How to perform AWS security best practices assessments, incident response and forensics readiness with Prowler (2024)

Description

Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening and incident response.

It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others.

Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018

High level architecture

Requirements and Installation

Prowler has been written in bash using AWS-CLI underneath and it works in Linux, Mac OS or Windows with cygwin or virtualisation. Also requires jq and detect-secrets to work properly.

Installing on macOS:

Pre-requisites-1: Install awscli
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

 ~  brew install awscli ==> Downloading https://ghcr.io/v2/homebrew/core/gdbm/manifests/1.23######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/gdbm/blobs/sha256:0d0aeea95f9e7b4ccfa1e8d7f3a83b3b4d604eac1178e4f88ad51d132ad1f7cd==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:0d0aeea95f9e7b4ccfa1e8d7f3a83b3b4d604eac1178e4f88ad51d132ad1f7cd?se=2022-02-27T11%3A50%3A00Z&sig=dJo3OQOO0eZnkuyklfneSj######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/mpdecimal/manifests/2.5.1######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/mpdecimal/blobs/sha256:73e9acc9ca851c0d7fb92fdb223bf63595c319d7c5e01049388ce7989777852c==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:73e9acc9ca851c0d7fb92fdb223bf63595c319d7c5e01049388ce7989777852c?se=2022-02-27T11%3A50%3A00Z&sig=bCdulNokukDii1yNIdDppm######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/ca-certificates/manifests/2022-02-01######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/ca-certificates/blobs/sha256:40e00f88df310bc2dc42aefb3e834c0a3022f125fecdf21f26431d12a104dbc0==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:40e00f88df310bc2dc42aefb3e834c0a3022f125fecdf21f26431d12a104dbc0?se=2022-02-27T11%3A50%3A00Z&sig=FHgfhW%2Bb7DoB%2FIvJPL######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/openssl/1.1/manifests/1.1.1m######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/openssl/1.1/blobs/sha256:bac056f55bf254752ed522eccf37cf2c7cfdc38d46b2c469a777f5feb41cbbc4==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:bac056f55bf254752ed522eccf37cf2c7cfdc38d46b2c469a777f5feb41cbbc4?se=2022-02-27T11%3A50%3A00Z&sig=ihmy38A%2B1XtzeN0CBQv0######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/readline/manifests/8.1.2######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/readline/blobs/sha256:976185ec243284d74eb8b9c554d944cbc0208c26495193bcd28fdf12a08f134e==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:976185ec243284d74eb8b9c554d944cbc0208c26495193bcd28fdf12a08f134e?se=2022-02-27T11%3A50%3A00Z&sig=j6pYkvoxke%2FwvMAKy8iI######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/sqlite/manifests/3.38.0######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/sqlite/blobs/sha256:9e77132d9e64fcca7abb562cf6980ce578f961041187dbf84b6d1d85eb2388a2==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:9e77132d9e64fcca7abb562cf6980ce578f961041187dbf84b6d1d85eb2388a2?se=2022-02-27T11%3A50%3A00Z&sig=dGAHhFNTH6moSeW1fSgZJ2######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/xz/manifests/5.2.5######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/xz/blobs/sha256:099055bb0afb3dfd454e72ce2228a0fad54e90ef63577e33d18b9c92a444317a==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:099055bb0afb3dfd454e72ce2228a0fad54e90ef63577e33d18b9c92a444317a?se=2022-02-27T11%3A50%3A00Z&sig=WtJ1o5hzyyVhscY3o2Ln91######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/python/3.9/manifests/3.9.10######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/python/3.9/blobs/sha256:be3b63b24b595b7dadd25913c916cdf1c451cd5cf8068b3b2e98e6d8c40012a4==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:be3b63b24b595b7dadd25913c916cdf1c451cd5cf8068b3b2e98e6d8c40012a4?se=2022-02-27T11%3A50%3A00Z&sig=C2XDSS%2FrlaogO%2F24FG######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/six/manifests/1.16.0_2-1######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/six/blobs/sha256:560f73cafaea617d44f93beffdac91ac3b93095b1b64ff3877c5c4903f1cb001==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:560f73cafaea617d44f93beffdac91ac3b93095b1b64ff3877c5c4903f1cb001?se=2022-02-27T11%3A50%3A00Z&sig=Qar1WPal%2BEZOCiycUwM2######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/awscli/manifests/2.4.21######################################################################## 100.0%==> Downloading https://ghcr.io/v2/homebrew/core/awscli/blobs/sha256:8509e291d1bac898b135f57ea5997057752bc48f96e92a8bc39ad8816239b202==> Downloading from https://pkg-containers.githubusercontent.com/ghcr1/blobs/sha256:8509e291d1bac898b135f57ea5997057752bc48f96e92a8bc39ad8816239b202?se=2022-02-27T11%3A50%3A00Z&sig=0YHe4d3%2BLQ2OgcGlm89B######################################################################## 100.0%==> Installing dependencies for awscli: gdbm, mpdecimal, ca-certificates, openssl@1.1, readline, sqlite, xz, python@3.9 and six==> Installing awscli dependency: gdbm==> Pouring gdbm--1.23.monterey.bottle.tar.gz🍺 /usr/local/Cellar/gdbm/1.23: 24 files, 956.7KB==> Installing awscli dependency: mpdecimal==> Pouring mpdecimal--2.5.1.monterey.bottle.tar.gz🍺 /usr/local/Cellar/mpdecimal/2.5.1: 71 files, 2.1MB==> Installing awscli dependency: ca-certificates==> Pouring ca-certificates--2022-02-01.all.bottle.tar.gz==> Regenerating CA certificate bundle from keychain, this may take a while...🍺 /usr/local/Cellar/ca-certificates/2022-02-01: 3 files, 213.4KB==> Installing awscli dependency: openssl@1.1==> Pouring openssl@1.1--1.1.1m.monterey.bottle.tar.gz🍺 /usr/local/Cellar/openssl@1.1/1.1.1m: 8,081 files, 18.5MB==> Installing awscli dependency: readline==> Pouring readline--8.1.2.monterey.bottle.tar.gz🍺 /usr/local/Cellar/readline/8.1.2: 48 files, 1.6MB==> Installing awscli dependency: sqlite==> Pouring sqlite--3.38.0.monterey.bottle.tar.gz🍺 /usr/local/Cellar/sqlite/3.38.0: 11 files, 4.4MB==> Installing awscli dependency: xz==> Pouring xz--5.2.5.monterey.bottle.tar.gz🍺 /usr/local/Cellar/xz/5.2.5: 95 files, 1.3MB==> Installing awscli dependency: python@3.9==> Pouring python@3.9--3.9.10.monterey.bottle.tar.gz==> /usr/local/Cellar/python@3.9/3.9.10/bin/python3 -m ensurepip==> /usr/local/Cellar/python@3.9/3.9.10/bin/python3 -m pip install -v --no-deps --no-index --upgrade --isolated --target=/usr/local/lib/python3.9/site-packages /usr/local/Cellar/python@3.9/3.9.10/Framewor🍺 /usr/local/Cellar/python@3.9/3.9.10: 3,080 files, 54.9MB==> Installing awscli dependency: six==> Pouring six--1.16.0_2.all.bottle.1.tar.gz🍺 /usr/local/Cellar/six/1.16.0_2: 20 files, 122.3KB==> Installing awscli==> Pouring awscli--2.4.21.monterey.bottle.tar.gz==> CaveatsThe "examples" directory has been installed to: /usr/local/share/awscli/exampleszsh completions and functions have been installed to: /usr/local/share/zsh/site-functions==> Summary🍺 /usr/local/Cellar/awscli/2.4.21: 12,403 files, 98.0MB==> Running `brew cleanup awscli`...Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).==> Caveats==> awscl*the "examples" directory has been installed to: /usr/local/share/awscli/exampleszsh completions and functions have been installed to: /usr/local/share/zsh/site-functions

Pre-requisites-2: Install jq

jq is a lightweight and flexible command-line JSON processor

 ~/Documents/prowler/prowler master  brew install jq ==> Downloading https://ghcr.io/v2/homebrew/core/jq/manifests/1.6-1Already downloaded: /Users/macpro/Library/Caches/Homebrew/downloads/fc2724606b6ebef1ba0db7d7ae84cfca1df8cfed9e58e3a8714413b3676935f7--jq-1.6-1.bottle_manifest.json==> Downloading https://ghcr.io/v2/homebrew/core/jq/blobs/sha256:7fee6ea327062b37d34ef5346a84810a1752cc7146fff1223fab76c9b45686e0Already downloaded: /Users/macpro/Library/Caches/Homebrew/downloads/de57802c1c3740b0761a664bea8c9f15347d4049295d0c81cd6368eda6b34953--jq--1.6.monterey.bottle.1.tar.gz==> Pouring jq--1.6.monterey.bottle.1.tar.gz🍺 /usr/local/Cellar/jq/1.6: 18 files, 1.1MB==> Running `brew cleanup jq`...Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).

Pre-requisites-3: Install detect-secrets

 ~/Documents/prowler/prowler master  brew install detect-secrets Running `brew update --preinstall`...==> Auto-updated Homebrew!Updated 1 tap (homebrew/core).==> Updated FormulaeUpdated 2 formulae.==> Downloading https://ghcr.io/v2/homebrew/core/detect-secrets/manifests/1.2.0Already downloaded: /Users/macpro/Library/Caches/Homebrew/downloads/2bc8b428481bdd5d7b761dd35c815afc1f89566bba036e3f3024095a08847c56--detect-secrets-1.2.0.bottle_manifest.json==> Downloading https://ghcr.io/v2/homebrew/core/detect-secrets/blobs/sha256:483d2bd7fa7a791cef6d92273d53c40c32055d986f9976eef5d78332d16b47b0Already downloaded: /Users/macpro/Library/Caches/Homebrew/downloads/02f1e9c7e1532b55d0186fc4edc39578e0f571e161d6fd7f5a82ccbe83192020--detect-secrets--1.2.0.monterey.bottle.tar.gz==> Pouring detect-secrets--1.2.0.monterey.bottle.tar.gz🍺 /usr/local/Cellar/detect-secrets/1.2.0: 937 files, 11.6MB==> Running `brew cleanup detect-secrets`...Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).

Pre-requisites-4: aws configure

Run "aws configure" and enter the required values to access your AWS account and run the audits. Prowler uses aws-cli in the background, so it uses your existing AWS credentials that you entered in "aws configure" to perform the audits.

~/Documents/prowler/prowler master  aws configure AWS Access Key ID [****************:AWS Secret Access Key [****************]:Default region name [eu-xxxxxx-1]:Default output format [json]:

Install prowler

Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening and incident response.

Install Prowler on macOS:

 ~/Documents/prowler  git clone https://github.com/prowler-cloud/prowler Cloning into 'prowler'...remote: Enumerating objects: 9457, done.remote: Counting objects: 100% (3011/3011), done.remote: Compressing objects: 100% (940/940), done.remote: Total 9457 (delta 2260), reused 2699 (delta 2063), pack-reused 6446Receiving objects: 100% (9457/9457), 55.23 MiB | 25.25 MiB/s, done.Resolving deltas: 100% (6780/6780), done. ~/Documents/prowler  ls prowler ~/Documents/prowler  cd prowler ~/Documents/prowler/prowler master  ls 48: Pipfile command iam line utilCODE_OF_CONDUCT.md README.md docs include not whitelist_sample.txtLICENSE checklist.txt found integrations outputLIST_OF_CHECKS_AND_GROUPS.md checks groups jq: prowler

Prowler in action

Sample screenshot of default console report first lines of command ./prowler:

Sample screenshot of the html output -M html:

Trust Boundaries Checks:
This group of checks helps to analyse a particular AWS account (subject) on existing links to other AWS accounts across various AWS services, in order to identify untrusted links.

~/Documents/prowler/prowler master  ./prowler -g trustboundaries _ _ __ _ __ _____ _| | ___ _ __ | '_ \| '__/ _ \ \ /\ / / |/ _ \ '__| | |_) | | | (_) \ V V /| | __/ | | .__/|_| \___/ \_/\_/ |_|\___|_|v2.7.0-24January2022 |_| the handy cloud security tool Date: Sun 27 Feb 2022 15:32:33 CET Color code for results: - INFO (Information) - PASS (Recommended value) - WARNING (Ignored by whitelist) - FAIL (Fix required) This report is being generated using credentials below: AWS-CLI Profile: [default] AWS API Region: [eu-central-1] AWS Filter Region: [all] AWS Account: [xxxxxxxxxxx] UserId: [xxxxxxxxxxx] Caller Identity ARN: [arn:aws:iam::xxxxxx:user/xxxxxx]16.0 Find cross-account trust boundaries - [trustboundaries] ******* - []7.89 [extra789] Find trust boundaries in VPC endpoint services connections - vpc [Medium]7.90 [extra790] Find trust boundaries in VPC endpoint services whitelisted principles - vpc [Medium]

Generate Forensics ready report:

~/Documents/prowler/prowler master  ./prowler -M html -g forensics-ready _ _ __ _ __ _____ _| | ___ _ __ | '_ \| '__/ _ \ \ /\ / / |/ _ \ '__| | |_) | | | (_) \ V V /| | __/ | | .__/|_| \___/ \_/\_/ |_|\___|_|v2.7.0-24January2022 |_| the handy cloud security tool Date: Sun 27 Feb 2022 13:55:25 CET Color code for results: - INFO (Information) - PASS (Recommended value) - WARNING (Ignored by whitelist) - FAIL (Fix required) This report is being generated using credentials below: AWS-CLI Profile: [default] AWS API Region: [eu-xxxxx-1] AWS Filter Region: [all] AWS Account: [xxxxxx] UserId: [xxxxxxxx] Caller Identity ARN: [arn:aws:iam::xxxxxx:user/xxxxxx]8.0 Forensics Readiness - [forensics-ready] ************************ - []2.1 [check21] Ensure CloudTrail is enabled in all regions - cloudtrail [High]2.2 [check22] Ensure CloudTrail log file validation is enabled - cloudtrail [Medium] PASS! eu-central-1: Trail arn:aws:cloudtrail:eu-central-1:xxxxxxx:trail/xxx_xxx_Trail log file validation enabled2.3 [check23] Ensure the S3 bucket CloudTrail logs to is not publicly accessible - cloudtrail [Critical]2.4 [check24] Ensure CloudTrail trails are integrated with CloudWatch Logs - cloudtrail [Low]2.5 [check25] Ensure AWS Config is enabled in all regions - configservice [Medium] PASS! eu-north-1: AWS Config recorder enabled FAIL! ap-south-1: AWS Config recorder disabled FAIL! eu-west-3: AWS Config recorder disabled FAIL! eu-west-2: AWS Config recorder disabled FAIL! eu-west-1: AWS Config recorder disabled FAIL! ap-northeast-3: AWS Config recorder disabled FAIL! ap-northeast-2: AWS Config recorder disabled FAIL! ap-northeast-1: AWS Config recorder disabled FAIL! sa-east-1: AWS Config recorder disabled FAIL! ca-central-1: AWS Config recorder disabled FAIL! ap-southeast-1: AWS Config recorder disabled FAIL! ap-southeast-2: AWS Config recorder disabled FAIL! eu-central-1: AWS Config recorder disabled FAIL! us-east-1: AWS Config recorder disabled FAIL! us-east-2: AWS Config recorder disabled FAIL! us-west-1: AWS Config recorder disabled FAIL! us-west-2: AWS Config recorder disabled2.6 [check26] Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket - s3 [Medium]2.7 [check27] Ensure CloudTrail logs are encrypted at rest using KMS CMKs - cloudtrail [Medium]2.9 [check29] Ensure VPC Flow Logging is Enabled in all VPCs - vpc [Medium] FAIL! eu-north-1: VPC vpc-xxxxxx VPCFlowLog is disabled FAIL! ap-south-1: VPC vpc-xxxxxx VPCFlowLog is disabled FAIL! eu-west-3: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! eu-west-2: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! ap-northeast-3: VPC vpc-xx VPCFlowLog is disabled FAIL! ap-northeast-2: VPC vpc-xx VPCFlowLog is disabled FAIL! ap-northeast-1: VPC vpc-xx VPCFlowLog is disabled FAIL! sa-east-1: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! ca-central-1: VPC vpc-xxxx VPCFlowLog is disabled FAIL! ap-southeast-1: VPC vpc-xx VPCFlowLog is disabled FAIL! ap-southeast-2: VPC vpc-xx VPCFlowLog is disabled FAIL! eu-central-1: VPC vpc-xxxx VPCFlowLog is disabled FAIL! eu-central-1: VPC vpc-xxxx VPCFlowLog is disabled FAIL! eu-central-1: VPC vpc-xxxx VPCFlowLog is disabled FAIL! eu-central-1: VPC vpc-xxxx VPCFlowLog is disabled FAIL! us-east-1: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! us-east-2: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! us-west-1: VPC vpc-xxxxxxx VPCFlowLog is disabled FAIL! us-west-2: VPC vpc-xxxxxxx VPCFlowLog is disabled7.12 [extra712] Check if Amazon Macie is enabled - macie [Low] FAIL! eu-central-1: No Macie related IAM roles found. It is most likely not to be enabled7.13 [extra713] Check if GuardDuty is enabled - guardduty [High] PASS! eu-north-1: GuardDuty detector xxxxxxx enabled PASS! ap-south-1: GuardDuty detector xxxxxxx enabled PASS! eu-west-3: GuardDuty detector xxxxxxx enabled PASS! eu-west-2: GuardDuty detector xxxxxxx enabled PASS! eu-west-1: GuardDuty detector xxxxxxx enabled FAIL! ap-northeast-3: GuardDuty detector not configured! PASS! ap-northeast-2: GuardDuty detector xxxxxx enabled PASS! ap-northeast-1: GuardDuty detector xxxxxx enabled PASS! sa-east-1: GuardDuty detector xxxxxxx enabled PASS! ca-central-1: GuardDuty detector xxxxxxx enabled PASS! ap-southeast-1: GuardDuty detector xxxxxx enabled PASS! ap-southeast-2: GuardDuty detector xxxxxx enabled PASS! eu-central-1: GuardDuty detector xxxxxxx enabled PASS! us-east-1: GuardDuty detector xxxxxxx enabled PASS! us-east-2: GuardDuty detector xxxxxxx enabled PASS! us-west-1: GuardDuty detector xxxxxxx enabled PASS! us-west-2: GuardDuty detector xxxxxxx enabled7.14 [extra714] Check if CloudFront distributions have logging enabled - cloudfront [Medium] INFO! eu-central-1: No CloudFront distributions found7.15 [extra715] Check if Amazon Elasticsearch Service (ES) domains have logging enabled - es [Medium] INFO! eu-north-1: No Amazon ES domain found INFO! ap-south-1: No Amazon ES domain found INFO! eu-west-3: No Amazon ES domain found INFO! eu-west-2: No Amazon ES domain found INFO! eu-west-1: No Amazon ES domain found INFO! ap-northeast-3: No Amazon ES domain found INFO! ap-northeast-2: No Amazon ES domain found INFO! ap-northeast-1: No Amazon ES domain found INFO! sa-east-1: No Amazon ES domain found INFO! ca-central-1: No Amazon ES domain found INFO! ap-southeast-1: No Amazon ES domain found INFO! ap-southeast-2: No Amazon ES domain found INFO! eu-central-1: No Amazon ES domain found INFO! us-east-1: No Amazon ES domain found INFO! us-east-2: No Amazon ES domain found INFO! us-west-1: No Amazon ES domain found INFO! us-west-2: No Amazon ES domain found7.17 [extra717] Check if Elastic Load Balancers have logging enabled - elb [Medium] INFO! eu-north-1: No ELBs found INFO! ap-south-1: No ELBs found INFO! eu-west-3: No ELBs found INFO! eu-west-2: No ELBs found INFO! eu-west-1: No ELBs found INFO! ap-northeast-3: No ELBs found INFO! ap-northeast-2: No ELBs found INFO! ap-northeast-1: No ELBs found INFO! sa-east-1: No ELBs found INFO! ca-central-1: No ELBs found INFO! ap-southeast-1: No ELBs found INFO! ap-southeast-2: No ELBs found INFO! eu-central-1: No ELBs found INFO! us-east-1: No ELBs found INFO! us-east-2: No ELBs found INFO! us-west-1: No ELBs found INFO! us-west-2: No ELBs found7.18 [extra718] Check if S3 buckets have server access logging enabled - s3 [Medium]7.19 [extra719] Check if Route53 public hosted zones are logging queries to CloudWatch Logs - route53 [Medium] INFO! eu-central-1: No Route53 hosted zones found7.20 [extra720] Check if Lambda functions invoke API operations are being recorded by CloudTrail - lambda [Low] INFO! ap-south-1: No Lambda functions found INFO! eu-west-3: No Lambda functions found INFO! eu-west-2: No Lambda functions found INFO! eu-west-1: No Lambda functions found FAIL! ap-northeast-3: Lambda function CUSTOM_CENTRALIZED_CLOUDTRAIL_CHECK NOT enabled in trail arn:aws:cloudtrail:eu-xxxxx-1:xxxxxxxxx:trail/xxx_xxx_Trail INFO! ap-northeast-2: No Lambda functions found INFO! ap-northeast-1: No Lambda functions found INFO! sa-east-1: No Lambda functions found INFO! ca-central-1: No Lambda functions found INFO! ap-southeast-1: No Lambda functions found INFO! ap-southeast-2: No Lambda functions found INFO! eu-central-1: No Lambda functions found INFO! us-east-1: No Lambda functions found INFO! us-east-2: No Lambda functions found INFO! us-west-1: No Lambda functions found INFO! us-west-2: No Lambda functions found7.21 [extra721] Check if Redshift cluster has audit logging enabled - redshift [Medium] INFO! eu-north-1: No Redshift cluster configured INFO! ap-south-1: No Redshift cluster configured INFO! eu-west-3: No Redshift cluster configured INFO! eu-west-2: No Redshift cluster configured INFO! eu-west-1: No Redshift cluster configured INFO! ap-northeast-3: No Redshift cluster configured INFO! ap-northeast-2: No Redshift cluster configured INFO! ap-northeast-1: No Redshift cluster configured INFO! sa-east-1: No Redshift cluster configured INFO! ca-central-1: No Redshift cluster configured INFO! ap-southeast-1: No Redshift cluster configured INFO! ap-southeast-2: No Redshift cluster configured INFO! eu-central-1: No Redshift cluster configured INFO! us-east-1: No Redshift cluster configured INFO! us-east-2: No Redshift cluster configured INFO! us-west-1: No Redshift cluster configured INFO! us-west-2: No Redshift cluster configured7.22 [extra722] Check if API Gateway has logging enabled - apigateway [Medium] INFO! eu-north-1: No API Gateway found INFO! ap-south-1: No API Gateway found INFO! eu-west-3: No API Gateway found INFO! eu-west-2: No API Gateway found INFO! eu-west-1: No API Gateway found INFO! ap-northeast-3: No API Gateway found INFO! ap-northeast-2: No API Gateway found INFO! ap-northeast-1: No API Gateway found INFO! sa-east-1: No API Gateway found INFO! ca-central-1: No API Gateway found INFO! ap-southeast-1: No API Gateway found INFO! ap-southeast-2: No API Gateway found INFO! eu-central-1: No API Gateway found INFO! us-east-1: No API Gateway found INFO! us-east-2: No API Gateway found INFO! us-west-1: No API Gateway found INFO! us-west-2: No API Gateway found7.25 [extra725] Check if S3 buckets have Object-level logging enabled in CloudTrail - s3 [Medium] FAIL! eu-central-1: S3 bucket aws-athena-query-results-eu-central-1-xxxxxxxxx has Object-level logging disabled7.101 [extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled - es [Low] INFO! eu-north-1: No Amazon ES domain found INFO! ap-south-1: No Amazon ES domain found INFO! eu-west-3: No Amazon ES domain found INFO! eu-west-2: No Amazon ES domain found INFO! eu-west-1: No Amazon ES domain found INFO! ap-northeast-3: No Amazon ES domain found INFO! ap-northeast-2: No Amazon ES domain found INFO! ap-northeast-1: No Amazon ES domain found INFO! sa-east-1: No Amazon ES domain found INFO! ca-central-1: No Amazon ES domain found INFO! ap-southeast-1: No Amazon ES domain found INFO! ap-southeast-2: No Amazon ES domain found INFO! eu-central-1: No Amazon ES domain found INFO! us-east-1: No Amazon ES domain found INFO! us-east-2: No Amazon ES domain found INFO! us-west-1: No Amazon ES domain found INFO! us-west-2: No Amazon ES domain found7.94 [extra794] Ensure EKS Control Plane Audit Logging is enabled for all log types - eks [Medium] INFO! eu-north-1: No EKS clusters found INFO! ap-south-1: No EKS clusters found INFO! eu-west-3: No EKS clusters found INFO! eu-west-2: No EKS clusters found INFO! eu-west-1: No EKS clusters found INFO! ap-northeast-3: No EKS clusters found INFO! ap-northeast-2: No EKS clusters found INFO! ap-northeast-1: No EKS clusters found INFO! sa-east-1: No EKS clusters found INFO! ca-central-1: No EKS clusters found INFO! ap-southeast-1: No EKS clusters found INFO! ap-southeast-2: No EKS clusters found INFO! eu-central-1: No EKS clusters found INFO! us-east-1: No EKS clusters found INFO! us-east-2: No EKS clusters found INFO! us-west-1: No EKS clusters found INFO! us-west-2: No EKS clusters found

Conclusion

Prowler provides dozens of security configuration checks related to services such as Amazon Redshift, Amazon ElasticCache, Amazon API Gateway and Amazon CloudFront. Integrating Prowler with AWS Security Hub will provide posture information about resources not currently covered by existing Security Hub integrations or compliance standards.

Use AWS Fargate and Prowler to send security configuration findings about AWS services to Security Hub — https://aws.amazon.com/blogs/security/use-aws-fargate-prowler-send-security-configuration-findings-about-aws-services-security-hub

How to perform AWS security best practices assessments, incident response and forensics readiness with Prowler (2024)

References

Top Articles
Anything but a backpack: 40 Ideen & Erklärung
5 Best Shoe Insoles for Diabetics: Support and Comfort for Happy Feet
Forsaken Fortune mini dungeon and achievement guide
Forsaken Fortune - Guild Wars 2 Wiki (GW2W)
Happymod Minecraft 1.19
Jergens Natural Glow Expiration Date
The Best Places to Live and Work as a Moviemaker, 2024
U187760277
Whitted Funeral Chapel Shelby Obituaries
Mahana Fresh Nutrition
Coffee Manga Marry My Husband
Mwm Urban Dictionary
Dungeon: Lumbridge Swamp Caves | Sal's Realm of RuneScape
Engr 2300 Osu
Charlie Geller And Jamie Shipley Net Worth
The Equalizer 3 Showtimes Near Animas 10 - Allen Theatres
480-467-2273
World Of Warcraft Best Rp Server
TBM 930 essential guide - DAHER - PDF Catalogs | Technical Documentation
Turboprop Business Aircraft - Daher
16 Easiest Bank Accounts to Open Online [2024]: Instant Approval
Rwalker866
John Deere Z345M Parts Diagram
Leilani Dowding Twitter
Craigslist Pets Quad Cities
Division 2 Best Solo Build 2022
Le Club 77 One-Piece Swimsuit
Judge jeanine pirro hi-res stock photography and images - Alamy
35 Million Naira To Dollars
Club Alouette Condo À Vendre
Joe And Jennette Mccurdy Tmz
Aspen Mansfield Login
Ati Musculoskeletal And Neurological
Craiglist.nj
Pvz Character Creator
Mikayla Campinos Leak: The Untold Story Behind The Controversy
Free Used Kitchen Cabinets Near Me
204 Bentley Manor
Tire Shop On Goodfellow
Fareway Decorah Weekly Ad
Pro surfer Kelly Slater's sustainable clothing brand favors effortless, casual styles over tacky beachwear — here are the standout pieces we keep wearing
Weight Watchers Aarp Discount
Rwjbh Ess
Nau General Electives
Dl 1465
Theobr Com Watercooler
Gg Derrico Age
Isss Rpi
CFM vs MPH: How Do They Affect Your Leaf Blower? - The Rop Shop
Ringo Tire & Service Center in Huntsville , TX
Summit Bid List 2023
Section 343 Metlife Stadium
Craigslist Covington Georgia
Allergy Index Ct
Terry County Jail, TX Visitation Schedule
Terry County Jail - Prisonroster
Meso R5 Relic Farm
247 Tennessee Recruiting
The Clapping Song Lyrics by Belle Stars
The Meaning Behind The Song: Clapping Song by Shirley Ellis - Beat Crave
2016 Ford Escape Kbb
Bmw 533I Champagne
Cobweb Showtimes Near Marcus Twin Creek Cinema
Does Teddy Swims Have A Wife? Exploring The Life Of The Rising Star
Burke Funeral Home Devils Lake Nd
Mytime Maple Grove Hospital
Bed Friends Ep 6 Eng Sub Bilibili
Margay Kittens For Sale
Papa John's Pizza Menu and Prices
Is Crenshaw Mafia Still Active
Parent management training for conduct problems in children: Enhancing treatment to improve therapeutic change
Choosing a Parent Training Program - Child Mind Institute
Bikininita
Mednax Kronos Login
Magma Lozenge Location
1.7 G Lioh
Busted Newspaper Isabella County Mi
M@C Discount Brings Bargains to Boardman, Warren Location to Follow - Business Journal Daily | The Youngstown Publishing Company
Wichita Falls Tx Busted Newspaper
Ridgid Pro Tool Storage System
What Time Does Walmart Tire Center Close
*WATCH~ full~!!AFRAID (2024~FullMovie) Online English
Journal articles: 'American American fiction City and town life in literature' – Grafiati
Proceedings of the 31st European Paediatric Rheumatology Congress: part 2,Pediatric Rheumatology
Strange World Showtimes Near Regal Fox Run & Rpx
Rubranking.com
Tamilyogi Tamil Movie Download
Astried Lizhanda
Everyone Stops the Selfless Tortures - Chapter 183 - Helluva_Sus
Everyone Stops the Selfless Tortures - Chapter 177 - Helluva_Sus
Shawn Mcclung Obituary
Compare Foods Wilson Nc
2018 Jeep Wrangler Unlimited All New for sale - Portland, OR - craigslist
Hwy 63 Pit Stop Houston Reviews
Basketball Stars Unblocked 66 Ez
Erin Mclaughlin Eyebrow
Craigslist Groton
2007 Peterbilt 387 Fuse Box Diagram
Hobby Lobby Gift Cards At Walmart
Latest Posts
Article information

Author: Kieth Sipes

Last Updated:

Views: 6322

Rating: 4.7 / 5 (67 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Kieth Sipes

Birthday: 2001-04-14

Address: Suite 492 62479 Champlin Loop, South Catrice, MS 57271

Phone: +9663362133320

Job: District Sales Analyst

Hobby: Digital arts, Dance, Ghost hunting, Worldbuilding, Kayaking, Table tennis, 3D printing

Introduction: My name is Kieth Sipes, I am a zany, rich, courageous, powerful, faithful, jolly, excited person who loves writing and wants to share my knowledge and understanding with you.