Merge branch 'master' into PRWLR-4985-fix-resource-type-aws-metadata

prowler/providers/aws/services/cloudfront/cloudfront_distributions_multiple_origin_failover_configured/cloudfront_distributions_multiple_origin_failover_configured.metadata.json

@@ -11,7 +11,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:cloudfront:region:account-id:distribution/resource-id",
   "Severity": "low",
-  "ResourceType": "AWSCloudFrontDistribution",
+  "ResourceType": "AwsCloudFrontDistribution",
   "Description": "Check if CloudFront distributions have origin failover enabled.",
   "Risk": "Without origin failover, if the primary origin becomes unavailable, your CloudFront distribution may experience downtime, leading to potential service interruptions and a poor user experience.",
   "RelatedUrl": "https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_OriginGroup.html",

prowler/providers/aws/services/cloudfront/cloudfront_distributions_origin_traffic_encrypted/cloudfront_distributions_origin_traffic_encrypted.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:cloudfront:region:account-id:distribution/resource-id",
   "Severity": "medium",
-  "ResourceType": "AWSCloudFrontDistribution",
+  "ResourceType": "AwsCloudFrontDistribution",
   "Description": "Check if CloudFront distributions encrypt traffic to custom origins.",
   "Risk": "Allowing unencrypted HTTP traffic between CloudFront and custom origins can expose data to potential eavesdropping and manipulation, compromising data security and integrity.",
   "RelatedUrl": "https://docs.aws.amazon.com/whitepapers/latest/secure-content-delivery-amazon-cloudfront/custom-origin-with-cloudfront.html",

prowler/providers/aws/services/cloudfront/cloudfront_distributions_s3_origin_access_control/cloudfront_distributions_s3_origin_access_control.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:cloudfront:region:account-id:distribution/resource-id",
   "Severity": "medium",
-  "ResourceType": "AWSCloudFrontDistribution",
+  "ResourceType": "AwsCloudFrontDistribution",
   "Description": "Check if CloudFront distributions use origin access control.",
   "Risk": "Without OAC, your S3 bucket could be accessed directly, bypassing CloudFront, which could expose your content to unauthorized access. Additionally, relying on Origin Access Identity (OAI) may limit functionality and security features, making your distribution less secure and more difficult to manage.",
   "RelatedUrl": "https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#migrate-from-oai-to-oac",

prowler/providers/aws/services/cloudwatch/cloudwatch_cross_account_sharing_disabled/cloudwatch_cross_account_sharing_disabled.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:cloudwatch:region:account-id:certificate/resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsAccount",
+  "ResourceType": "AwsIamRole",
   "Description": "Check if CloudWatch has allowed cross-account sharing.",
   "Risk": "Cross-Account access to CloudWatch could increase the risk of compromising information between accounts.",
   "RelatedUrl": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Cross-Account-Cross-Region.html",

prowler/providers/aws/services/cloudwatch/cloudwatch_log_group_retention_policy_specific_days_enabled/cloudwatch_log_group_retention_policy_specific_days_enabled.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "logs",
   "ResourceIdTemplate": "arn:partition:cloudwatch:region:account-id:certificate/resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsLogsLogGroup",
+  "ResourceType": "Other",
   "Description": "Check if CloudWatch Log Groups have a retention policy of specific days.",
   "Risk": "If log groups have a low retention policy of less than specific days, crucial logs and data can be lost.",
   "RelatedUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_Logs.html",

prowler/providers/aws/services/cognito/cognito_user_pool_advanced_security_enabled/cognito_user_pool_advanced_security_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Advanced security features for Amazon Cognito User Pools provide additional security for your user pool. These features include compromised credentials protection, phone number verification, and account takeover protection.",
   "Risk": "If advanced security features are not enabled, your user pool is more vulnerable to unauthorized access.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html",

prowler/providers/aws/services/cognito/cognito_user_pool_blocks_compromised_credentials_sign_in_attempts/cognito_user_pool_blocks_compromised_credentials_sign_in_attempts.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Amazon Cognito User Pools can be configured to block sign-in by users with suspected compromised credentials. This feature uses Amazon Cognito advanced security features to detect anomalous sign-in attempts and block them. When enabled, Amazon Cognito User Pools will block sign-in by users with suspected compromised credentials. This helps protect your users from unauthorized access to their accounts.",
   "Risk": "If advanced security features are not enabled for an Amazon Cognito User Pool, users with compromised credentials may be able to sign in to their accounts. This could lead to unauthorized access to user data and other resources.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html",

prowler/providers/aws/services/cognito/cognito_user_pool_blocks_potential_malicious_sign_in_attempts/cognito_user_pool_blocks_potential_malicious_sign_in_attempts.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Amazon Cognito provides adaptive authentication, which helps protect your applications from malicious actors and compromised credentials by evaluating the risk associated with each user login and providing the appropriate level of security to mitigate that risk. Adaptive authentication is a feature of advanced security that you can enable for your user pool. When adaptive authentication is enabled, Amazon Cognito evaluates the risk associated with each user login and provides the appropriate level of security to mitigate that risk. You can configure adaptive authentication to block sign-in attempts that are likely to be malicious.",
   "Risk": "If adaptive authentication with automatic risk response as block sign-in is not enabled, your user pool may not be able to block sign-in attempts that are likely to be malicious.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html",

prowler/providers/aws/services/cognito/cognito_user_pool_client_prevent_user_existence_errors/cognito_user_pool_client_prevent_user_existence_errors.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPoolClient",
+  "ResourceType": "Other",
   "Description": "Amazon Cognito User Pool should be configured to prevent user existence errors. This setting prevents user existence errors by requiring the user to enter a username and password to sign in. If the user does not exist, the user will receive an error message.",
   "Risk": "Revealing user existence errors can be a security risk as it can allow an attacker to determine if a user exists in the system. This can be used to perform user enumeration attacks.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-managing-errors.html",

prowler/providers/aws/services/cognito/cognito_user_pool_client_token_revocation_enabled/cognito_user_pool_client_token_revocation_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPoolClient",
+  "ResourceType": "Other",
   "Description": "Token revocation is a security feature that allows you to revoke tokens and end sessions for users. When you enable token revocation, Amazon Cognito automatically revokes tokens for users who sign out or are deleted. This helps protect your users' data and prevent unauthorized access to your resources.",
   "Risk": "If token revocation is not enabled, users' tokens will not be revoked when they sign out or are deleted. This can lead to unauthorized access to your resources.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html",

prowler/providers/aws/services/cognito/cognito_user_pool_deletion_protection_enabled/cognito_user_pool_deletion_protection_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Deletion protection is a feature that allows you to lock a user pool to prevent it from being deleted. When deletion protection is enabled, you cannot delete the user pool. By default, deletion protection is disabled",
   "Risk": "If deletion protection is not enabled, the user pool can be deleted by any user with the necessary permissions. This can lead to loss of data and service disruption",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-deletion-protection.html",

prowler/providers/aws/services/cognito/cognito_user_pool_mfa_enabled/cognito_user_pool_mfa_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Checks whether Multi-Factor Authentication (MFA) is enabled for Amazon Cognito User Pools.",
   "Risk": "If MFA is not enabled, unauthorized users could gain access to the user pool and potentially compromise the security of the application.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html",

prowler/providers/aws/services/cognito/cognito_user_pool_password_policy_lowercase/cognito_user_pool_password_policy_lowercase.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "User pool password policy should require at least one lowercase letter.",
   "Risk": "If the password policy does not require at least one lowercase letter, it may be easier for an attacker to crack the password.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_password_policy_minimum_length_14/cognito_user_pool_password_policy_minimum_length_14.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "User pools allow you to configure a password policy for your user pool to specify complexity requirements for user passwords. The password policy for your user pools should require a minimum length of 14 or greater.",
   "Risk": "If the password policy for your user pools does not require a minimum length of 14 or greater, it may be easier for attackers to guess or brute force user passwords.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_password_policy_number/cognito_user_pool_password_policy_number.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Checks whether the password policy for your user pool requires a number.",
   "Risk": "If the password policy for your user pool does not require a number, the user pool is less secure and more vulnerable to attacks.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_password_policy_symbol/cognito_user_pool_password_policy_symbol.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Check whether the password policy for your Amazon Cognito user pool requires at least one symbol.",
   "Risk": "If the password policy for your Amazon Cognito user pool does not require at least one symbol, it can be easier for attackers to crack passwords.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_password_policy_uppercase/cognito_user_pool_password_policy_uppercase.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "User pools allow you to configure a password policy for your user pool to specify requirements for user passwords. You can require that passwords have a minimum length, contain at least one uppercase letter, and contain at least one number. You can also require that passwords have at least one special character. You can also set the password policy to require that passwords be case-sensitive.",
   "Risk": "If the password policy for your user pool does not require at least one uppercase letter, it may be easier for an attacker to guess or crack user passwords.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_self_registration_disabled/cognito_user_pool_self_registration_disabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Checks whether self registration is disabled for the Amazon Cognito User Pool. Self registration allows users to sign up for an account in the user pool. If self registration is enabled, users can sign up for an account in the user pool without any intervention from the administrator. This can lead to unauthorized access to the application.",
   "Risk": "If self registration is enabled, users can sign up for an account in the user pool without any intervention from the administrator. This can lead to unauthorized access to the application.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SignUp.html",

prowler/providers/aws/services/cognito/cognito_user_pool_temporary_password_expiration/cognito_user_pool_temporary_password_expiration.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Temporary passwords are set by the administrator and are used to allow users to sign in and change their password. Temporary passwords are valid for a limited period of time, after which they expire. Temporary passwords are used when an administrator creates a new user account or resets a user password. The temporary password expiration period is the length of time that the temporary password is valid. The default value is 7 days. You can set the expiration period to a value between 0 and 365 days.",
   "Risk": "If the temporary password expiration period is too long, it increases the risk of unauthorized access to the user account. If the temporary password expiration period is too short, it increases the risk of users being unable to sign in and change their password.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-policies.html",

prowler/providers/aws/services/cognito/cognito_user_pool_waf_acl_attached/cognito_user_pool_waf_acl_attached.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:cognito-idp:region:account:userpool/userpool-id",
   "Severity": "medium",
-  "ResourceType": "AwsCognitoUserPool",
+  "ResourceType": "Other",
   "Description": "Web ACLs are used to control access to your content. You can use a Web ACL to control who can access your content. You can also use a Web ACL to block requests based on IP address, HTTP headers, HTTP body, URI, or URI query string parameters. You can associate a Web ACL with a Cognito User Pool to control access to your content.",
   "Risk": "If a Web ACL is not associated with a Cognito User Pool, then the content is not protected by the Web ACL. This could lead to unauthorized access to your content.",
   "RelatedUrl": "https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html",

prowler/providers/aws/services/efs/efs_encryption_at_rest_enabled/efs_encryption_at_rest_enabled.metadata.json

@@ -11,7 +11,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsEfsFileSystem",
+  "ResourceType": "Other",
   "Description": "Check if EFS protects sensitive data with encryption at rest",
   "Risk": "EFS should be encrypted at rest to prevent exposure of sensitive data to bad actors",
   "RelatedUrl": "",

prowler/providers/aws/services/efs/efs_have_backup_enabled/efs_have_backup_enabled.metadata.json

@@ -11,7 +11,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsEfsFileSystem",
+  "ResourceType": "Other",
   "Description": "Check if EFS File systems have backup enabled",
   "Risk": "If backup is not enabled, data is vulnerable. Human error or bad actors could erase or modify data.",
   "RelatedUrl": "",

prowler/providers/aws/services/efs/efs_mount_target_not_publicly_accessible/efs_mount_target_not_publicly_accessible.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:elasticfilesystem:{region}:{account-id}:file-system/{filesystem-id}",
   "Severity": "medium",
-  "ResourceType": "AwsEfsFileSystem",
+  "ResourceType": "Other",
   "Description": "This control checks whether an Amazon EFS mount target is associated with a public subnet since it can be accessed from the internet.",
   "Risk": "Mount targets in public subnets may expose your EFS to unauthorized access or attacks.",
   "RelatedUrl": "https://docs.aws.amazon.com/config/latest/developerguide/efs-mount-target-public-accessible.html",

prowler/providers/aws/services/efs/efs_not_publicly_accessible/efs_not_publicly_accessible.metadata.json

@@ -10,7 +10,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsEfsFileSystem",
+  "ResourceType": "Other",
   "Description": "Check if EFS have policies which allow access to any client within the VPC",
   "Risk": "Restricting access to EFS file systems is a security best practice. Allowing access to any client within the VPC can lead to unauthorized access to the file system.",
   "RelatedUrl": "",

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_multi_az_enabled/elasticache_redis_cluster_multi_az_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
   "Severity": "medium",
-  "ResourceType": "AWSElastiCacheClusters",
+  "ResourceType": "Other",
   "Description": "Ensure Elasticache Redis cache cluster has Multi-AZ enabled.",
   "Risk": "Ensure that your Amazon ElastiCache Redis cache clusters has Multi-AZ enabled.",
   "RelatedUrl": "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/elasticache-multi-az.html#",

prowler/providers/aws/services/emr/emr_cluster_account_public_block_enabled/emr_cluster_account_public_block_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:emr:region:account-id",
   "Severity": "high",
-  "ResourceType": "AwsAccount",
+  "ResourceType": "Other",
   "Description": "EMR Account Public Access Block enabled.",
   "Risk": "EMR Clusters must have Account Public Access Block enabled.",
   "RelatedUrl": "https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-block-public-access.html",

prowler/providers/aws/services/glue/glue_etl_jobs_amazon_s3_encryption_enabled/glue_etl_jobs_amazon_s3_encryption_enabled.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:glue:region:account-id:certificate/resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsGlueJob",
+  "ResourceType": "Other",
   "Description": "Check if Glue ETL Jobs have S3 encryption enabled.",
   "Risk": "If not enabled sensitive information at rest is not protected.",
   "RelatedUrl": "https://docs.aws.amazon.com/glue/latest/dg/console-security-configurations.html",

prowler/providers/aws/services/glue/glue_etl_jobs_cloudwatch_logs_encryption_enabled/glue_etl_jobs_cloudwatch_logs_encryption_enabled.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:glue:region:account-id:certificate/resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsGlueJob",
+  "ResourceType": "Other",
   "Description": "Check if Glue ETL Jobs have CloudWatch Logs encryption enabled.",
   "Risk": "If not enabled sensitive information at rest is not protected.",
   "RelatedUrl": "https://docs.aws.amazon.com/glue/latest/dg/console-security-configurations.html",

prowler/providers/aws/services/glue/glue_etl_jobs_job_bookmark_encryption_enabled/glue_etl_jobs_job_bookmark_encryption_enabled.metadata.json

@@ -9,7 +9,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:partition:glue:region:account-id:certificate/resource-id",
   "Severity": "medium",
-  "ResourceType": "AwsGlueJob",
+  "ResourceType": "Other",
   "Description": "Check if Glue ETL Jobs have Job bookmark encryption enabled.",
   "Risk": "If not enabled sensitive information at rest is not protected.",
   "RelatedUrl": "https://docs.aws.amazon.com/glue/latest/dg/console-security-configurations.html",

prowler/providers/aws/services/inspector2/inspector2_is_enabled/inspector2_is_enabled.metadata.json

@@ -12,7 +12,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:inspector2:region:account-id/detector-id",
   "Severity": "medium",
-  "ResourceType": "AwsAccount",
+  "ResourceType": "Other",
   "Description": "Ensure that the new version of Amazon Inspector is enabled in order to help you improve the security and compliance of your AWS cloud environment. Amazon Inspector 2 is a vulnerability management solution that continually scans scans your Amazon EC2 instances, ECR container images, and Lambda functions to identify software vulnerabilities and instances of unintended network exposure.",
   "Risk": "Without using AWS Inspector, you may not be aware of all the security vulnerabilities in your AWS resources, which could lead to unauthorized access, data breaches, or other security incidents.",
   "RelatedUrl": "https://docs.aws.amazon.com/inspector/latest/user/findings-understanding.html",

prowler/providers/aws/services/ssm/ssm_document_secrets/ssm_document_secrets.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:ssm:region:account-id:document/document-name",
   "Severity": "critical",
-  "ResourceType": "AwsSsmDocument",
+  "ResourceType": "Other",
   "Description": "Find secrets in SSM Documents.",
   "Risk": "Secrets hardcoded into SSM Documents by malware and bad actors to gain lateral access to other services.",
   "RelatedUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-secretsmanager-secret-generatesecretstring.html",

prowler/providers/aws/services/ssm/ssm_documents_set_as_public/ssm_documents_set_as_public.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:ssm:region:account-id:document/document-name",
   "Severity": "high",
-  "ResourceType": "AwsSsmDocument",
+  "ResourceType": "Other",
   "Description": "Check if there are SSM Documents set as public.",
   "Risk": "SSM Documents may contain private information or even secrets and tokens.",
   "RelatedUrl": "https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-before-you-share.html",

prowler/providers/aws/services/workspaces/workspaces_volume_encryption_enabled/workspaces_volume_encryption_enabled.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:workspaces:region:account-id:workspace",
   "Severity": "high",
-  "ResourceType": "AwsWorkSpacesWorkspace",
+  "ResourceType": "Other",
   "Description": "Ensure that your Amazon WorkSpaces storage volumes are encrypted in order to meet security and compliance requirements",
   "Risk": "If the value listed in the Volume Encryption column is Disabled the selected AWS WorkSpaces instance volumes (root and user volumes) are not encrypted. Therefore your data-at-rest is not protected from unauthorized access and does not meet the compliance requirements regarding data encryption.",
   "RelatedUrl": "https://docs.aws.amazon.com/workspaces/latest/adminguide/encrypt-workspaces.html",

prowler/providers/aws/services/workspaces/workspaces_vpc_2private_1public_subnets_nat/workspaces_vpc_2private_1public_subnets_nat.metadata.json

@@ -7,7 +7,7 @@
   "SubServiceName": "",
   "ResourceIdTemplate": "arn:aws:workspaces:region:account-id:workspace",
   "Severity": "medium",
-  "ResourceType": "AwsWorkSpacesWorkspace",
+  "ResourceType": "Other",
   "Description": "Ensure that the Workspaces VPC are deployed following the best practices using 1 public subnet and 2 private subnets with a NAT Gateway attached",
   "Risk": "Proper network segmentation is a key security best practice. Workspaces VPC should be deployed using 1 public subnet and 2 private subnets with a NAT Gateway attached",
   "RelatedUrl": "https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces-vpc.html",