ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-05-06 08:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
86814b2a3ee0c87b8241fa99bf4bcab8f37d8f65
prowler/docs/user-guide/tutorials/prowler-app.mdx
T
Pablo Fernandez Guerra (PFE) d23c2f3b53 refactor(ui): standardize "Providers" wording across UI and docs (#10971) 
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-05 14:39:54 +02:00

213 lines
8.8 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: 'Prowler Cloud'
---
**Prowler Cloud** is a web application that simplifies running Prowler. This tutorial will guide you through setting up and using it.
We refer to **Prowler App** as the self-hosted version of **Prowler Cloud**.
## Accessing Prowler Cloud and API Documentation
If you are a [Prowler Cloud](https://cloud.prowler.com/sign-in) user, you can access API docs at [https://api.prowler.com/api/v1/docs](https://api.prowler.com/api/v1/docs)
<Note>
**For Prowler App users**
After [installing](/getting-started/installation/prowler-app) **Prowler App**, access it at [http://localhost:3000](http://localhost:3000).
To view the auto-generated **Prowler API** documentation, navigate to [http://localhost:8080/api/v1/docs](http://localhost:8080/api/v1/docs). This documentation provides details on available endpoints, parameters, and responses.
</Note>
## **Step 1: Sign Up**
### **Sign Up with Email**
To get started, sign up using your email and password:
<img src="/images/sign-up-button.png" alt="Sign Up Button" width="320" />
<img src="/images/sign-up.png" alt="Sign Up" width="285" />
### **Sign Up with Social Login**
If Social Login is enabled, you can sign up using your preferred provider (e.g., Google, GitHub).
<Note>
**How Social Login Works**
If your email is already registered, you will be logged in, and your social account will be linked.
If your email is not registered, a new account will be created using your social account email.
</Note>
<Note>
**Enable Social Login**
See [how to configure Social Login for Prowler](/user-guide/tutorials/prowler-app-social-login) to enable this feature in your own deployments.
</Note>
## **Step 2: Log In**
Once registered, log in with your email and password to access Prowler App.
<img src="/images/log-in.png" alt="Log In" width="350" />
Upon logging in, the Overview page will display. At this stage, no data is present: add a provider to begin scanning your cloud environment.
## **Step 3: Add a Provider**
To perform security scans, link a cloud provider account. Prowler supports the following providers and more:
- **AWS**
- **Azure**
- **Google Cloud Platform (GCP)**
- **Kubernetes**
- **M365**
- **GitHub**
- **Oracle Cloud Infrastructure (OCI)**
Steps to add a provider:
1. Navigate to `Settings > Providers`.
2. Click `Add Provider` to set up a new provider and provide your credentials.
<img src="/images/add-provider.png" alt="Add Provider" width="700" />
## **Step 4: Configure the Provider**
Select the cloud provider to scan and configure authentication credentials. Each provider has specific requirements and authentication methods.
<img src="/images/select-provider.png" alt="Select a Provider" width="700" />
For detailed instructions on configuring credentials for each provider, refer to the provider-specific getting started guides:
<Columns cols={3}>
<Card title="AWS" icon="aws" href="/user-guide/providers/aws/getting-started-aws">
Configure AWS authentication using IAM Access Keys or Assumed Role credentials.
</Card>
<Card title="Azure" icon="microsoft" href="/user-guide/providers/azure/getting-started-azure">
Set up Azure authentication using Service Principal credentials.
</Card>
<Card title="Google Cloud" icon="google" href="/user-guide/providers/gcp/getting-started-gcp">
Configure GCP authentication with Service Account or Application Default Credentials.
</Card>
<Card title="Oracle Cloud Infrastructure" icon="cloud" href="/user-guide/providers/oci/getting-started-oci">
Connect OCI with API key credentials to scan compartments and regions.
</Card>
<Card title="Kubernetes" icon="cloud" href="/user-guide/providers/kubernetes/getting-started-k8s">
Set up Kubernetes authentication using kubeconfig files for cluster access.
</Card>
<Card title="Microsoft 365" icon="microsoft" href="/user-guide/providers/microsoft365/getting-started-m365">
Configure M365 authentication with Application Certificate or Client Secret.
</Card>
<Card title="GitHub" icon="github" href="/user-guide/providers/github/getting-started-github">
Set up GitHub authentication using Personal Access Token, OAuth App, or GitHub App.
</Card>
<Card title="Infrastructure as Code" icon="code" href="/user-guide/providers/iac/getting-started-iac">
Scan IaC public or private repositories for security issues.
</Card>
</Columns>
## **Step 5: Test Connection**
After adding your credentials of your cloud account, click the `Launch` button to verify that Prowler App can successfully connect to your provider:
<img src="/images/test-connection-button.png" alt="Test Connection" width="700" />
## **Step 6: Scan started**
After successfully adding and testing your credentials, Prowler will start scanning your cloud environment, click the `Go to Scans` button to see the progress:
<img src="/images/provider-added.png" alt="Start Now" width="700" />
<Note>
Prowler will automatically scan all configured providers every **24 hours**, ensuring your cloud environment stays continuously monitored.
</Note>
## **Step 7: Monitor Scan Progress**
Track the progress of your scan in the `Scans` section:
<img src="/images/scan-progress.png" alt="Scan Progress" width="700" />
<Note>
**How Dashboards Display Scan Data**
Each dashboard handles scan data differently:
* **Overview** displays aggregated metrics from the **latest completed scan per provider** only.
* **Findings** displays results from the **latest completed scan per provider** by default. To access historical findings, apply a date or scan filter.
* **Resources** lists **all discovered resources across all scans**. However, when selecting a resource, the Findings tab within the resource detail shows only findings from the **latest completed scan**. If the latest scan did not evaluate a particular resource, its Findings tab may appear empty.
When a new scan completes or a new data ingestion is processed, the dashboards automatically reflect the updated results.
</Note>
## **Step 8: Analyze the Findings**
While the scan is running, start exploring the findings in these sections:
- **Overview**: High-level summary of the scans.
<img src="/images/products/overview.png" alt="Overview" width="700" />
- **Compliance**: Insights into compliance status.
<img src="/images/compliance.png" alt="Compliance" width="700" />
- **Issues**: Types of issues detected.
<img src="/images/issues.png" alt="Issues" width="300" />
- **Browse All Findings**: Detailed list of findings detected, where you can filter by severity, service, and more.
<img src="/images/findings.png" alt="Findings" width="700" />
To view all `new` findings that have not been seen prior to this scan, click the `Delta` filter and select `new`. To view all `changed` findings that have had a status change (from `PASS` to `FAIL` for example), click the `Delta` filter and select `changed`.
## **Step 9: Download the Outputs**
Once a scan is complete, navigate to the Scan Jobs section to download the output files generated by Prowler:
<img src="/images/scan_jobs_section.png" alt="Scan Jobs section" width="700" />
You can download the output files generated by Prowler as a single `zip` file. This archive contains the CSV, JSON-OSCF, and HTML reports detailing the findings.
To download these files, click the **Download** button. This button becomes available only after the scan has finished.
<img src="/images/download_output.png" alt="Download output" width="700" />
The `zip` file unpacks into a folder named like `prowler-output-<provider_id>-<timestamp>`, which includes all of the above outputs. In the example below, you can see the `.csv`, .`json`, and `.html` reports alongside a subfolder for detailed compliance checks.
<img src="/images/output_folder.png" alt="Output folder" width="700" />
<Note>
**API Note**
For more information about the API endpoint used by the UI to download the ZIP archive, refer to: [Prowler API Reference - Download Scan Output](https://api.prowler.com/api/v1/docs#tag/Scan/operation/scans_report_retrieve)
</Note>
## **Step 10: Download specified compliance report**
Once your scan has finished, you dont need to grab the entire ZIP—just pull down the specific compliance report you want:
- Navigate to the **Compliance** section of the UI.
<img src="/images/compliance_section.png" alt="Compliance section" width="700" />
- Find the Framework report you need.
- Click its **Download** icon to retrieve that reports CSV file with all the detailed findings.
<img src="/images/compliance_download.png" alt="Download compliance output" width="700" />
<Note>
**API Note**
To fetch a single compliance report via API, see the Retrieve compliance report as CSV endpoint in the Prowler API Reference.[Prowler API Reference - Retrieve compliance report as CSV](https://api.prowler.com/api/v1/docs#tag/Scan/operation/scans_compliance_retrieve)
</Note>
Reference in New Issue View Git Blame Copy Permalink