kandi X-RAY | prowler Summary
kandi X-RAY | prowler Summary
Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others. Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018.
Top functions reviewed by kandi - BETA
prowler Key Features
prowler Examples and Code Snippets
Trending Discussions on prowler
ANSWERAnswered 2020-Feb-10 at 12:49
.csv file (based on your
.json file) to be imported (although not tested) - data in the same order as was in
.json, timestamp removed, header row added with names as expected by DoJo and matching data types:
Accepted CSV format that matches (default) json data order, as some fields have different names in
.csv. Actual order does not matter for DoJo import.
No vulnerabilities reported
Make sure the latest version of AWS-CLI is installed on your workstation (it works with either v1 or v2), and other components needed, with Python pip already installed: pip install awscli NOTE: detect-secrets Yelp version is no longer supported the one from IBM is mantained now. Use the one mentioned below or the specific Yelp version 1.0.3 to make sure it works as expected (pip install detect-secrets==1.0.3): pip install "git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets" AWS-CLI can be also installed it using "brew", "apt", "yum" or manually from https://aws.amazon.com/cli/, but detect-secrets has to be installed using pip or pip3. You will need to install jq to get the most from Prowler.
Make sure jq is installed: examples below with "apt" for Debian alike and "yum" for RedHat alike distros (like Amazon Linux): sudo apt install jq sudo yum install jq
Previous steps, from your workstation: git clone https://github.com/toniblyx/prowler cd prowler
Since Prowler users AWS CLI under the hood, you can follow any authentication method as described here. Make sure you have properly configured your AWS-CLI with a valid Access Key and Region or declare AWS variables properly (or intance profile): aws configure or export AWS_ACCESS_KEY_ID="ASXXXXXXX" export AWS_SECRET_ACCESS_KEY="XXXXXXXXX" export AWS_SESSION_TOKEN="XXXXXXXXX"
Those credentials must be associated to a user or role with proper permissions to do all checks. To make sure, add the AWS managed policies, SecurityAudit and ViewOnlyAccess, to the user or role being used. Policy ARNs are: arn:aws:iam::aws:policy/SecurityAudit arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Additional permissions needed: to make sure Prowler can scan all services included in the group Extras, make sure you attach also the custom policy prowler-additions-policy.json to the role you are using. If you want Prowler to send findings to AWS Security Hub, make sure you also attach the custom policy prowler-security-hub.json.
Reuse Trending Solutions
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page