type
 from rest_framework_json_api.serializers import ValidationError
@@ -105,11 +106,12 @@ def generate_random_token(length: int = 14, symbols: str | None = None) -> str:
    return "".join(secrets.choice(symbols or _symbols) for _ in range(length))


-def batch_delete(queryset, batch_size=5000):
+def batch_delete(tenant_id, queryset, batch_size=settings.DJANGO_DELETION_BATCH_SIZE):
    """
    Deletes objects in batches and returns the total number of deletions and a summary.

    Args:
+        tenant_id (str): Tenant ID the queryset belongs to.
        queryset (QuerySet): The queryset of objects to delete.
        batch_size (int): The number of objects to delete in each batch.

@@ -120,15 +122,16 @@ def batch_delete(queryset, batch_size=5000):
    deletion_summary = {}

    while True:
-        # Get a batch of IDs to delete
-        batch_ids = set(
-            queryset.values_list("id", flat=True).order_by("id")[:batch_size]
-        )
-        if not batch_ids:
-            # No more objects to delete
-            break
+        with rls_transaction(tenant_id, POSTGRES_TENANT_VAR):
+            # Get a batch of IDs to delete
+            batch_ids = set(
+                queryset.values_list("id", flat=True).order_by("id")[:batch_size]
+            )
+            if not batch_ids:
+                # No more objects to delete
+                break

-        deleted_count, deleted_info = queryset.filter(id__in=batch_ids).delete()
+            deleted_count, deleted_info = queryset.filter(id__in=batch_ids).delete()

        total_deleted += deleted_count
        for model_label, count in deleted_info.items():
@@ -137,6 +140,18 @@ def batch_delete(queryset, batch_size=5000):
    return total_deleted, deletion_summary


+def delete_related_daily_task(provider_id: str):
+    """
+    Deletes the periodic task associated with a specific provider.
+
+    Args:
+        provider_id (str): The unique identifier for the provider
+                           whose related periodic task should be deleted.
+    """
+    task_name = f"scan-perform-scheduled-{provider_id}"
+    PeriodicTask.objects.filter(name=task_name).delete()
+
+
 # Postgres Enums


--- a/api/src/backend/api/filters.py
+++ b/api/src/backend/api/filters.py
@@ -287,6 +287,9 @@ class FindingFilter(FilterSet):
    status = ChoiceFilter(choices=StatusChoices.choices)
    severity = ChoiceFilter(choices=SeverityChoices)
    impact = ChoiceFilter(choices=SeverityChoices)
+    muted = BooleanFilter(
+        help_text="If this filter is not provided, muted and non-muted findings will be returned."
+    )

    resources = UUIDInFilter(field_name="resource__id", lookup_expr="in")

@@ -614,12 +617,6 @@ class ScanSummaryFilter(FilterSet):
        field_name="scan__provider__provider", choices=Provider.ProviderChoices.choices
    )
    region = CharFilter(field_name="region")
-    muted_findings = BooleanFilter(method="filter_muted_findings")
-
-    def filter_muted_findings(self, queryset, name, value):
-        if not value:
-            return queryset.exclude(muted__gt=0)
-        return queryset

    class Meta:
        model = ScanSummary
@@ -630,8 +627,6 @@ class ScanSummaryFilter(FilterSet):


 class ServiceOverviewFilter(ScanSummaryFilter):
-    muted_findings = None
-
    def is_valid(self):
        # Check if at least one of the inserted_at filters is present
        inserted_at_filters = [
--- a/api/src/backend/api/migrations/0015_finding_muted.py
+++ b/api/src/backend/api/migrations/0015_finding_muted.py
@@ -0,0 +1,26 @@
+# Generated by Django 5.1.5 on 2025-03-25 11:29
+
+from django.db import migrations, models
+
+import api.db_utils
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0014_integrations"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="finding",
+            name="muted",
+            field=models.BooleanField(default=False),
+        ),
+        migrations.AlterField(
+            model_name="finding",
+            name="status",
+            field=api.db_utils.StatusEnumField(
+                choices=[("FAIL", "Fail"), ("PASS", "Pass"), ("MANUAL", "Manual")]
+            ),
+        ),
+    ]
--- a/api/src/backend/api/migrations/0016_finding_compliance_resource_details_and_more.py
+++ b/api/src/backend/api/migrations/0016_finding_compliance_resource_details_and_more.py
@@ -0,0 +1,32 @@
+# Generated by Django 5.1.5 on 2025-03-31 10:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0015_finding_muted"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="finding",
+            name="compliance",
+            field=models.JSONField(blank=True, default=dict, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="details",
+            field=models.TextField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="metadata",
+            field=models.TextField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="partition",
+            field=models.TextField(blank=True, null=True),
+        ),
+    ]
--- a/api/src/backend/api/models.py
+++ b/api/src/backend/api/models.py
@@ -59,7 +59,6 @@ class StatusChoices(models.TextChoices):
    FAIL = "FAIL", _("Fail")
    PASS = "PASS", _("Pass")
    MANUAL = "MANUAL", _("Manual")
-    MUTED = "MUTED", _("Muted")


 class StateChoices(models.TextChoices):
@@ -519,6 +518,11 @@ class Resource(RowLevelSecurityProtectedModel):
        editable=False,
    )

+    metadata = models.TextField(blank=True, null=True)
+    details = models.TextField(blank=True, null=True)
+    partition = models.TextField(blank=True, null=True)
+
+    # Relationships
    tags = models.ManyToManyField(
        ResourceTag,
        verbose_name="Tags associated with the resource, by provider",
@@ -656,6 +660,8 @@ class Finding(PostgresPartitionedModel, RowLevelSecurityProtectedModel):
    tags = models.JSONField(default=dict, null=True, blank=True)
    check_id = models.CharField(max_length=100, blank=False, null=False)
    check_metadata = models.JSONField(default=dict, null=False)
+    muted = models.BooleanField(default=False, null=False)
+    compliance = models.JSONField(default=dict, null=True, blank=True)

    # Relationships
    scan = models.ForeignKey(to=Scan, related_name="findings", on_delete=models.CASCADE)
--- a/api/src/backend/api/signals.py
+++ b/api/src/backend/api/signals.py
@@ -1,12 +1,12 @@
 from celery import states
 from celery.signals import before_task_publish
+from config.celery import celery_app
 from django.db.models.signals import post_delete
 from django.dispatch import receiver
-from django_celery_beat.models import PeriodicTask
 from django_celery_results.backends.database import DatabaseBackend

+from api.db_utils import delete_related_daily_task
 from api.models import Provider
-from config.celery import celery_app


 def create_task_result_on_publish(sender=None, headers=None, **kwargs):  # noqa: F841
@@ -31,5 +31,4 @@ before_task_publish.connect(
@receiver(post_delete, sender=Provider)
 def delete_provider_scan_task(sender, instance, **kwargs):  # noqa: F841
    # Delete the associated periodic task when the provider is deleted
-    task_name = f"scan-perform-scheduled-{instance.id}"
-    PeriodicTask.objects.filter(name=task_name).delete()
+    delete_related_daily_task(instance.id)
--- a/api/src/backend/api/specs/v1.yaml
+++ b/api/src/backend/api/specs/v1.yaml
@@ -233,6 +233,42 @@ paths:
              schema:
                $ref: '#/components/schemas/ComplianceOverviewFullResponse'
          description: ''
+  /api/v1/compliance-overviews/metadata:
+    get:
+      operationId: compliance_overviews_metadata_retrieve
+      description: Fetch unique metadata values from a set of compliance overviews.
+        This is useful for dynamic filtering.
+      summary: Retrieve metadata values from compliance overviews
+      parameters:
+      - in: query
+        name: fields[compliance-overviews-metadata]
+        schema:
+          type: array
+          items:
+            type: string
+            enum:
+            - regions
+        description: endpoint return only specific fields in the response on a per-type
+          basis by including a fields[TYPE] query parameter.
+        explode: false
+      - in: query
+        name: filter[scan_id]
+        schema:
+          type: string
+          format: uuid
+        description: Related scan ID.
+        required: true
+      tags:
+      - Compliance Overview
+      security:
+      - jwtAuth: []
+      responses:
+        '200':
+          content:
+            application/vnd.api+json:
+              schema:
+                $ref: '#/components/schemas/ComplianceOverviewMetadataResponse'
+          description: ''
  /api/v1/findings:
    get:
      operationId: findings_list
@@ -258,6 +294,7 @@ paths:
            - inserted_at
            - updated_at
            - first_seen_at
+            - muted
            - url
            - scan
            - resources
@@ -366,6 +403,12 @@ paths:
          type: string
          format: date
        description: Maximum date range is 7 days.
+      - in: query
+        name: filter[muted]
+        schema:
+          type: boolean
+        description: If this filter is not provided, muted and non-muted findings
+          will be returned.
      - in: query
        name: filter[provider]
        schema:
@@ -597,13 +640,11 @@ paths:
          enum:
          - FAIL
          - MANUAL
-          - MUTED
          - PASS
        description: |-
          * `FAIL` - Fail
          * `PASS` - Pass
          * `MANUAL` - Manual
-          * `MUTED` - Muted
      - in: query
        name: filter[status__in]
        schema:
@@ -720,6 +761,7 @@ paths:
            - inserted_at
            - updated_at
            - first_seen_at
+            - muted
            - url
            - scan
            - resources
@@ -873,6 +915,12 @@ paths:
          type: string
          format: date
        description: Maximum date range is 7 days.
+      - in: query
+        name: filter[muted]
+        schema:
+          type: boolean
+        description: If this filter is not provided, muted and non-muted findings
+          will be returned.
      - in: query
        name: filter[provider]
        schema:
@@ -1104,13 +1152,11 @@ paths:
          enum:
          - FAIL
          - MANUAL
-          - MUTED
          - PASS
        description: |-
          * `FAIL` - Fail
          * `PASS` - Pass
          * `MANUAL` - Manual
-          * `MUTED` - Muted
      - in: query
        name: filter[status__in]
        schema:
@@ -1302,6 +1348,12 @@ paths:
          type: string
          format: date
        description: Maximum date range is 7 days.
+      - in: query
+        name: filter[muted]
+        schema:
+          type: boolean
+        description: If this filter is not provided, muted and non-muted findings
+          will be returned.
      - in: query
        name: filter[provider]
        schema:
@@ -1533,13 +1585,11 @@ paths:
          enum:
          - FAIL
          - MANUAL
-          - MUTED
          - PASS
        description: |-
          * `FAIL` - Fail
          * `PASS` - Pass
          * `MANUAL` - Manual
-          * `MUTED` - Muted
      - in: query
        name: filter[status__in]
        schema:
@@ -1983,10 +2033,6 @@ paths:
        schema:
          type: string
          format: date-time
-      - in: query
-        name: filter[muted_findings]
-        schema:
-          type: boolean
      - in: query
        name: filter[provider_id]
        schema:
@@ -2144,10 +2190,6 @@ paths:
        schema:
          type: string
          format: date-time
-      - in: query
-        name: filter[muted_findings]
-        schema:
-          type: boolean
      - in: query
        name: filter[provider_id]
        schema:
@@ -3674,6 +3716,7 @@ paths:
            - name
            - manage_users
            - manage_account
+            - manage_integrations
            - manage_providers
            - manage_scans
            - permission_state
@@ -3792,6 +3835,8 @@ paths:
            - -manage_users
            - manage_account
            - -manage_account
+            - manage_integrations
+            - -manage_integrations
            - manage_providers
            - -manage_providers
            - manage_scans
@@ -3867,6 +3912,7 @@ paths:
            - name
            - manage_users
            - manage_account
+            - manage_integrations
            - manage_providers
            - manage_scans
            - permission_state
@@ -4236,6 +4282,17 @@ paths:
        description: |-
          * `scheduled` - Scheduled
          * `manual` - Manual
+      - in: query
+        name: include
+        schema:
+          type: array
+          items:
+            type: string
+            enum:
+            - provider
+        description: include query parameter to allow the client to customize which
+          related resources should be returned.
+        explode: false
      - name: page[number]
        required: false
        in: query
@@ -4350,6 +4407,17 @@ paths:
          format: uuid
        description: A UUID string identifying this scan.
        required: true
+      - in: query
+        name: include
+        schema:
+          type: array
+          items:
+            type: string
+            enum:
+            - provider
+        description: include query parameter to allow the client to customize which
+          related resources should be returned.
+        explode: false
      tags:
      - Scan
      security:
@@ -6105,6 +6173,40 @@ components:
          $ref: '#/components/schemas/ComplianceOverviewFull'
      required:
      - data
+    ComplianceOverviewMetadata:
+      type: object
+      required:
+      - type
+      - id
+      additionalProperties: false
+      properties:
+        type:
+          allOf:
+          - $ref: '#/components/schemas/ComplianceOverviewMetadataTypeEnum'
+          description: The [type](https://jsonapi.org/format/#document-resource-object-identification)
+            member is used to describe resource objects that share common attributes
+            and relationships.
+        id: {}
+        attributes:
+          type: object
+          properties:
+            regions:
+              type: array
+              items:
+                type: string
+          required:
+          - regions
+    ComplianceOverviewMetadataResponse:
+      type: object
+      properties:
+        data:
+          $ref: '#/components/schemas/ComplianceOverviewMetadata'
+      required:
+      - data
+    ComplianceOverviewMetadataTypeEnum:
+      type: string
+      enum:
+      - compliance-overviews-metadata
    Finding:
      type: object
      required:
@@ -6142,13 +6244,11 @@ components:
              - FAIL
              - PASS
              - MANUAL
-              - MUTED
              type: string
              description: |-
                * `FAIL` - Fail
                * `PASS` - Pass
                * `MANUAL` - Manual
-                * `MUTED` - Muted
            status_extended:
              type: string
              nullable: true
@@ -6184,6 +6284,8 @@ components:
              format: date-time
              readOnly: true
              nullable: true
+            muted:
+              type: boolean
          required:
          - uid
          - status
@@ -8398,6 +8500,8 @@ components:
                  type: boolean
                manage_account:
                  type: boolean
+                manage_integrations:
+                  type: boolean
                manage_providers:
                  type: boolean
                manage_scans:
@@ -10050,6 +10154,8 @@ components:
              type: boolean
            manage_account:
              type: boolean
+            manage_integrations:
+              type: boolean
            manage_providers:
              type: boolean
            manage_scans:
@@ -10179,6 +10285,8 @@ components:
              type: boolean
            manage_account:
              type: boolean
+            manage_integrations:
+              type: boolean
            manage_providers:
              type: boolean
            manage_scans:
@@ -10313,6 +10421,8 @@ components:
                  type: boolean
                manage_account:
                  type: boolean
+                manage_integrations:
+                  type: boolean
                manage_providers:
                  type: boolean
                manage_scans:
--- a/api/src/backend/api/tests/test_db_utils.py
+++ b/api/src/backend/api/tests/test_db_utils.py
@@ -131,9 +131,10 @@ class TestBatchDelete:
        return provider_count

    @pytest.mark.django_db
-    def test_batch_delete(self, create_test_providers):
+    def test_batch_delete(self, tenants_fixture, create_test_providers):
+        tenant_id = str(tenants_fixture[0].id)
        _, summary = batch_delete(
-            Provider.objects.all(), batch_size=create_test_providers // 2
+            tenant_id, Provider.objects.all(), batch_size=create_test_providers // 2
        )
        assert Provider.objects.all().count() == 0
        assert summary == {"api.Provider": create_test_providers}
--- a/api/src/backend/api/tests/test_models.py
+++ b/api/src/backend/api/tests/test_models.py
@@ -92,3 +92,31 @@ class TestResourceModel:

        assert len(resource.tags.filter(tenant_id=tenant_id)) == 0
        assert resource.get_tags(tenant_id=tenant_id) == {}
+
+
+# @pytest.mark.django_db
+# class TestFindingModel:
+#     def test_add_finding_with_long_uid(
+#         self, providers_fixture, scans_fixture, resources_fixture
+#     ):
+#         provider, *_ = providers_fixture
+#         tenant_id = provider.tenant_id
+
+#         long_uid = "1" * 500
+#         _ = Finding.objects.create(
+#             tenant_id=tenant_id,
+#             uid=long_uid,
+#             delta=Finding.DeltaChoices.NEW,
+#             check_metadata={},
+#             status=StatusChoices.PASS,
+#             status_extended="",
+#             severity="high",
+#             impact="high",
+#             raw_result={},
+#             check_id="test_check",
+#             scan=scans_fixture[0],
+#             first_seen_at=None,
+#             muted=False,
+#             compliance={},
+#         )
+#         assert Finding.objects.filter(uid=long_uid).exists()
--- a/api/src/backend/api/tests/test_views.py
+++ b/api/src/backend/api/tests/test_views.py
@@ -14,6 +14,7 @@ from django.urls import reverse
 from rest_framework import status

 from api.models import (
+    ComplianceOverview,
    Integration,
    Invitation,
    Membership,
@@ -2692,6 +2693,8 @@ class TestFindingViewSet:
                # ("resource_tags", "key:value", 2),
                # ("resource_tags", "not:exists", 0),
                # ("resource_tags", "not:exists,key:value", 2),
+                ("muted", True, 1),
+                ("muted", False, 1),
            ]
        ),
    )
@@ -4508,6 +4511,33 @@ class TestComplianceOverviewViewSet:
        assert len(response.json()["data"]) == 1
        assert response.json()["data"][0]["id"] == str(compliance_overview1.id)

+    def test_compliance_overview_metadata(
+        self, authenticated_client, compliance_overviews_fixture
+    ):
+        response = authenticated_client.get(
+            reverse("complianceoverview-metadata"),
+            {"filter[scan_id]": str(compliance_overviews_fixture[0].scan_id)},
+        )
+        data = response.json()
+
+        expected_regions = set(
+            ComplianceOverview.objects.all()
+            .values_list("region", flat=True)
+            .distinct("region")
+        )
+
+        assert response.status_code == status.HTTP_200_OK
+        assert data["data"]["type"] == "compliance-overviews-metadata"
+        assert data["data"]["id"] is None
+        assert set(data["data"]["attributes"]["regions"]) == expected_regions
+
+    def test_compliance_overview_metadata_missing_scan_id(self, authenticated_client):
+        # Attempt to list compliance overviews without providing filter[scan_id]
+        response = authenticated_client.get(reverse("complianceoverview-metadata"))
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
+        assert response.json()["errors"][0]["source"]["pointer"] == "filter[scan_id]"
+        assert response.json()["errors"][0]["code"] == "required"
+

@pytest.mark.django_db
 class TestOverviewViewSet:
--- a/api/src/backend/api/v1/serializers.py
+++ b/api/src/backend/api/v1/serializers.py
@@ -851,6 +851,10 @@ class ScanSerializer(RLSSerializer):
            "url",
        ]

+    included_serializers = {
+        "provider": "api.v1.serializers.ProviderIncludeSerializer",
+    }
+

 class ScanIncludeSerializer(RLSSerializer):
    trigger = serializers.ChoiceField(
@@ -1087,6 +1091,7 @@ class FindingSerializer(RLSSerializer):
            "inserted_at",
            "updated_at",
            "first_seen_at",
+            "muted",
            "url",
            # Relationships
            "scan",
@@ -1897,6 +1902,13 @@ class ComplianceOverviewFullSerializer(ComplianceOverviewSerializer):
        return obj.requirements


+class ComplianceOverviewMetadataSerializer(serializers.Serializer):
+    regions = serializers.ListField(child=serializers.CharField(), allow_empty=True)
+
+    class Meta:
+        resource_name = "compliance-overviews-metadata"
+
+
 # Overviews


--- a/api/src/backend/api/v1/views.py
+++ b/api/src/backend/api/v1/views.py
@@ -22,6 +22,7 @@ from django.http import HttpResponse
 from django.urls import reverse
 from django.utils.decorators import method_decorator
 from django.views.decorators.cache import cache_control
+from django_celery_beat.models import PeriodicTask
 from drf_spectacular.settings import spectacular_settings
 from drf_spectacular.utils import (
    OpenApiParameter,
@@ -101,6 +102,7 @@ from api.rls import Tenant
 from api.utils import CustomOAuth2Client, validate_invitation
 from api.v1.serializers import (
    ComplianceOverviewFullSerializer,
+    ComplianceOverviewMetadataSerializer,
    ComplianceOverviewSerializer,
    FindingDynamicFilterSerializer,
    FindingMetadataSerializer,
@@ -1087,6 +1089,8 @@ class ProviderViewSet(BaseRLSViewSet):
        provider = get_object_or_404(Provider, pk=pk)
        provider.is_deleted = True
        provider.save()
+        task_name = f"scan-perform-scheduled-{pk}"
+        PeriodicTask.objects.filter(name=task_name).update(enabled=False)

        with transaction.atomic():
            task = delete_provider_task.delay(
@@ -2054,6 +2058,21 @@ class RoleProviderGroupRelationshipView(RelationshipView, BaseRLSViewSet):
        description="Fetch detailed information about a specific compliance overview by its ID, including detailed "
        "requirement information and check's status.",
    ),
+    metadata=extend_schema(
+        tags=["Compliance Overview"],
+        summary="Retrieve metadata values from compliance overviews",
+        description="Fetch unique metadata values from a set of compliance overviews. This is useful for dynamic "
+        "filtering.",
+        parameters=[
+            OpenApiParameter(
+                name="filter[scan_id]",
+                required=True,
+                type=OpenApiTypes.UUID,
+                location=OpenApiParameter.QUERY,
+                description="Related scan ID.",
+            ),
+        ],
+    ),
 )
@method_decorator(CACHE_DECORATOR, name="list")
@method_decorator(CACHE_DECORATOR, name="retrieve")
@@ -2115,6 +2134,8 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):
    def get_serializer_class(self):
        if self.action == "retrieve":
            return ComplianceOverviewFullSerializer
+        elif self.action == "metadata":
+            return ComplianceOverviewMetadataSerializer
        return super().get_serializer_class()

    def list(self, request, *args, **kwargs):
@@ -2131,6 +2152,35 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):
            )
        return super().list(request, *args, **kwargs)

+    @action(detail=False, methods=["get"], url_name="metadata")
+    def metadata(self, request):
+        scan_id = request.query_params.get("filter[scan_id]")
+        if not scan_id:
+            raise ValidationError(
+                [
+                    {
+                        "detail": "This query parameter is required.",
+                        "status": 400,
+                        "source": {"pointer": "filter[scan_id]"},
+                        "code": "required",
+                    }
+                ]
+            )
+
+        tenant_id = self.request.tenant_id
+
+        regions = list(
+            ComplianceOverview.objects.filter(tenant_id=tenant_id, scan_id=scan_id)
+            .values_list("region", flat=True)
+            .order_by("region")
+            .distinct()
+        )
+        result = {"regions": regions}
+
+        serializer = self.get_serializer(data=result)
+        serializer.is_valid(raise_exception=True)
+        return Response(serializer.data, status=status.HTTP_200_OK)
+

@extend_schema(tags=["Overview"])
@extend_schema_view(
--- a/api/src/backend/config/celery.py
+++ b/api/src/backend/config/celery.py
@@ -50,9 +50,9 @@ class RLSTask(Task):

        tenant_id = kwargs.get("tenant_id")
        with rls_transaction(tenant_id):
-            APITask.objects.create(
+            APITask.objects.update_or_create(
                id=task_result_instance.task_id,
                tenant_id=tenant_id,
-                task_runner_task=task_result_instance,
+                defaults={"task_runner_task": task_result_instance},
            )
        return result
--- a/api/src/backend/config/django/base.py
+++ b/api/src/backend/config/django/base.py
@@ -237,6 +237,7 @@ DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY = env.str(
 DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN = env.str("DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN", "")
 DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION = env.str("DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION", "")

+DJANGO_DELETION_BATCH_SIZE = env.int("DJANGO_DELETION_BATCH_SIZE", 5000)
 # HTTP Security Headers
 SECURE_CONTENT_TYPE_NOSNIFF = True
 X_FRAME_OPTIONS = "DENY"
--- a/api/src/backend/config/settings/sentry.py
+++ b/api/src/backend/config/settings/sentry.py
@@ -12,6 +12,8 @@ IGNORED_EXCEPTIONS = [
    "UnauthorizedOperation",
    "AuthFailure",
    "InvalidClientTokenId",
+    "AWSInvalidProviderIdError",
+    "InternalServerErrorException",
    "AccessDenied",
    "No Shodan API Key",  # Shodan Check
    "RequestLimitExceeded",  # For now we don't want to log the RequestLimitExceeded errors
@@ -33,6 +35,10 @@ IGNORED_EXCEPTIONS = [
    "ValidationException",
    "AWSSecretAccessKeyInvalidError",
    "InvalidAction",
+    "InvalidRequestException",
+    "RequestExpired",
+    "ConnectionClosedError",
+    "MaxRetryError",
    "Pool is closed",  # The following comes from urllib3: eu-west-1 -- HTTPClientError[126]: An HTTP Client raised an unhandled exception: AWSHTTPSConnectionPool(host='hostname.s3.eu-west-1.amazonaws.com', port=443): Pool is closed.
    # Authentication Errors from GCP
    "ClientAuthenticationError",
@@ -41,6 +47,8 @@ IGNORED_EXCEPTIONS = [
    "Permission denied to get service",
    "API has not been used in project",
    "HttpError 404 when requesting",
+    "HttpError 403 when requesting",
+    "HttpError 400 when requesting",
    "GCPNoAccesibleProjectsError",
    # Authentication Errors from Azure
    "ClientAuthenticationError",
@@ -49,11 +57,14 @@ IGNORED_EXCEPTIONS = [
    "AzureNotValidClientIdError",
    "AzureNotValidClientSecretError",
    "AzureNotValidTenantIdError",
+    "AzureInvalidProviderIdError",
    "AzureTenantIdAndClientSecretNotBelongingToClientIdError",
    "AzureTenantIdAndClientIdNotBelongingToClientSecretError",
    "AzureClientIdAndClientSecretNotBelongingToTenantIdError",
    "AzureHTTPResponseError",
    "Error with credentials provided",
+    # AWS Service is not available in a region
+    "EndpointConnectionError",
 ]


--- a/api/src/backend/conftest.py
+++ b/api/src/backend/conftest.py
@@ -655,6 +655,7 @@ def findings_fixture(scans_fixture, resources_fixture):
            "Description": "test description orange juice",
        },
        first_seen_at="2024-01-02T00:00:00Z",
+        muted=True,
    )

    finding2.add_resources([resource2])
--- a/api/src/backend/tasks/jobs/deletion.py
+++ b/api/src/backend/tasks/jobs/deletion.py
@@ -1,5 +1,5 @@
 from celery.utils.log import get_task_logger
-from django.db import transaction
+from django.db import DatabaseError

 from api.db_router import MainRouter
 from api.db_utils import batch_delete, rls_transaction
@@ -8,11 +8,12 @@ from api.models import Finding, Provider, Resource, Scan, ScanSummary, Tenant
 logger = get_task_logger(__name__)


-def delete_provider(pk: str):
+def delete_provider(tenant_id: str, pk: str):
    """
    Gracefully deletes an instance of a provider along with its related data.

    Args:
+        tenant_id (str): Tenant ID the resources belong to.
        pk (str): The primary key of the Provider instance to delete.

    Returns:
@@ -22,33 +23,31 @@ def delete_provider(pk: str):
    Raises:
        Provider.DoesNotExist: If no instance with the provided primary key exists.
    """
-    instance = Provider.all_objects.get(pk=pk)
-    deletion_summary = {}
+    with rls_transaction(tenant_id):
+        instance = Provider.all_objects.get(pk=pk)
+        deletion_summary = {}
+        deletion_steps = [
+            ("Scan Summaries", ScanSummary.all_objects.filter(scan__provider=instance)),
+            ("Findings", Finding.all_objects.filter(scan__provider=instance)),
+            ("Resources", Resource.all_objects.filter(provider=instance)),
+            ("Scans", Scan.all_objects.filter(provider=instance)),
+        ]

-    with transaction.atomic():
-        # Delete Scan Summaries
-        scan_summaries_qs = ScanSummary.all_objects.filter(scan__provider=instance)
-        _, scans_summ_summary = batch_delete(scan_summaries_qs)
-        deletion_summary.update(scans_summ_summary)
+    for step_name, queryset in deletion_steps:
+        try:
+            _, step_summary = batch_delete(tenant_id, queryset)
+            deletion_summary.update(step_summary)
+        except DatabaseError as db_error:
+            logger.error(f"Error deleting {step_name}: {db_error}")
+            raise

-        # Delete Findings
-        findings_qs = Finding.all_objects.filter(scan__provider=instance)
-        _, findings_summary = batch_delete(findings_qs)
-        deletion_summary.update(findings_summary)
-
-        # Delete Resources
-        resources_qs = Resource.all_objects.filter(provider=instance)
-        _, resources_summary = batch_delete(resources_qs)
-        deletion_summary.update(resources_summary)
-
-        # Delete Scans
-        scans_qs = Scan.all_objects.filter(provider=instance)
-        _, scans_summary = batch_delete(scans_qs)
-        deletion_summary.update(scans_summary)
-
-        provider_deleted_count, provider_summary = instance.delete()
+    try:
+        with rls_transaction(tenant_id):
+            _, provider_summary = instance.delete()
        deletion_summary.update(provider_summary)
-
+    except DatabaseError as db_error:
+        logger.error(f"Error deleting Provider: {db_error}")
+        raise
    return deletion_summary


@@ -66,9 +65,8 @@ def delete_tenant(pk: str):
    deletion_summary = {}

    for provider in Provider.objects.using(MainRouter.admin_db).filter(tenant_id=pk):
-        with rls_transaction(pk):
-            summary = delete_provider(provider.id)
-            deletion_summary.update(summary)
+        summary = delete_provider(pk, provider.id)
+        deletion_summary.update(summary)

    Tenant.objects.using(MainRouter.admin_db).filter(id=pk).delete()

--- a/api/src/backend/tasks/jobs/scan.py
+++ b/api/src/backend/tasks/jobs/scan.py
@@ -1,3 +1,4 @@
+import json
 import time
 from copy import deepcopy
 from datetime import datetime, timezone
@@ -6,6 +7,7 @@ from celery.utils.log import get_task_logger
 from config.settings.celery import CELERY_DEADLOCK_ATTEMPTS
 from django.db import IntegrityError, OperationalError
 from django.db.models import Case, Count, IntegerField, Sum, When
+from tasks.utils import CustomEncoder

 from api.compliance import (
    PROWLER_COMPLIANCE_OVERVIEW_TEMPLATE,
@@ -191,6 +193,17 @@ def perform_prowler_scan(
                        if resource_instance.type != finding.resource_type:
                            resource_instance.type = finding.resource_type
                            updated_fields.append("type")
+                        if resource_instance.metadata != finding.resource_metadata:
+                            resource_instance.metadata = json.dumps(
+                                finding.resource_metadata, cls=CustomEncoder
+                            )
+                            updated_fields.append("metadata")
+                        if resource_instance.details != finding.resource_details:
+                            resource_instance.details = finding.resource_details
+                            updated_fields.append("details")
+                        if resource_instance.partition != finding.partition:
+                            resource_instance.partition = finding.partition
+                            updated_fields.append("partition")
                        if updated_fields:
                            with rls_transaction(tenant_id):
                                resource_instance.save(update_fields=updated_fields)
@@ -267,6 +280,8 @@ def perform_prowler_scan(
                        check_id=finding.check_id,
                        scan=scan_instance,
                        first_seen_at=last_first_seen_at,
+                        muted=finding.muted,
+                        compliance=finding.compliance,
                    )
                    finding_instance.add_resources([resource_instance])

@@ -402,21 +417,21 @@ def aggregate_findings(tenant_id: str, scan_id: str):
        ).annotate(
            fail=Sum(
                Case(
-                    When(status="FAIL", then=1),
+                    When(status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            _pass=Sum(
                Case(
-                    When(status="PASS", then=1),
+                    When(status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
-            muted=Sum(
+            muted_count=Sum(
                Case(
-                    When(status="MUTED", then=1),
+                    When(muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
@@ -424,63 +439,63 @@ def aggregate_findings(tenant_id: str, scan_id: str):
            total=Count("id"),
            new=Sum(
                Case(
-                    When(delta="new", then=1),
+                    When(delta="new", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            changed=Sum(
                Case(
-                    When(delta="changed", then=1),
+                    When(delta="changed", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            unchanged=Sum(
                Case(
-                    When(delta__isnull=True, then=1),
+                    When(delta__isnull=True, muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            fail_new=Sum(
                Case(
-                    When(delta="new", status="FAIL", then=1),
+                    When(delta="new", status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            fail_changed=Sum(
                Case(
-                    When(delta="changed", status="FAIL", then=1),
+                    When(delta="changed", status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            pass_new=Sum(
                Case(
-                    When(delta="new", status="PASS", then=1),
+                    When(delta="new", status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            pass_changed=Sum(
                Case(
-                    When(delta="changed", status="PASS", then=1),
+                    When(delta="changed", status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            muted_new=Sum(
                Case(
-                    When(delta="new", status="MUTED", then=1),
+                    When(delta="new", muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            muted_changed=Sum(
                Case(
-                    When(delta="changed", status="MUTED", then=1),
+                    When(delta="changed", muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
@@ -498,7 +513,7 @@ def aggregate_findings(tenant_id: str, scan_id: str):
                region=agg["resources__region"],
                fail=agg["fail"],
                _pass=agg["_pass"],
-                muted=agg["muted"],
+                muted=agg["muted_count"],
                total=agg["total"],
                new=agg["new"],
                changed=agg["changed"],
--- a/api/src/backend/tasks/tasks.py
+++ b/api/src/backend/tasks/tasks.py
@@ -1,3 +1,4 @@
+from datetime import datetime, timedelta, timezone
 from pathlib import Path
 from shutil import rmtree

@@ -21,6 +22,7 @@ from api.db_utils import rls_transaction
 from api.decorators import set_tenant
 from api.models import Finding, Provider, Scan, ScanSummary, StateChoices
 from api.utils import initialize_prowler_provider
+from api.v1.serializers import ScanTaskSerializer
 from prowler.lib.outputs.finding import Finding as FindingOutput

 logger = get_task_logger(__name__)
@@ -43,9 +45,10 @@ def check_provider_connection_task(provider_id: str):
    return check_provider_connection(provider_id=provider_id)


-@shared_task(base=RLSTask, name="provider-deletion", queue="deletion")
-@set_tenant
-def delete_provider_task(provider_id: str):
+@shared_task(
+    base=RLSTask, name="provider-deletion", queue="deletion", autoretry_for=(Exception,)
+)
+def delete_provider_task(provider_id: str, tenant_id: str):
    """
    Task to delete a specific Provider instance.

@@ -53,6 +56,7 @@ def delete_provider_task(provider_id: str):

    Args:
        provider_id (str): The primary key of the `Provider` instance to be deleted.
+        tenant_id (str): Tenant ID the provider belongs to.

    Returns:
        tuple: A tuple containing:
@@ -60,7 +64,7 @@ def delete_provider_task(provider_id: str):
            - A dictionary with the count of deleted instances per model,
              including related models if cascading deletes were triggered.
    """
-    return delete_provider(pk=provider_id)
+    return delete_provider(tenant_id=tenant_id, pk=provider_id)


@shared_task(base=RLSTask, name="scan-perform", queue="scans")
@@ -126,6 +130,43 @@ def perform_scheduled_scan_task(self, tenant_id: str, provider_id: str):
        periodic_task_instance = PeriodicTask.objects.get(
            name=f"scan-perform-scheduled-{provider_id}"
        )
+
+        executed_scan = Scan.objects.filter(
+            tenant_id=tenant_id,
+            provider_id=provider_id,
+            task__task_runner_task__task_id=task_id,
+        ).order_by("completed_at")
+
+        if (
+            Scan.objects.filter(
+                tenant_id=tenant_id,
+                provider_id=provider_id,
+                trigger=Scan.TriggerChoices.SCHEDULED,
+                state=StateChoices.EXECUTING,
+                scheduler_task_id=periodic_task_instance.id,
+                scheduled_at__date=datetime.now(timezone.utc).date(),
+            ).exists()
+            or executed_scan.exists()
+        ):
+            # Duplicated task execution due to visibility timeout or scan is already running
+            logger.warning(f"Duplicated scheduled scan for provider {provider_id}.")
+            try:
+                affected_scan = executed_scan.first()
+                if not affected_scan:
+                    raise ValueError(
+                        "Error retrieving affected scan details after detecting duplicated scheduled "
+                        "scan."
+                    )
+                # Return the affected scan details to avoid losing data
+                serializer = ScanTaskSerializer(instance=affected_scan)
+            except Exception as duplicated_scan_exception:
+                logger.error(
+                    f"Duplicated scheduled scan for provider {provider_id}. Error retrieving affected scan details: "
+                    f"{str(duplicated_scan_exception)}"
+                )
+                raise duplicated_scan_exception
+            return serializer.data
+
        next_scan_datetime = get_next_execution_datetime(task_id, provider_id)
        scan_instance, _ = Scan.objects.get_or_create(
            tenant_id=tenant_id,
@@ -133,7 +174,11 @@ def perform_scheduled_scan_task(self, tenant_id: str, provider_id: str):
            trigger=Scan.TriggerChoices.SCHEDULED,
            state__in=(StateChoices.SCHEDULED, StateChoices.AVAILABLE),
            scheduler_task_id=periodic_task_instance.id,
-            defaults={"state": StateChoices.SCHEDULED},
+            defaults={
+                "state": StateChoices.SCHEDULED,
+                "name": "Daily scheduled scan",
+                "scheduled_at": next_scan_datetime - timedelta(days=1),
+            },
        )

        scan_instance.task_id = task_id
@@ -174,7 +219,7 @@ def perform_scan_summary_task(tenant_id: str, scan_id: str):
    return aggregate_findings(tenant_id=tenant_id, scan_id=scan_id)


-@shared_task(name="tenant-deletion", queue="deletion")
+@shared_task(name="tenant-deletion", queue="deletion", autoretry_for=(Exception,))
 def delete_tenant_task(tenant_id: str):
    return delete_tenant(pk=tenant_id)

@@ -201,6 +246,11 @@ def generate_outputs(scan_id: str, provider_id: str, tenant_id: str):
        scan_id (str): The scan identifier.
        provider_id (str): The provider_id id to be used in generating outputs.
    """
+    # Check if the scan has findings
+    if not ScanSummary.objects.filter(scan_id=scan_id).exists():
+        logger.info(f"No findings found for scan {scan_id}")
+        return {"upload": False}
+
    # Initialize the prowler provider
    prowler_provider = initialize_prowler_provider(Provider.objects.get(id=provider_id))

--- a/api/src/backend/tasks/tests/test_deletion.py
+++ b/api/src/backend/tasks/tests/test_deletion.py
@@ -9,17 +9,19 @@ from api.models import Provider, Tenant
 class TestDeleteProvider:
    def test_delete_provider_success(self, providers_fixture):
        instance = providers_fixture[0]
-        result = delete_provider(instance.id)
+        tenant_id = str(instance.tenant_id)
+        result = delete_provider(tenant_id, instance.id)

        assert result
        with pytest.raises(ObjectDoesNotExist):
            Provider.objects.get(pk=instance.id)

-    def test_delete_provider_does_not_exist(self):
+    def test_delete_provider_does_not_exist(self, tenants_fixture):
+        tenant_id = str(tenants_fixture[0].id)
        non_existent_pk = "babf6796-cfcc-4fd3-9dcf-88d012247645"

        with pytest.raises(ObjectDoesNotExist):
-            delete_provider(non_existent_pk)
+            delete_provider(tenant_id, non_existent_pk)


@pytest.mark.django_db
--- a/api/src/backend/tasks/tests/test_scan.py
+++ b/api/src/backend/tasks/tests/test_scan.py
@@ -1,3 +1,4 @@
+import json
 import uuid
 from unittest.mock import MagicMock, patch

@@ -7,6 +8,7 @@ from tasks.jobs.scan import (
    _store_resources,
    perform_prowler_scan,
 )
+from tasks.utils import CustomEncoder

 from api.models import (
    Finding,
@@ -107,7 +109,13 @@ class TestPerformScan:
            finding.service_name = "service_name"
            finding.resource_type = "resource_type"
            finding.resource_tags = {"tag1": "value1", "tag2": "value2"}
+            finding.muted = False
            finding.raw = {}
+            finding.resource_metadata = {"test": "metadata"}
+            finding.resource_details = {"details": "test"}
+            finding.partition = "partition"
+            finding.muted = True
+            finding.compliance = {"compliance1": "PASS"}

            # Mock the ProwlerScan instance
            mock_prowler_scan_instance = MagicMock()
@@ -145,6 +153,8 @@ class TestPerformScan:
        assert scan_finding.severity == finding.severity
        assert scan_finding.check_id == finding.check_id
        assert scan_finding.raw_result == finding.raw
+        assert scan_finding.muted
+        assert scan_finding.compliance == finding.compliance

        assert scan_resource.tenant == tenant
        assert scan_resource.uid == finding.resource_uid
@@ -152,6 +162,11 @@ class TestPerformScan:
        assert scan_resource.service == finding.service_name
        assert scan_resource.type == finding.resource_type
        assert scan_resource.name == finding.resource_name
+        assert scan_resource.metadata == json.dumps(
+            finding.resource_metadata, cls=CustomEncoder
+        )
+        assert scan_resource.details == f"{finding.resource_details}"
+        assert scan_resource.partition == finding.partition

        # Assert that the resource tags have been created and associated
        tags = scan_resource.tags.all()
--- a/api/src/backend/tasks/utils.py
+++ b/api/src/backend/tasks/utils.py
@@ -1,9 +1,32 @@
+import json
 from datetime import datetime, timedelta, timezone
+from enum import Enum

 from django_celery_beat.models import PeriodicTask
 from django_celery_results.models import TaskResult


+class CustomEncoder(json.JSONEncoder):
+    def default(self, o):
+        # Enum serialization
+        if isinstance(o, Enum):
+            return o.value
+        # Datetime and timedelta serialization
+        if isinstance(o, datetime):
+            return o.isoformat(timespec="seconds")
+        if isinstance(o, timedelta):
+            return o.total_seconds()
+
+        # Custom object serialization
+        try:
+            return super().default(o)
+        except TypeError:
+            try:
+                return o.__dict__
+            except AttributeError:
+                return str(o)
+
+
 def get_next_execution_datetime(task_id: int, provider_id: str) -> datetime:
    task_instance = TaskResult.objects.get(task_id=task_id)
    try:
--- a/dashboard/compliance/soc2_gcp.py
+++ b/dashboard/compliance/soc2_gcp.py
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_format3
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_format3(
+        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
+    )
--- a/docs/getting-started/requirements.md
+++ b/docs/getting-started/requirements.md
@@ -59,7 +59,7 @@ export AZURE_CLIENT_SECRET="XXXXXXX"
 ```

 If you try to execute Prowler with the `--sp-env-auth` flag and those variables are empty or not exported, the execution is going to fail.
-Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md#how-to-create-prowler-service-principal) section to create a service principal.
+Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md#how-to-create-prowler-service-principal-application) section to create a service principal.

 ### AZ CLI / Browser / Managed Identity authentication

@@ -79,7 +79,7 @@ Prowler for Azure needs two types of permission scopes to be set:
    ???+ note
        Please, notice that the field `assignableScopes` in the JSON custom role file must be changed to be the subscription or management group where the role is going to be assigned. The valid formats for the field are `/subscriptions/<subscription-id>` or `/providers/Microsoft.Management/managementGroups/<management-group-id>`.

-To assign the permissions, follow the instructions in the [Microsoft Entra ID permissions](../tutorials/azure/create-prowler-service-principal.md#assigning-the-proper-permissions) section and the [Azure subscriptions permissions](../tutorials/azure/subscriptions.md#assigning-proper-permissions) section, respectively.
+To assign the permissions, follow the instructions in the [Microsoft Entra ID permissions](../tutorials/azure/create-prowler-service-principal.md#assigning-the-proper-permissions) section and the [Azure subscriptions permissions](../tutorials/azure/subscriptions.md#assign-the-appropriate-permissions-to-the-identity-that-is-going-to-be-assumed-by-prowler) section, respectively.

 #### Checks that require ProwlerRole

--- a/docs/index.md
+++ b/docs/index.md
@@ -136,7 +136,7 @@ Prowler App can be installed in different ways, depending on your environment:

 ### Prowler CLI Installation

-Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/), thus can be installed as Python package with `Python >= 3.9`:
+Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/), thus can be installed as Python package with `Python >= 3.9, <= 3.12`:

 === "pipx"

@@ -144,7 +144,7 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),

    _Requirements_:

-    * `Python >= 3.9`
+    * `Python >= 3.9, <= 3.12`
    * `pipx` installed: [pipx installation](https://pipx.pypa.io/stable/installation/).
    * AWS, GCP, Azure and/or Kubernetes credentials

@@ -168,7 +168,7 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),

    _Requirements_:

-    * `Python >= 3.9`
+    * `Python >= 3.9, <= 3.12`
    * `Python pip >= 21.0.0`
    * AWS, GCP, Azure, Microsoft365 and/or Kubernetes credentials

@@ -228,7 +228,7 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),

    _Requirements_:

-    * `Python >= 3.9`
+    * `Python >= 3.9, <= 3.12`
    * AWS, GCP, Azure and/or Kubernetes credentials

    _Commands_:
@@ -244,8 +244,8 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/),

    _Requirements_:

-    * `Ubuntu 23.04` or above, if you are using an older version of Ubuntu check [pipx installation](https://docs.prowler.com/projects/prowler-open-source/en/latest/#__tabbed_1_1) and ensure you have `Python >= 3.9`.
-    * `Python >= 3.9`
+    * `Ubuntu 23.04` or above, if you are using an older version of Ubuntu check [pipx installation](https://docs.prowler.com/projects/prowler-open-source/en/latest/#__tabbed_1_1) and ensure you have `Python >= 3.9, <= 3.12`.
+    * `Python >= 3.9, <= 3.12`
    * AWS, GCP, Azure and/or Kubernetes credentials

    _Commands_:
--- a/docs/tutorials/aws/getting-started-aws.md
+++ b/docs/tutorials/aws/getting-started-aws.md
@@ -0,0 +1,214 @@
+# Getting Started with AWS on Prowler Cloud
+
+<iframe width="560" height="380" src="https://www.youtube-nocookie.com/embed/RPgIWOCERzY" title="Prowler Cloud Onboarding AWS" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="1"></iframe>
+
+Set up your AWS account to enable security scanning using Prowler Cloud.
+
+## Requirements
+
+To configure your AWS account, you’ll need:
+
+1. Access to Prowler Cloud
+2. Properly configured AWS credentials (either static or via an assumed IAM role)
+
+---
+
+## Step 1: Get Your AWS Account ID
+
+1. Log in to the [AWS Console](https://console.aws.amazon.com)
+2. Locate your AWS account ID in the top-right dropdown menu
+
+![Account ID detail](./img/aws-account-id.png)
+
+---
+
+## Step 2: Access Prowler Cloud
+
+1. Navigate to [Prowler Cloud](https://cloud.prowler.com/)
+2. Go to `Configuration` > `Cloud Providers`
+
+    ![Cloud Providers Page](../img/cloud-providers-page.png)
+
+3. Click `Add Cloud Provider`
+
+    ![Add a Cloud Provider](../img/add-cloud-provider.png)
+
+4. Select `Amazon Web Services`
+
+    ![Select AWS Provider](./img/select-aws.png)
+
+5. Enter your AWS Account ID and optionally provide a friendly alias
+
+    ![Add account ID](./img/add-account-id.png)
+
+6. Choose your preferred authentication method (next step)
+
+    ![Select auth method](./img/select-auth-method.png)
+
+---
+
+## Step 3: Set Up AWS Authentication
+
+Before proceeding, choose your preferred authentication mode:
+
+Credentials
+
+* Quick scan as current user ✅
+* No extra setup ✅
+* Credentials time out ❌
+
+Assumed Role
+
+* Preferred Setup ✅
+* Permanent Credentials ✅
+* Requires access to create role ❌
+
+---
+
+### 🔐 Assume Role (Recommended)
+
+![Assume Role Overview](./img/assume-role-overview.png)
+
+This method grants permanent access and is the recommended setup for production environments.
+
+=== "CloudFormation"
+
+    1. Download the [Prowler Scan Role Template](https://raw.githubusercontent.com/prowler-cloud/prowler/refs/heads/master/permissions/templates/cloudformation/prowler-scan-role.yml)
+
+        ![Prowler Scan Role Template](./img/prowler-scan-role-template.png)
+
+        ![Download Role Template](./img/download-role-template.png)
+
+    2. Open the [AWS Console](https://console.aws.amazon.com), search for **CloudFormation**
+
+        ![CloudFormation Search](./img/cloudformation-nav.png)
+
+    3. Go to **Stacks** and click `Create stack` > `With new resources (standard)`
+
+        ![Create Stack](./img/create-stack.png)
+
+    4. In **Specify Template**, choose `Upload a template file` and select the downloaded file
+
+        ![Upload a template file](./img/upload-template-file.png)
+        ![Upload file from downloads](./img/upload-template-from-downloads.png)
+
+    5. Click `Next`, provide a stack name and the **External ID** shown in the Prowler Cloud setup screen
+
+        ![External ID](./img/prowler-cloud-external-id.png)
+        ![Stack Data](./img/fill-stack-data.png)
+
+    6. Acknowledge the IAM resource creation warning and proceed
+
+        ![Stack Creation Second Step](./img/stack-creation-second-step.png)
+
+    7. Click `Submit` to deploy the stack
+
+        ![Click on submit](./img/submit-third-page.png)
+
+=== "Terraform"
+
+    To provision the scan role using Terraform:
+
+    1. Run the following commands:
+
+        ```bash
+        terraform init
+        terraform plan
+        terraform apply
+        ```
+
+    2. During `plan` and `apply`, you will be prompted for the **External ID**, which is available in the Prowler Cloud UI:
+
+        ![Get External ID](./img/get-external-id-prowler-cloud.png)
+
+    > 💡 Note: Terraform will use the AWS credentials of your default profile.
+
+---
+
+### Finish Setup with Assume Role
+
+8. Once the role is created, go to the **IAM Console**, click on the `ProwlerScan` role to open its details:
+
+    ![ProwlerScan role info](./img/prowler-scan-pre-info.png)
+
+9. Copy the **Role ARN**
+
+    ![New Role Info](./img/get-role-arn.png)
+
+10. Paste the ARN into the corresponding field in Prowler Cloud
+
+    ![Input the Role ARN](./img/paste-role-arn-prowler.png)
+
+11. Click `Next`, then `Launch Scan`
+
+    ![Next button in Prowler Cloud](./img/next-button-prowler-cloud.png)
+    ![Launch Scan](./img/launch-scan-button-prowler-cloud.png)
+
+---
+
+### 🔑 Credentials (Static Access Keys)
+
+You can also configure your AWS account using static credentials (not recommended for long-term use):
+
+![Connect via credentials](./img/connect-via-credentials.png)
+
+=== "Long term credentials"
+
+    1. Go to the [AWS Console](https://console.aws.amazon.com), open **CloudShell**
+
+        ![AWS CloudShell](./img/aws-cloudshell.png)
+
+    2. Run:
+
+        ```bash
+        aws iam create-access-key
+        ```
+
+    3. Copy the output containing:
+
+        - `AccessKeyId`
+        - `SecretAccessKey`
+
+        ![CloudShell Output](./img/cloudshell-output.png)
+
+    > ⚠️ Save these credentials securely and paste them into the Prowler Cloud setup screen.
+
+=== "Short term credentials (Recommended)"
+
+    You can use your [AWS Access Portal](https://docs.aws.amazon.com/singlesignon/latest/userguide/howtogetcredentials.html) or the CLI:
+
+    1. Retrieve short-term credentials for the IAM identity using this command:
+
+        ```bash
+        aws sts get-session-token --duration-seconds 900
+        ```
+
+        ???+ note
+            Check the aws documentation [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/sts_example_sts_GetSessionToken_section.html)
+
+    2. Copy the output containing:
+
+        - `AccessKeyId`
+        - `SecretAccessKey`
+
+        > Sample output:
+            ```json
+            {
+                "Credentials": {
+                    "AccessKeyId": "ASIAIOSFODNN7EXAMPLE",
+                    "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
+                    "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE",
+                    "Expiration": "2020-05-19T18:06:10+00:00"
+                }
+            }
+            ```
+
+    > ⚠️ Save these credentials securely and paste them into the Prowler Cloud setup screen.
+
+Complete the form in Prowler Cloud and click `Next`
+
+![Filled credentials page](./img/prowler-cloud-credentials-next.png)
+
+Click `Launch Scan`
+
+![Launch Scan](./img/launch-scan-button-prowler-cloud.png)
--- a/docs/tutorials/aws/img/add-account-id.png
+++ b/docs/tutorials/aws/img/add-account-id.png
--- a/docs/tutorials/aws/img/assume-role-overview.png
+++ b/docs/tutorials/aws/img/assume-role-overview.png
--- a/docs/tutorials/aws/img/aws-account-id.png
+++ b/docs/tutorials/aws/img/aws-account-id.png
--- a/docs/tutorials/aws/img/aws-cloudshell.png
+++ b/docs/tutorials/aws/img/aws-cloudshell.png
--- a/docs/tutorials/aws/img/cloudformation-nav.png
+++ b/docs/tutorials/aws/img/cloudformation-nav.png
--- a/docs/tutorials/aws/img/cloudshell-output.png
+++ b/docs/tutorials/aws/img/cloudshell-output.png
--- a/docs/tutorials/aws/img/connect-via-credentials.png
+++ b/docs/tutorials/aws/img/connect-via-credentials.png
--- a/docs/tutorials/aws/img/create-stack.png
+++ b/docs/tutorials/aws/img/create-stack.png
--- a/docs/tutorials/aws/img/download-role-template.png
+++ b/docs/tutorials/aws/img/download-role-template.png
--- a/docs/tutorials/aws/img/fill-stack-data.png
+++ b/docs/tutorials/aws/img/fill-stack-data.png
--- a/docs/tutorials/aws/img/get-external-id-prowler-cloud.png
+++ b/docs/tutorials/aws/img/get-external-id-prowler-cloud.png
--- a/docs/tutorials/aws/img/get-role-arn.png
+++ b/docs/tutorials/aws/img/get-role-arn.png
--- a/docs/tutorials/aws/img/launch-scan-button-prowler-cloud.png
+++ b/docs/tutorials/aws/img/launch-scan-button-prowler-cloud.png
--- a/docs/tutorials/aws/img/next-button-prowler-cloud.png
+++ b/docs/tutorials/aws/img/next-button-prowler-cloud.png
--- a/docs/tutorials/aws/img/next-cloudformation-template.png
+++ b/docs/tutorials/aws/img/next-cloudformation-template.png
--- a/docs/tutorials/aws/img/paste-role-arn-prowler.png
+++ b/docs/tutorials/aws/img/paste-role-arn-prowler.png
--- a/docs/tutorials/aws/img/prowler-cloud-credentials-next.png
+++ b/docs/tutorials/aws/img/prowler-cloud-credentials-next.png
--- a/docs/tutorials/aws/img/prowler-cloud-external-id.png
+++ b/docs/tutorials/aws/img/prowler-cloud-external-id.png
--- a/docs/tutorials/aws/img/prowler-scan-pre-info.png
+++ b/docs/tutorials/aws/img/prowler-scan-pre-info.png
--- a/docs/tutorials/aws/img/prowler-scan-role-template.png
+++ b/docs/tutorials/aws/img/prowler-scan-role-template.png
--- a/docs/tutorials/aws/img/select-auth-method.png
+++ b/docs/tutorials/aws/img/select-auth-method.png
--- a/docs/tutorials/aws/img/select-aws.png
+++ b/docs/tutorials/aws/img/select-aws.png
--- a/docs/tutorials/aws/img/stack-creation-second-step.png
+++ b/docs/tutorials/aws/img/stack-creation-second-step.png
--- a/docs/tutorials/aws/img/submit-third-page.png
+++ b/docs/tutorials/aws/img/submit-third-page.png
--- a/docs/tutorials/aws/img/upload-template-file.png
+++ b/docs/tutorials/aws/img/upload-template-file.png
--- a/docs/tutorials/aws/img/upload-template-from-downloads.png
+++ b/docs/tutorials/aws/img/upload-template-from-downloads.png
--- a/docs/tutorials/azure/getting-started-azure.md
+++ b/docs/tutorials/azure/getting-started-azure.md
@@ -0,0 +1,171 @@
+# Getting Started with Azure on Prowler Cloud
+
+<iframe width="560" height="380" src="https://www.youtube-nocookie.com/embed/v1as8vTFlMg" title="Prowler Cloud Onboarding Azure" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="1"></iframe>
+
+Set up your Azure subscription to enable security scanning using Prowler Cloud.
+
+## Requirements
+
+To configure your Azure subscription, you’ll need:
+
+1. Get the `Subscription ID`
+2. Access to Prowler Cloud
+3. Configure authentication in Azure:
+
+    3.1 Create a Service Principal
+
+    3.2 Assign required permissions
+
+    3.3 Assign permissions at the subscription level
+
+4. Add the credentials to Prowler Cloud
+
+---
+
+## Step 1: Get the Subscription ID
+
+1. Go to the [Azure Portal](https://portal.azure.com/#home) and search for `Subscriptions`
+2. Locate and copy your Subscription ID
+
+    ![Search Subscription](./img/search-subscriptions.png)
+    ![Subscriptions Page](./img/get-subscription-id.png)
+
+---
+
+## Step 2: Access Prowler Cloud
+
+1. Go to [Prowler Cloud](https://cloud.prowler.com/)
+2. Navigate to `Configuration` > `Cloud Providers`
+
+    ![Cloud Providers Page](../img/cloud-providers-page.png)
+
+3. Click on `Add Cloud Provider`
+
+    ![Add a Cloud Provider](../img/add-cloud-provider.png)
+
+4. Select `Microsoft Azure`
+
+    ![Select Microsoft Azure](./img/select-azure-prowler-cloud.png)
+
+5. Add the Subscription ID and an optional alias, then click `Next`
+
+    ![Add Subscription ID](./img/add-subscription-id.png)
+
+---
+
+## Step 3: Configure the Azure Subscription
+
+### Create the Service Principal
+
+A Service Principal is required to grant Prowler the necessary privileges.
+
+1. Access **Microsoft Entra ID**
+
+    ![Search Microsoft Entra ID](./img/search-microsoft-entra-id.png)
+
+2. Navigate to `Manage` > `App registrations`
+
+    ![App Registration nav](./img/app-registration-menu.png)
+
+3. Click `+ New registration`, complete the form, and click `Register`
+
+    ![New Registration](./img/new-registration.png)
+
+4. Go to `Certificates & secrets` > `+ New client secret`
+
+    ![Certificate & Secrets nav](./img/certificates-and-secrets.png)
+    ![New Client Secret](./img/new-client-secret.png)
+
+5. Fill in the required fields and click `Add`, then copy the generated value
+
+| Value | Description |
+|-------|-------------|
+| Client ID | Application ID |
+| Client Secret | AZURE_CLIENT_SECRET |
+| Tenant ID | Azure Active Directory tenant ID |
+
+---
+
+### Assign Required API Permissions
+
+Assign the following Microsoft Graph permissions:
+
+    - Directory.Read.All
+
+    - Policy.Read.All
+
+    - UserAuthenticationMethod.Read.All (optional, for MFA checks)
+
+1. Go to your App Registration > `API permissions`
+
+    ![API Permission Page](./img/api-permissions-page.png)
+
+2. Click `+ Add a permission` > `Microsoft Graph` > `Application permissions`
+
+    ![Add API Permission](./img/add-api-permission.png)
+    ![Microsoft Graph Detail](./img/microsoft-graph-detail.png)
+
+3. Search and select:
+
+    - `Directory.Read.All`
+    - `Policy.Read.All`
+    - `UserAuthenticationMethod.Read.All`
+
+    ![Permission Screenshots](./img/directory-permission.png)
+
+4. Click `Add permissions`, then grant admin consent
+
+    ![Grant Admin Consent](./img/grant-admin-consent.png)
+
+---
+
+### Assign Permissions at the Subscription Level
+
+1. Download the [Prowler Azure Custom Role](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-azure-custom-role.json)
+
+    ![Azure Custom Role](./img/download-prowler-role.png)
+
+2. Modify `assignableScopes` to match your Subscription ID (e.g. `/subscriptions/xxxx-xxxx-xxxx-xxxx`)
+
+3. Go to your Azure Subscription > `Access control (IAM)`
+
+    ![IAM Page](./img/iam-azure-page.png)
+
+4. Click `+ Add` > `Add custom role`, choose "Start from JSON" and upload the modified file
+
+    ![Add custom role via JSON](./img/add-custom-role-json.png)
+
+5. Click `Review + Create` to finish
+
+    ![Select review and create](./img/review-and-create.png)
+
+6. Return to `Access control (IAM)` > `+ Add` > `Add role assignment`
+
+    - Assign the `Reader` role
+    - Then repeat and assign the custom `ProwlerRole`
+
+    ![Role Assignment](./img/add-role-assigment.png)
+
+---
+
+## Step 4: Add Credentials to Prowler Cloud
+
+1. Go to your App Registration overview and copy the `Client ID` and `Tenant ID`
+
+    ![App Overview](./img/app-overview.png)
+
+2. Go to Prowler Cloud and paste:
+
+    - `Client ID`
+    - `Tenant ID`
+    - `AZURE_CLIENT_SECRET` from earlier
+
+    ![Prowler Cloud Azure Credentials](./img/add-credentials-azure-prowler-cloud.png)
+
+3. Click `Next`
+
+    ![Next Detail](./img/click-next-azure.png)
+
+4. Click `Launch Scan`
+
+    ![Launch Scan Azure](./img/launch-scan.png)
--- a/docs/tutorials/azure/img/add-api-permission.png
+++ b/docs/tutorials/azure/img/add-api-permission.png
--- a/docs/tutorials/azure/img/add-credentials-azure-prowler-cloud.png
+++ b/docs/tutorials/azure/img/add-credentials-azure-prowler-cloud.png
--- a/docs/tutorials/azure/img/add-custom-role-json.png
+++ b/docs/tutorials/azure/img/add-custom-role-json.png
--- a/docs/tutorials/azure/img/add-custom-role.png
+++ b/docs/tutorials/azure/img/add-custom-role.png
--- a/docs/tutorials/azure/img/add-reader-role.png
+++ b/docs/tutorials/azure/img/add-reader-role.png
--- a/docs/tutorials/azure/img/add-role-assigment.png
+++ b/docs/tutorials/azure/img/add-role-assigment.png
--- a/docs/tutorials/azure/img/add-subscription-id.png
+++ b/docs/tutorials/azure/img/add-subscription-id.png
--- a/docs/tutorials/azure/img/api-permissions-page.png
+++ b/docs/tutorials/azure/img/api-permissions-page.png
--- a/docs/tutorials/azure/img/api-permissions-result.png
+++ b/docs/tutorials/azure/img/api-permissions-result.png
--- a/docs/tutorials/azure/img/app-overview.png
+++ b/docs/tutorials/azure/img/app-overview.png
--- a/docs/tutorials/azure/img/app-registration-menu.png
+++ b/docs/tutorials/azure/img/app-registration-menu.png
--- a/docs/tutorials/azure/img/application-permissions-inside-graph.png
+++ b/docs/tutorials/azure/img/application-permissions-inside-graph.png
--- a/docs/tutorials/azure/img/certificates-and-secrets.png
+++ b/docs/tutorials/azure/img/certificates-and-secrets.png
--- a/docs/tutorials/azure/img/click-add-permissions.png
+++ b/docs/tutorials/azure/img/click-add-permissions.png
--- a/docs/tutorials/azure/img/click-next-azure.png
+++ b/docs/tutorials/azure/img/click-next-azure.png
--- a/docs/tutorials/azure/img/directory-permission.png
+++ b/docs/tutorials/azure/img/directory-permission.png
--- a/docs/tutorials/azure/img/download-prowler-role.png
+++ b/docs/tutorials/azure/img/download-prowler-role.png
--- a/docs/tutorials/azure/img/get-subscription-id.png
+++ b/docs/tutorials/azure/img/get-subscription-id.png
--- a/docs/tutorials/azure/img/grant-admin-consent.png
+++ b/docs/tutorials/azure/img/grant-admin-consent.png
--- a/docs/tutorials/azure/img/iam-azure-page.png
+++ b/docs/tutorials/azure/img/iam-azure-page.png
--- a/docs/tutorials/azure/img/launch-scan.png
+++ b/docs/tutorials/azure/img/launch-scan.png
--- a/docs/tutorials/azure/img/member-select-app-prowler.png
+++ b/docs/tutorials/azure/img/member-select-app-prowler.png
--- a/docs/tutorials/azure/img/microsoft-graph-detail.png
+++ b/docs/tutorials/azure/img/microsoft-graph-detail.png
--- a/docs/tutorials/azure/img/new-client-secret.png
+++ b/docs/tutorials/azure/img/new-client-secret.png
--- a/docs/tutorials/azure/img/new-registration.png
+++ b/docs/tutorials/azure/img/new-registration.png
--- a/docs/tutorials/azure/img/policy-permission.png
+++ b/docs/tutorials/azure/img/policy-permission.png
--- a/docs/tutorials/azure/img/prowler-app-registration.png
+++ b/docs/tutorials/azure/img/prowler-app-registration.png
--- a/docs/tutorials/azure/img/review-and-assign-last-step.png
+++ b/docs/tutorials/azure/img/review-and-assign-last-step.png
--- a/docs/tutorials/azure/img/review-and-create.png
+++ b/docs/tutorials/azure/img/review-and-create.png
--- a/docs/tutorials/azure/img/search-microsoft-entra-id.png
+++ b/docs/tutorials/azure/img/search-microsoft-entra-id.png
--- a/docs/tutorials/azure/img/search-subscriptions.png
+++ b/docs/tutorials/azure/img/search-subscriptions.png
--- a/Show More
+++ b/Show More