--- title: 'Prowler Cloud' --- **Prowler Cloud** is a web application that simplifies running Prowler. This tutorial will guide you through setting up and using it. We refer to **Prowler App** as the self-hosted version of **Prowler Cloud**. ## Accessing Prowler Cloud and API Documentation If you are a [Prowler Cloud](https://cloud.prowler.com/sign-in) user, you can access API docs at [https://api.prowler.com/api/v1/docs](https://api.prowler.com/api/v1/docs) **For Prowler App users** After [installing](/getting-started/installation/prowler-app) **Prowler App**, access it at [http://localhost:3000](http://localhost:3000). To view the auto-generated **Prowler API** documentation, navigate to [http://localhost:8080/api/v1/docs](http://localhost:8080/api/v1/docs). This documentation provides details on available endpoints, parameters, and responses. ## **Step 1: Sign Up** ### **Sign Up with Email** To get started, sign up using your email and password: Sign Up Button Sign Up ### **Sign Up with Social Login** If Social Login is enabled, you can sign up using your preferred provider (e.g., Google, GitHub). **How Social Login Works** If your email is already registered, you will be logged in, and your social account will be linked. If your email is not registered, a new account will be created using your social account email. **Enable Social Login** See [how to configure Social Login for Prowler](/user-guide/tutorials/prowler-app-social-login) to enable this feature in your own deployments. ## **Step 2: Log In** Once registered, log in with your email and password to access Prowler App. Log In Upon logging in, the Overview page will display. At this stage, no data is present: add a provider to begin scanning your cloud environment. ## **Step 3: Add a Provider** To perform security scans, link a cloud provider account. Prowler supports the following providers and more: - **AWS** - **Azure** - **Google Cloud Platform (GCP)** - **Kubernetes** - **M365** - **GitHub** - **Oracle Cloud Infrastructure (OCI)** Steps to add a provider: 1. Navigate to `Settings > Cloud Providers`. 2. Click `Add Account` to set up a new provider and provide your credentials. Add Provider ## **Step 4: Configure the Provider** Select the cloud provider to scan and configure authentication credentials. Each provider has specific requirements and authentication methods. Select a Provider For detailed instructions on configuring credentials for each provider, refer to the provider-specific getting started guides: Configure AWS authentication using IAM Access Keys or Assumed Role credentials. Set up Azure authentication using Service Principal credentials. Configure GCP authentication with Service Account or Application Default Credentials. Connect OCI with API key credentials to scan compartments and regions. Set up Kubernetes authentication using kubeconfig files for cluster access. Configure M365 authentication with Application Certificate or Client Secret. Set up GitHub authentication using Personal Access Token, OAuth App, or GitHub App. Scan IaC public or private repositories for security issues. ## **Step 5: Test Connection** After adding your credentials of your cloud account, click the `Launch` button to verify that Prowler App can successfully connect to your provider: Test Connection ## **Step 6: Scan started** After successfully adding and testing your credentials, Prowler will start scanning your cloud environment, click the `Go to Scans` button to see the progress: Start Now Prowler will automatically scan all configured providers every **24 hours**, ensuring your cloud environment stays continuously monitored. ## **Step 7: Monitor Scan Progress** Track the progress of your scan in the `Scans` section: Scan Progress ## **Step 8: Analyze the Findings** While the scan is running, start exploring the findings in these sections: - **Overview**: High-level summary of the scans. Overview - **Compliance**: Insights into compliance status. Compliance - **Issues**: Types of issues detected. Issues - **Browse All Findings**: Detailed list of findings detected, where you can filter by severity, service, and more. Findings To view all `new` findings that have not been seen prior to this scan, click the `Delta` filter and select `new`. To view all `changed` findings that have had a status change (from `PASS` to `FAIL` for example), click the `Delta` filter and select `changed`. ## **Step 9: Download the Outputs** Once a scan is complete, navigate to the Scan Jobs section to download the output files generated by Prowler: Scan Jobs section You can download the output files generated by Prowler as a single `zip` file. This archive contains the CSV, JSON-OSCF, and HTML reports detailing the findings. To download these files, click the **Download** button. This button becomes available only after the scan has finished. Download output The `zip` file unpacks into a folder named like `prowler-output--`, which includes all of the above outputs. In the example below, you can see the `.csv`, .`json`, and `.html` reports alongside a subfolder for detailed compliance checks. Output folder **API Note** For more information about the API endpoint used by the UI to download the ZIP archive, refer to: [Prowler API Reference - Download Scan Output](https://api.prowler.com/api/v1/docs#tag/Scan/operation/scans_report_retrieve) ## **Step 10: Download specified compliance report** Once your scan has finished, you don’t need to grab the entire ZIP—just pull down the specific compliance report you want: - Navigate to the **Compliance** section of the UI. Compliance section - Find the Framework report you need. - Click its **Download** icon to retrieve that report’s CSV file with all the detailed findings. Download compliance output **API Note** To fetch a single compliance report via API, see the Retrieve compliance report as CSV endpoint in the Prowler API Reference.[Prowler API Reference - Retrieve compliance report as CSV](https://api.prowler.com/api/v1/docs#tag/Scan/operation/scans_compliance_retrieve)