---

Prowler

POC of Prowler + Terraform.

Codebuild module

Requirements

• Prowler
• Terraform

Setup

1. Clone the project

git clone [email protected]:dgamboaestrada/prowler-terraform-POC.git

2. Enter to the project

cd prowler-terraform-POC

3. Init terraform

terraform init

4. Create AWS resources

terraform apply

Prowler commands using docker

Display help

 docker run -ti --rm --name prowler toniblyx/prowler:latest -help

Display all the checks

 docker run -ti --rm --name prowler toniblyx/prowler:latest -l

Filtering by group

 docker run -ti --rm --name prowler toniblyx/prowler:latest -l -g glue

Where glue is the name of the group to filter.

Display all the groups

 docker run -ti --rm --name prowler toniblyx/prowler:latest -L

Run specific checks

docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY toniblyx/prowler:latest -c check73

Running more than one check.

 docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY toniblyx/prowler:latest -c extra73,extra734

Run checks on a specific region

docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY toniblyx/prowler:latest -f us-east-1 -c extra760

Saving report

The reports are saving into output folder.

Format supported text (default), mono, html, json, json-asff, junit-xml, csv.

docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --volume "$(pwd)/output":/prowler/output --volume "$(pwd)/junit-reports":/prowler/junit-reports toniblyx/prowler:latest -c extra73,extra734 -M html

They can be used combined comma separated.

docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --volume "$(pwd)/output":/prowler/output toniblyx/prowler:latest --volume "$(pwd)/junit-reports":/prowler/junit-reports -c extra73,extra734 -M html,txt,json