Skip to content

Prowler 2.9.0 - Run to the Hills
Compare
Choose a tag to compare
@jfagoagas jfagoagas released this 13 Apr 09:44
· 3837 commits to master since this release
2.9.0
432632d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

In 1982, Iron Maiden released The Number of the Beast, their third studio album and the first with Bruce Dickinson as their lead vocalist. The song Run to the Hills gives me very good memories, as the time we are living will do the same in the future. That song is one of the greatest metal songs in music history. Enjoy it as we do while releasing this new version of Prowler!
https://www.youtube.com/watch?v=86URGgqONvA

number-of-the-beast

Image copyright by Iron Maiden

Important changes in this version (read this!):

Now, if you want to use your allowlist or custom checks you can retrieve it from a S3 Bucket using -w option along with a S3 URI like s3://bucket/prefix/allowlist_sample.txt

Also, we have enriched some IAM checks to provide more information about resources when the check status is PASS.

New Features

  • New Extra Check - Detect SGs created by the EC2 Launch Wizard by @sectoramen in #1081
  • Support S3 URIs for custom checks paths by @sergargar in #1090
  • Support S3 URIs for allowlist file by @sergargar in #1090

Enhancements

  • Update example code for terraform-quickstart by @spazm in #1086
  • Replace comma from csv input info to prevent breaking csv format by @n4ch04 in #1102
  • IAM check116 and check122 now logs more detailed information with PASS results by @n4ch04 in #1107

Fixes

  • Fix(secrets_library): Verify if detect-secrets library is missing by @sergargar in #1080
  • Fix(extra729,extra740): Typo by @mourackb in #1083
  • Fix(extra736): Missing $PROFILE_OPT by @soffensive in #1084
  • Fix(extra792): TLS1.3 policies added as secure and TLS1.1/1.0 as insecure by @sergargar in #1091
  • Fix(extra7172): IllegalLocationConstraintException properly handled by @sergargar in #1093
  • Fix(extra764): NoSuchBucket error properly handled by @sergargar in #1094
  • Fix(extra764): Deleted temporary file references by @n4ch04 in #1089
  • Fix(extra7147): Handle unsupported AWS regions for Glacier by @jfagoagas in #1101
  • Fix(extra79): Typo publiccly -> publicly by @carterjones in #1106
  • Fix(extra75): Empty array check in SECURITYGROUPS object by @nealalan in #1099

New Contributors

Full Changelog: 2.8.1...2.9.0

Contributors

spazm, carterjones, and 7 other contributors
Assets 2
Loading