Prowler is a robust open-source tool that generates comprehensive audit reports for AWS, GCP, and Azure cloud environments.
You can use Prowler reports to:
- Enforce compliance: Identify and rectify compliance misconfigurations to maintain regulatory adherence.
- Strengthen security: Implement security best practices to enhance your cloud environment’s protection against evolving threats.
- Optimize costs: Eliminate unused resources to streamline cloud expenditures and maximize resource utilization.
How to run a check with prowler
prowler aws -f us-west-1 --profile prod
Output
Detailed results are in:
- HTML: /home/yuli/output/prowler-output-186285203186-20230314144111.html
- CSV: /home/yuli/output/prowler-output-186285203186-20230314144111.csv
- JSON: /home/yuli/output/prowler-output-186285203186-20230314144111.json
Dump all supported checks
prowler aws --list-checks
Check specific services
prowler aws --profile prod --services efs s3
Parse the report and filter only FAILED records
cat prowler.json | jq -M -c '[.[] | select(.Status == "FAIL")]'
My special BONUS 🚀
Prowler can generate reports in HTML, JSON, and CSV formats.
However, its built-in HTML reports feel a bit outdated 😉
I created a special tool to display beautiful reports. I was inspired by the Airtable design.
Check it out:
https://github.com/stremovsky/prowler-viewer
Report example:
