Cloud security checklist

Prowler Cloud Audit: A Deep Dive into Cloud Violations

Posted by

Prowler is a robust open-source tool that generates comprehensive audit reports for AWS, GCP, and Azure cloud environments.

You can use Prowler reports to:

  • Enforce compliance: Identify and rectify compliance misconfigurations to maintain regulatory adherence.
  • Strengthen security: Implement security best practices to enhance your cloud environment’s protection against evolving threats.
  • Optimize costs: Eliminate unused resources to streamline cloud expenditures and maximize resource utilization.

How to run a check with prowler

prowler aws -f us-west-1 --profile prod


Detailed results are in:
- HTML: /home/yuli/output/prowler-output-186285203186-20230314144111.html
- CSV: /home/yuli/output/prowler-output-186285203186-20230314144111.csv
- JSON: /home/yuli/output/prowler-output-186285203186-20230314144111.json

Dump all supported checks

prowler aws --list-checks

Check specific services

prowler aws --profile prod --services efs s3

Parse the report and filter only FAILED records

cat prowler.json | jq -M -c '[.[] | select(.Status == "FAIL")]'


My special BONUS 🚀

Prowler can generate reports in HTML, JSON, and CSV formats.

However, its built-in HTML reports feel a bit outdated 😉

I created a special tool to display beautiful reports. I was inspired by the Airtable design.

Check it out:

Report example:

Prowler report