Workflow

Prowler

Latest version: v5.0.5

Safety actively analyzes 693883 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 13 of 31

4.5.1

What's Changed
Fixes
* fix(docker): add g++ to Dockerfile for presidio-analyzer compatibility by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5648
* fix(mutelist): set arguments while loading providers by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5673
* fix(guardduty): fix `guardduty_is_enabled_fixer` test by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5678
* fix(aws): update EKS check in compliance frameworks by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5675
Chores
* chore(aws): deprecate `glue_etl_jobs_logging_enabled` check by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5677
* chore(version): update Prowler version by sergargar in https://github.com/prowler-cloud/prowler/pull/5679

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/4.5.0...4.5.1

4.5.0

_There's a feeling that's inside me
Telling me to get away
But I'm so tired of living
I might as well end today_

**Prowler 4.5.0 - Another Life** πŸš€ has arrived, packed with a host of new AWS checks and improvements! We also invite you to enjoy this classic Iron Maiden [song](https://www.youtube.com/watch?v=qvPSf2_equ4).

A huge shout-out to our talented engineers danibarranqueroo, MarioRgzLpz, and HugoPBrito for their amazing work on developing new checks, and a warm welcome to our new engineer AdriiiPRodri!

Special thanks as well to sansns for his outstanding contributions to new Fault Tolerance checks, and to our fantastic external contributors SaintTamnoon, jonathanbro, and Nirbhay1997 for their valuable PRs πŸ₯³.

New features to highlight in this version

AWS
πŸ”’ Combat LLMJacking in AWS Bedrock
Following recent insights from [Permiso Security](https://permiso.io/blog/exploiting-hosted-models) on hijacking threats to GenAI infrastructure like AWS Bedrock, we’ve introduced five new checks in Prowler to bolster security:
1. `bedrock_model_invocation_logging_enabled`
2. `cloudtrail_threat_detection_llm_jacking`
3. `bedrock_agent_guardrail_enabled`
4. `bedrock_guardrail_prompt_attack_filter_enabled`
5. `bedrock_guardrail_sensitive_information_filter_enabled`.

These checks enhance logging, encryption, and guardrail configurations to monitor and mitigate unauthorized access, safeguarding sensitive data and helping detect emerging LLMJacking threats.

πŸ›‘οΈ New Checks to Address IAM Access Analyzer Gaps
In their latest post on [securityrunners.io](https://www.securityrunners.io/post/exposing-security-observability-gaps-in-aws), SecurityRunners identified gaps in IAM Access Analyzer's ability to detect publicly exposed resources. To close these gaps, we’ve introduced new checks: `cloudwatch_log_group_not_publicly_accessible`, `ses_identities_not_publicly_accessible`, `glue_data_catalogs_not_publicly_accessible`, and `secretsmanager_not_publicly_accessible`, helping to reliably identify and secure public resources.
πŸš€ More checks!
Prowler has significantly expanded its AWS coverage, adding 104 new checks across 42 AWS services, including popular ones like Bedrock, DMS, FSx, GuardDuty, SES and WAF, to enhance your cloud security and compliance posture.
> See all the new available checks with `prowler aws --list-checks`

1. `apigateway_restapi_cache_encrypted`
4. `apigateway_restapi_tracing_enabled`
5. `athena_workgroup_logging_enabled`
6. `autoscaling_group_capacity_rebalance_enabled`
7. `autoscaling_group_elb_health_check_enabled`
8. `autoscaling_group_launch_configuration_no_public_ip`
9. `autoscaling_group_launch_configuration_requires_imdsv2`
10. `autoscaling_group_multiple_instance_types`
11. `autoscaling_group_using_ec2_launch_template`
12. `backup_recovery_point_encrypted`
13. `bedrock_agent_guardrail_enabled`
14. `bedrock_guardrail_prompt_attack_filter_enabled`
15. `bedrock_guardrail_sensitive_information_filter_enabled`
16. `bedrock_model_invocation_logging_enabled`
17. `bedrock_model_invocation_logs_encryption_enabled`
18. `cloudfront_distributions_s3_origin_non_existent_bucket`
19. `cloudtrail_threat_detection_enumeration`
20. `cloudtrail_threat_detection_llm_jacking`
21. `cloudtrail_threat_detection_privilege_escalation`
22. `cloudwatch_alarm_actions_alarm_state_configured`
23. `cloudwatch_alarm_actions_enabled`
24. `cloudwatch_log_group_no_critical_pii_in_logs`
25. `cloudwatch_log_group_not_publicly_accessible`
26. `codebuild_project_logging_enabled`
27. `codebuild_project_no_secrets_in_variables`
28. `codebuild_project_s3_logs_encrypted`
29. `codebuild_report_group_export_encrypted`
30. `config_recorder_using_aws_service_role`
31. `datasync_task_logging_enabled`
32. `directconnect_connection_redundancy`
33. `directconnect_virtual_interface_redundancy`
34. `dms_endpoint_mongodb_authentication_enabled`
35. `dms_endpoint_neptune_iam_authorization_enabled`
36. `documentdb_cluster_multi_az_enabled`
37. `dynamodb_accelerator_cluster_multi_az`
38. `dynamodb_table_autoscaling_enabled`
39. `ecs_cluster_container_insights_enabled`
40. `ecs_service_fargate_latest_platform_version`
41. `ecs_task_definitions_logging_block_mode`
42. `ecs_task_set_no_assign_public_ip`
43. `efs_access_point_enforce_root_directory`
44. `efs_access_point_enforce_user_identity`
45. `efs_mount_target_not_publicly_accessible`
46. `eks_cluster_not_publicly_accessible`
47. `elasticbeanstalk_environment_cloudwatch_logging_enabled`
48. `elasticbeanstalk_environment_enhanced_health_reporting`
49. `elasticbeanstalk_environment_managed_updates_enabled`
50. `elb_desync_mitigation_mode`
51. `elb_ssl_listeners_use_acm_certificate`
52. `elbv2_cross_zone_load_balancing_enabled`
53. `elbv2_nlb_tls_termination_enabled`
54. `eventbridge_global_endpoint_event_replication_enabled`
55. `fsx_file_system_copy_tags_to_backups_enabled`
56. `fsx_file_system_copy_tags_to_volumes_enabled`
57. `fsx_windows_file_system_multi_az_enabled`
58. `glue_data_catalogs_not_publicly_accessible`
59. `glue_etl_jobs_logging_enabled`
60. `glue_ml_transform_encrypted_at_rest`
61. `guardduty_ec2_malware_protection_enabled`
62. `guardduty_eks_audit_log_enabled`
63. `guardduty_eks_runtime_monitoring_enabled`
64. `guardduty_lambda_protection_enabled`
65. `iam_policy_cloudshell_admin_not_attached`
66. `kafka_connector_in_transit_encryption_enabled`
67. `kinesis_stream_encrypted_at_rest`
68. `macie_automated_sensitive_data_discovery_enabled`
69. `mq_broker_active_deployment_mode`
70. `mq_broker_auto_minor_version_upgrades`
71. `mq_broker_cluster_deployment_mode`
72. `mq_broker_logging_enabled`
73. `networkfirewall_logging_enabled`
74. `networkfirewall_multi_az`
75. `networkfirewall_policy_default_action_fragmented_packets`
76. `networkfirewall_policy_default_action_full_packets`
77. `opensearch_service_domains_fault_tolerant_data_nodes`
78. `opensearch_service_domains_fault_tolerant_master_nodes`
79. `opensearch_service_domains_not_publicly_accessible`
80. `rds_cluster_protected_by_backup_plan`
81. `rds_instance_transport_encrypted`
82. `redshift_cluster_encrypted_at_rest`
83. `redshift_cluster_enhanced_vpc_routing`
84. `redshift_cluster_in_transit_encryption_enabled`
85. `redshift_cluster_multi_az_enabled`
86. `redshift_cluster_non_default_database_name`
87. `redshift_cluster_non_default_username`
88. `s3_bucket_event_notifications_enabled`
89. `s3_multi_region_access_point_public_access_block`
90. `secretsmanager_not_publicly_accessible`
91. `secretsmanager_secret_rotated_periodically`
92. `secretsmanager_secret_unused`
93. `ses_identity_not_publicly_accessible`
94. `transfer_server_in_transit_encryption_enabled`
95. `vpc_endpoint_multi_az_enabled`
96. `waf_global_rule_with_conditions`
97. `waf_global_rulegroup_not_empty`
98. `waf_global_webacl_logging_enabled`
99. `waf_global_webacl_with_rules`
100. `waf_regional_rule_with_conditions`
101. `waf_regional_rulegroup_not_empty`
102. `waf_regional_webacl_with_rules`
103. `wafv2_webacl_rule_logging_enabled`
104. `wafv2_webacl_with_rules`

Azure
πŸ’ͺ🏼 New checks for Azure Container Registry
A big thanks to johannes-engler-mw for helping expand Prowler's Azure coverage with new checks for Azure Container Registry: `containerregistry_uses_private_link` and `containerregistry_not_publicly_accessible`.
> Give them a try by scanning the Azure Container Registry with `prowler azure --service containerregistry`
GCP
πŸ”Ž Scan your GCP Organization
Now you can limit the scan to projects within a specific Google Cloud organization by using the `--organization-id` option with the GCP organization ID:
`prowler gcp --organization-id organization-id`
> See more in [our documentation](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/gcp/organization/)

OCSF

4.4.1

What's Changed
Fixes
* fix(Dockerfile): install git dependency by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5344
* fix(ecs): Adjust code to the new ARN formats in the ECS service by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5312
* fix(threat detection): ignore AWS services events by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5311
Chores
* chore(ecs): mock all tests using moto by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5333
* chore(guardduty): mock failing tests using moto by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5337
* chore(secrets): Add TelegramBotToken detector by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5328
* chore(secrets): use `master` branch of Yelp/detect-secrets by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5331
* chore(sns): manage `ResourceNotFoundException` and add paralelism by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5347


**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/4.4.0...4.4.1

4.4.0

_Alexander the Great
His name struck fear into hearts of men
Alexander the Great
Became a legend 'mongst mortal men_

**Prowler 4.4.0 - Alexander the Great** πŸš€ is here, bringing a ton of new AWS checks and fixes! We also invite you to enjoy this Iron Maiden [song](https://www.youtube.com/watch?v=TvWE30PJ1oE).

A big shout-out to our engineers danibarranqueroo, MarioRgzLpz and HugoPBrito for their fantastic work in developing new checks and to our new external contributors abant07, LefterisXefteris, h4r5h1t, Jude-Bae and johannes-engler-mw for their PRs πŸ₯³

New features to highlight in this version

AWS
πŸ” Cover IAM non existing AWS actions/resources
Prowler now covers IAM scenarios where policies could have a non existing AWS actions in the `NotAction` statement allowing ALL actions in resources (same as non existing resources in `NotResource`) like:
json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Statement1",
"Effect": "Allow",
"NotAction": "prowler:action",
"NotResource": "arn:aws:s3:::calculator"
}
]
}


> More info in LinkedIn post by Chan9390 [here](https://www.linkedin.com/posts/bnchandrapal_ciem-aws-iam-activity-7240336133505585152-FQYc?utm_source=share&utm_medium=member_desktop).

πŸ€” How to Prevent AWS AI From Using Your Data
Recently, AWS may be using your data to train its AI models, and you may have unwittingly consented to it.
The new check `organizations_opt_out_ai_services_policy` ensure that you stop feeding AWS’s AI with your data.
You can see QuinnyPig's helpful post about how to opt out [here](https://www.lastweekinaws.com/blog/how-to-stop-feeding-awss-ai-with-your-data/) or using the [AWS documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out_all.html).

πŸš€ More checks!
Prowler has expanded its AWS coverage with 74 new checks for **ACM, CloudFront, CodeBuild, DMS, DocumentDB, DynamoDB, EC2, ECS, EKS, Elasticache, ELB, ELBv2, EKS, GuardDuty, IAM, KMS, Lambda, Neptune, Network Firewall, Organizations, RDS, S3, SageMaker and VPC**.
> See all the new available checks with `prowler aws --list-checks`

1. `acm_certificates_with_secure_key_algorithms`
2. `awslambda_function_inside_vpc`
3. `awslambda_function_vpc_multi_az`
4. `cloudfront_distributions_custom_ssl_certificate`
5. `cloudfront_distributions_default_root_object`
6. `cloudfront_distributions_https_sni_enabled`
7. `cloudfront_distributions_multiple_origin_failover_configured`
8. `cloudfront_distributions_origin_traffic_encrypted`
9. `cloudfront_distributions_s3_origin_access_control`
10. `cloudfront_distributions_s3_origin_non_existent_bucket`
11. `codebuild_project_no_secrets_in_variables`
12. `codebuild_project_source_repo_url_no_sensitive_credentials`
13. `dms_endpoint_ssl_enabled`
14. `documentdb_cluster_public_snapshot`
15. `dynamodb_accelerator_cluster_in_transit_encryption_enabled`
16. `dynamodb_table_deletion_protection_enabled`
17. `dynamodb_table_protected_by_backup_plan`
18. `ec2_client_vpn_endpoint_connection_logging_enabled`
19. `ec2_ebs_volume_protected_by_backup_plan`
20. `ec2_instance_paravirtual_type`
21. `ec2_instance_uses_single_eni`
22. `ec2_launch_template_no_public_ip`
23. `ec2_networkacl_unused`
24. `ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports`
25. `ec2_transitgateway_auto_accept_vpc_attachments`
26. `ecr_repositories_tag_immutability`
27. `ecs_service_no_assign_public_ip`
28. `ecs_task_definitions_containers_readonly_access`
29. `ecs_task_definitions_host_namespace_not_shared`
30. `ecs_task_definitions_host_networking_mode_users`
31. `ecs_task_definitions_logging_enabled`
32. `ecs_task_definitions_no_privileged_containers`
33. `eks_cluster_uses_a_supported_version`
34. `elasticache_redis_cluster_automatic_failover_enabled`
35. `elasticache_redis_cluster_auto_minor_version_upgrades`
36. `elasticache_redis_replication_group_auth_enabled`
37. `elbv2_is_in_multiple_az`
38. `elb_connection_draining_enabled`
39. `elb_cross_zone_load_balancing_enabled`
40. `elb_is_in_multiple_az`
41. `guardduty_rds_protection_enabled`
42. `guardduty_s3_protection_enabled`
43. `iam_group_administrator_access_policy`
44. `iam_user_administrator_access_policy`
45. `kms_cmk_not_deleted_unintentionally`
46. `neptune_cluster_copy_tags_to_snapshots`
47. `neptune_cluster_integration_cloudwatch_logs`
48. `neptune_cluster_public_snapshot`
49. `neptune_cluster_snapshot_encrypted`
50. `networkfirewall_policy_rule_group_associated`
51. `organizations_opt_out_ai_services_policy`
52. `rds_cluster_copy_tags_to_snapshots`
53. `rds_cluster_critical_event_subscription`
54. `rds_cluster_default_admin`
55. `rds_cluster_deletion_protection`
56. `rds_cluster_iam_authentication_enabled`
57. `rds_cluster_integration_cloudwatch_logs`
58. `rds_cluster_minor_version_upgrade_enabled`
59. `rds_cluster_multi_az`
60. `rds_cluster_non_default_port`
61. `rds_cluster_storage_encrypted`
62. `rds_instance_copy_tags_to_snapshots`
63. `rds_instance_critical_event_subscription`
64. `rds_instance_event_subscription_parameter_groups`
65. `rds_instance_inside_vpc`
66. `rds_instance_non_default_port`
67. `rds_instance_protected_by_backup_plan`
68. `s3_access_point_public_access_block`
69. `s3_bucket_cross_account_access`
70. `s3_bucket_cross_region_replication`
71. `s3_bucket_lifecycle_enabled`
72. `sagemaker_endpoint_config_prod_variant_instances`
73. `vpc_endpoint_for_ec2_enabled`
74. `vpc_vpn_connection_tunnels_up`

πŸ“œ KISA ISMS-P AWS compliance framework added
Prowler now supports one of Korea’s key security compliance frameworks, the Personal Information & Information Security Management System (ISMS-P) from the Korea Internet & Security Agency (KISA) thanks to Jude-Bae !
Azure
πŸ†• Azure Container Registries now supported!
johannes-engler-mw added a new check `containerregistry_admin_user_disabled` for verifying if the admin user is disabled for Azure Container Registries.
> You can try it with `prowler azure -c containerregistry_admin_user_disabled`

**πŸ”§ Other issues and bug fixes solved for all the cloud providers**

Features
* feat(acm): Add new check for insecure algorithms in certificates by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4551
* feat(aws): Add a test_connection method by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4563
* feat(aws): add custom exceptions class by pedrooot in https://github.com/prowler-cloud/prowler/pull/4847
* feat(aws): Add new check to ensure Aurora MySQL DB Clusters publish audit logs to CloudWatch logs by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4916
* feat(aws): Add new check to ensure RDS DB clusters are encrypted at rest by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4931
* feat(aws): Add new check to ensure RDS db clusters copy tags to snapshots by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4846
* feat(aws): Add new check to ensure RDS event notification subscriptions are configured for critical cluster events by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4887
* feat(aws): Add new check to ensure RDS event notification subscriptions are configured for critical database instance events by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4891
* feat(aws): Add new check to ensure RDS event notification subscriptions are configured for critical database parameter group events by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4907
* feat(aws): Add new check to ensure RDS instances are not using default database engine ports by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4973
* feat(aws): Add new check `opensearch_service_domains_access_control_enabled ` by abant07 in https://github.com/prowler-cloud/prowler/pull/5203
* feat(aws): add new check `organizations_opt_out_ai_services_policy` by sergargar in https://github.com/prowler-cloud/prowler/pull/5152
* feat(aws): Add new CodeBuild check to validate environment variables by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4632
* feat(aws): Add new KMS check to prevent unintentional key deletion by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4595
* feat(aws): Add new Neptune check for cluster snapshot visibility by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4709
* feat(aws): Add new RDS check for deletion protection enabled on clusters by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4738
* feat(aws): Add new RDS check to ensure db clusters are configured for multiple availability zones by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4781
* feat(aws): Add new RDS check to ensure db instances are protected by a backup plan by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4879
* feat(aws): Add new RDS check to verify that cluster minor version upgrade is enabled by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4725
* feat(aws): Add new RDS check to verify that db instances copy tags to snapshots by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4806
* feat(aws): Add new S3 check for public access block configuration in access points by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4608
* feat(aws): add tags to Global Accelerator by puchy22 in https://github.com/prowler-cloud/prowler/pull/5233
* feat(aws): Split the checks that mix RDS Instances and Clusters by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4730
* feat(aws) Add check to make sure EKS clusters have a supported version by abant07 in https://github.com/prowler-cloud/prowler/pull/4604
* feat(awslambda): add new check `awslambda_function_vpc_multi_az` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4816
* feat(awslambda): New check to ensure that a function is inside VPC by puchy22 in https://github.com/prowler-cloud/prowler/pull/4783
* feat(azure): add custom exception class by pedrooot in https://github.com/prowler-cloud/prowler/pull/4871
* feat(azure): add test_connection method by pedrooot in https://github.com/prowler-cloud/prowler/pull/4615
* feat(azure containerregistry): gather service infos and checks disabled admin user by johannes-engler-mw in https://github.com/prowler-cloud/prowler/pull/5191
* feat(backup): add tags to backup vaults and backup plans by puchy22 in https://github.com/prowler-cloud/prowler/pull/5194
* feat(cloudfront): add new check `cloudfront_distributions_custom_ssl_certificate` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4959
* feat(cloudfront): Add new check `cloudfront_distributions_default_root_object` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4938
* feat(cloudfront): add new check `cloudfront_distributions_s3_origin_non_existing_bucket` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4996
* feat(cloudfront): Add new `cloudfront_distributions_s3_origin_access_control` check to ensure OAC is configured in distributions by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4939
* feat(cloudfront): add `cloudfront_distributions_origin_traffic_encrypted` check to ensure traffic encryption to custom origins by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4958
* feat(cloudfront): Ensure Cloudfront distributions have origin failover configured by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4868
* feat(cloudfront): Ensure distributions use SNI to serve HTTPS requests by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4888
* feat(codebuild): add tags support to projects by puchy22 in https://github.com/prowler-cloud/prowler/pull/5207
* feat(CodeBuild): Ensure source repository URLs do not contain sensitive credentials by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4731
* feat(compliance): add KISA ISMS-P compliance framework by Jude-Bae in https://github.com/prowler-cloud/prowler/pull/5086
* feat(compliance): add method list_compliance_requirements by pedrooot in https://github.com/prowler-cloud/prowler/pull/4890
* feat(compliance): rename Compliance class and add list_compliance by pedrooot in https://github.com/prowler-cloud/prowler/pull/4883
* feat(dms): add tags to DMS checks by puchy22 in https://github.com/prowler-cloud/prowler/pull/5209
* feat(dms): new check `dms_endpoint_ssl_enabled` by LefterisXefteris in https://github.com/prowler-cloud/prowler/pull/4968
* feat(DocumentDB): Add new DocumentDB check for cluster snapshot visibility by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4702
* feat(dynamodb): add new check `dynamodb_accelerator_cluster_in_transit_encryption_enabled` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5173
* feat(dynamodb): add new check `dynamodb_table_deletion_protection_enabled` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5148
* feat(dynamodb): add new check `dynamodb_table_protected_by_backup_plan` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5175
* feat(EC2): Add new check for security group port restrictions by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4594
* feat(ec2): Amazon EC2 Instances Should Not Use Multiple ENIs by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4935
* feat(ec2): Amazon EC2 Paravirtual Instance Types Should Not Be Used by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4922
* feat(EC2): Change service to adjust the data saved in template_data in LaunchTemplateVersion by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4848
* feat(ec2): Client VPN Endpoints Should Have Client Connection Logging Enabled by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4804
* feat(ec2): EBS Volumes Should Be Covered by a Backup Plan by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5028
* feat(ec2): Ensure automatic acceptance of VPC attachment requests is disabled by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4765
* feat(ec2): Ensure both VPN tunnels for an AWS Site-to-Site VPN connection are UP by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4948
* feat(ec2): Ensure EC2 launch templates do not assign public IPs by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4852
* feat(ec2): Ensure not default Network Access Control Lists are used by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4917
* feat(ecr): Ensure ECR repositories have tag immutability configured by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5144
* feat(ecs): add new check `ecs_task_definitions_host_networking_mode_users` by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5088
* feat(ecs): Ensure ECS containers have a logging configuration specified by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5234
* feat(ecs): Ensure ECS containers have read-only access to root filesystems by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5168
* feat(ecs): Ensure ECS containers run as non-privileged by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5214
* feat(ecs): Ensure ECS task definitions host's process namespace is not shared by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5146
* feat(ecs): Ensure public IP addresses are not assigned automatically by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5128
* feat(elasticache): add check `elasticache_redis_cluster_auth_enabled ` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4830
* feat(elasticache): Ensure Redis Cache Clusters Automatically Install Minor Updates by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4699
* feat(elasticache): Ensure Redis replication groups have automatic failover enabled by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4853
* feat(elb): add new check `elb_connection_draining_enabled` by puchy22 in https://github.com/prowler-cloud/prowler/pull/5014
* feat(elb): add new check `elb_cross_zone_load_balancing_enabled` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4818
* feat(elb): add new check `elb_is_in_multiple_az` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4829
* feat(elbv2): add new check `elbv2_is_in_multiple_az` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4800
* feat(gcp): add a `test_connection` method by sergargar in https://github.com/prowler-cloud/prowler/pull/4616
* feat(gcp): add custom exceptions clas by pedrooot in https://github.com/prowler-cloud/prowler/pull/4908
* feat(glue): add tags to Glue checks by puchy22 in https://github.com/prowler-cloud/prowler/pull/5213
* feat(guardduty): add new check `guardduty_rds_protection_enabled` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5100
* feat(guardduty): add new check `guardduty_s3_protection_enabled` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5087
* feat(html): Add number of muted findings in HTML report 4703 by abant07 in https://github.com/prowler-cloud/prowler/pull/4895
* feat(IAM): add new check `iam_group_administrator_access_policy` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4831
* feat(iam): add new check `iam_user_administrator_access_policy` by puchy22 in https://github.com/prowler-cloud/prowler/pull/4802
* feat(inspector2): Add more tests to inspector2_is_enabled check by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5150
* feat(kubernetes): add a test_connection method by sergargar in https://github.com/prowler-cloud/prowler/pull/4684
* feat(kubernetes): add custom exception class by pedrooot in https://github.com/prowler-cloud/prowler/pull/4912
* feat(neptune): add new check `neptune_cluster_copy_tags_to_snapshots` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5062
* feat(neptune): add new check `neptune_cluster_integration_cloudwatch_logs` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5048
* feat(neptune): add new check `neptune_cluster_snapshot_encrypted` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5058
* feat(networkfirewall): add new check `networkfirewall_policy_rule_group_associated` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5225
* feat(networkfirewall): change `network_firewalls` from list to dict by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5169
* feat(opensearch): Add domain inside VPC case for public domain check by puchy22 in https://github.com/prowler-cloud/prowler/pull/4570
* feat(rds): add missing tags to RDS checks by puchy22 in https://github.com/prowler-cloud/prowler/pull/5230
* feat(rds): add new check `rds_cluster_non_default_port` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5113
* feat(rds): add new check `rds_instance_inside_vpc` by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5029
* feat(s3): Add new check `s3_bucket_cross_account_access` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5082
* feat(s3): add `s3_bucket_cross_region_replication` check by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4761
* feat(s3): add `s3_bucket_lifecycle_enabled` check by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4801
* feat(sagemaker): Ensure SageMaker Endpoint Production Variants have Initial Instance Count greater than one by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5045
* feat(secrets): improve detect secrets checks and add config by pedrooot in https://github.com/prowler-cloud/prowler/pull/4915
* feat(securityhub): add tags `securityhub_enabled` by puchy22 in https://github.com/prowler-cloud/prowler/pull/5231
* feat(slack): add more information about critical findings by abant07 in https://github.com/prowler-cloud/prowler/pull/5042
* feat(threat-detection): Use IAM Identity for Cloudtrail Threat Detection instead of IP by abant07 in https://github.com/prowler-cloud/prowler/pull/5166
* feat(vpc): Ensure Amazon EC2 Is Configured to Use VPC Endpoints Created for the Amazon EC2 Service by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4872
* feat(wafv2): add tags to `wafv2_webacl_logging_enabled` by puchy22 in https://github.com/prowler-cloud/prowler/pull/5243

Fixes
* fix(accessanalyzer): refactor accessanalyzer enabled fixer test by pedrooot in https://github.com/prowler-cloud/prowler/pull/5026
* fix(acm): Change check logic to scan only in use certificates by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/4732
* fix(asff): include status extended in ASFF output by sergargar in https://github.com/prowler-cloud/prowler/pull/5097
* fix(audit): solve resources audit by sergargar in https://github.com/prowler-cloud/prowler/pull/4983
* fix(aws): always use audited partition by sergargar in https://github.com/prowler-cloud/prowler/pull/5174
* fix(aws): change check metadata ec2_securitygroup_allow_wide_open_public_ipv4 by pedrooot in https://github.com/prowler-cloud/prowler/pull/4946
* fix(aws): change `protected_by_backup_plan` checks by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/5204
* fix(aws): enchance check cloudformation_stack_outputs_find_secrets by pedrooot in https://github.com/prowler-cloud/prowler/pull/4859
* fix(aws): enhance resource arn filtering by sergargar in https://github.com/prowler-cloud/prowler/pull/4821
* fix(aws): handle AWS key-only tags by sergargar in https://github.com/prowler-cloud/prowler/pull/4845
* fix(aws): handle none type attributes by sergargar in https://github.com/prowler-cloud/prowler/pull/5216
* fix(aws): make intersection to retrieve checks to execute by pedrooot in https://github.com/prowler-cloud/prowler/pull/4970
* fix(aws): raise ArgumentTypeError for parser by pedrooot in https://github.com/prowler-cloud/prowler/pull/4921
* fix(aws): run Prowler as IAM Root or Federated User by sergargar in https://github.com/prowler-cloud/prowler/pull/4712
* fix(awslamba): add audit config to lambda_client in tests by pedrooot in https://github.com/prowler-cloud/prowler/pull/4999
* fix(backport): Workaround not to fail if no backport is needed by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4707
* fix(cloudfront): duplicated link in `cloudfront_distributions_https_sni_enabled` check by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5047
* fix(ec2): Manage `UnicodeDecodeError` when reading user data by puchy22 in https://github.com/prowler-cloud/prowler/pull/4785
* fix(ecr): change log level of non-scanned images by sergargar in https://github.com/prowler-cloud/prowler/pull/4747
* fix(ecr): handle non-existing findingSeverityCounts key by sergargar in https://github.com/prowler-cloud/prowler/pull/4746
* fix(elasticache): get correct automatic failover attribute by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/5084
* fix(gcp): add default project for org level checks by sergargar in https://github.com/prowler-cloud/prowler/pull/5003
* fix(gcp): check cloudsql sslMode by pedrooot in https://github.com/prowler-cloud/prowler/pull/4635
* fix(gcp): check next rotation time in KMS keys by pedrooot in https://github.com/prowler-cloud/prowler/pull/4633
* fix(gcp): solve errors in GCP services by sergargar in https://github.com/prowler-cloud/prowler/pull/5016
* fix(gcp): use KMS key id in checks by sergargar in https://github.com/prowler-cloud/prowler/pull/4610
* fix(iam): fill resource id with inline policy entity by pedrooot in https://github.com/prowler-cloud/prowler/pull/5120
* fix(iam): handle no arn serial numbers for MFA devices by pedrooot in https://github.com/prowler-cloud/prowler/pull/4697
* fix(iam): update logic of Root Hardware MFA check by sergargar in https://github.com/prowler-cloud/prowler/pull/4726
* fix(iam-gcp): add getters in iam_service for gcp by pedrooot in https://github.com/prowler-cloud/prowler/pull/4998
* fix(inspector2): Ensure Inspector2 is enabled for ECR, EC2, Lambda and Lambda Code by MarioRgzLpz in https://github.com/prowler-cloud/prowler/pull/5061
* fix(lightsail): Remove second call to `is_resource_filtered` by h4r5h1t in https://github.com/prowler-cloud/prowler/pull/5044
* fix(main): logic for resource_tag and resource_arn usage by pedrooot in https://github.com/prowler-cloud/prowler/pull/4979
* fix(metadata): change description from documentdb_cluster_deletion_protection by pedrooot in https://github.com/prowler-cloud/prowler/pull/4909
* fix(mutelist): change logic for tags in aws mutelist by pedrooot in https://github.com/prowler-cloud/prowler/pull/4786
* fix(outputs): refactor unroll_tags to use str as tags by pedrooot in https://github.com/prowler-cloud/prowler/pull/4817
* fix(rds): add comprobations before list tags by puchy22 in https://github.com/prowler-cloud/prowler/pull/5249
* fix(rds): get the db_instances values by pedrooot in https://github.com/prowler-cloud/prowler/pull/4866
* fix(rds): handle new rds arn template function syntax by sergargar in https://github.com/prowler-cloud/prowler/pull/4980
* fix(rds): Modify RDS Event Notification Subscriptions for Security Groups Events check by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4969
* fix(scan_test): change resource_tags to a dict by pedrooot in https://github.com/prowler-cloud/prowler/pull/4631
* fix(security-groups): remove RFC1918 from ec2_securitygroup_allow_wide_open_public_ipv4 by pedrooot in https://github.com/prowler-cloud/prowler/pull/4951
* fix(sns): add condition to sns topics by pedrooot in https://github.com/prowler-cloud/prowler/pull/4498
* fix(tags): handle AWS dictionary type tags by sergargar in https://github.com/prowler-cloud/prowler/pull/4656
* fix(tests): patch `head_bucket` function correctly by sergargar in https://github.com/prowler-cloud/prowler/pull/5246
* fix(version): update version flag logic by sergargar in https://github.com/prowler-cloud/prowler/pull/4688
* fix(vpc): check all routes tables in subnet by sergargar in https://github.com/prowler-cloud/prowler/pull/5081
* fix: handle empty input regions by sergargar in https://github.com/prowler-cloud/prowler/pull/4841

Chores
* chore(actions): Run for v4.* branch by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4682
* chore(autoscaling): deprecate check `autoscaling_find_secrets_ec2_launch_configuration` by puchy22 in https://github.com/prowler-cloud/prowler/pull/5205
* chore(aws): add mixed regions test for `s3_access_point_public_access_block` by LefterisXefteris in https://github.com/prowler-cloud/prowler/pull/4877
* chore(aws): Change RDS instance type from list to dict by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4851
* chore(aws): Convert ELB and ELBv2 attributes to dictionaries by puchy22 in https://github.com/prowler-cloud/prowler/pull/4575
* chore(aws): handle NotAction cases in IAM policies by sergargar in https://github.com/prowler-cloud/prowler/pull/5035
* chore(aws): improve IAM Resource Policy public logic by sergargar in https://github.com/prowler-cloud/prowler/pull/5067
* chore(AWS): match all AWS resource types with SecurityHub supported types in metadata by puchy22 in https://github.com/prowler-cloud/prowler/pull/4882
* chore(aws): Remove token from log line by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4903
* chore(aws-region): Use Prowler Bot by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4863
* chore(awslambda): Enhance function public access check called from other resource by puchy22 in https://github.com/prowler-cloud/prowler/pull/4679
* chore(aws_mutelist): Add more Control Tower resources and tests by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4900
* chore(azure): Fix CIS 2.1 mapping by puchy22 in https://github.com/prowler-cloud/prowler/pull/4760
* chore(backport): Automate all the things! by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4669
* chore(backport): update backport PR title by sergargar in https://github.com/prowler-cloud/prowler/pull/4686
* chore(backport): Use Prowler-Bot PAT by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4855
* chore(bot): Use bot Token by jfagoagas in https://github.com/prowler-cloud/prowler/pull/5163
* chore(check_metadata): Rename to CheckMetadata by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4864
* chore(cloudtrail): add remediation link to check `cloudtrail_s3_dataevents_read_enabled` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4764
* chore(cloudtrail): add remediation link to check `cloudtrail_s3_dataevents_write_enabled` by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4762
* chore(dependencies): update boto3 and botocore packages by sergargar in https://github.com/prowler-cloud/prowler/pull/4976
* chore(deps): bump aiohttp from 3.9.5 to 3.10.2 by dependabot in https://github.com/prowler-cloud/prowler/pull/4713
* chore(deps): bump azure-identity from 1.17.1 to 1.18.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5108
* chore(deps): bump azure-mgmt-compute from 32.0.0 to 33.0.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/4856
* chore(deps): bump azure-mgmt-containerservice from 31.0.0 to 32.0.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5036
* chore(deps): bump azure-mgmt-cosmosdb from 9.5.1 to 9.6.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5111
* chore(deps): bump azure-mgmt-network from 26.0.0 to 27.0.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5201
* chore(deps): bump azure-mgmt-web from 7.3.0 to 7.3.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/4813
* chore(deps): bump azure-storage-blob from 12.23.0 to 12.23.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/5240
* chore(deps): bump boto3 from 1.35.26 to 1.35.28 by dependabot in https://github.com/prowler-cloud/prowler/pull/5232
* chore(deps): bump botocore from 1.35.28 to 1.35.29 by dependabot in https://github.com/prowler-cloud/prowler/pull/5239
* chore(deps): bump cryptography from 43.0.0 to 43.0.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/4923
* chore(deps): bump cryptography from 43.0.0 to 43.0.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/4928
* chore(deps): bump dash from 2.17.1 to 2.18.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/4932
* chore(deps): bump dash from 2.18.0 to 2.18.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/5024
* chore(deps): bump google-api-python-client from 2.146.0 to 2.147.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5185
* chore(deps): bump kubernetes from 30.1.0 to 31.0.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5137
* chore(deps): bump msgraph-sdk from 1.7.0 to 1.8.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/5110
* chore(deps): bump numpy from 2.0.1 to 2.0.2 by dependabot in https://github.com/prowler-cloud/prowler/pull/4869
* chore(deps): bump pandas from 2.2.2 to 2.2.3 by dependabot in https://github.com/prowler-cloud/prowler/pull/5139
* chore(deps): bump peter-evans/create-pull-request from 6 to 7 by dependabot in https://github.com/prowler-cloud/prowler/pull/4926
* chore(deps): bump pytz from 2024.1 to 2024.2 by dependabot in https://github.com/prowler-cloud/prowler/pull/5012
* chore(deps): bump slack-sdk from 3.33.0 to 3.33.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/5107
* chore(deps): bump tj-actions/changed-files from 44 to 45 by dependabot in https://github.com/prowler-cloud/prowler/pull/4822
* chore(deps): bump trufflesecurity/trufflehog from 3.82.5 to 3.82.6 by dependabot in https://github.com/prowler-cloud/prowler/pull/5222
* chore(deps): update docs dependencies by sergargar in https://github.com/prowler-cloud/prowler/pull/5098
* chore(deps-dev): bump bandit from 1.7.9 to 1.7.10 by dependabot in https://github.com/prowler-cloud/prowler/pull/5157
* chore(deps-dev): bump black from 24.4.2 to 24.8.0 by dependabot in https://github.com/prowler-cloud/prowler/pull/4627
* chore(deps-dev): bump coverage from 7.6.0 to 7.6.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/4640
* chore(deps-dev): bump flake8 from 7.1.0 to 7.1.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/4643
* chore(deps-dev): bump mkdocs-git-revision-date-localized-plugin from 1.2.8 to 1.2.9 by dependabot in https://github.com/prowler-cloud/prowler/pull/5023
* chore(deps-dev): bump mkdocs-material from 9.5.36 to 9.5.38 by dependabot in https://github.com/prowler-cloud/prowler/pull/5206
* chore(deps-dev): bump moto from 5.0.14 to 5.0.15 by dependabot in https://github.com/prowler-cloud/prowler/pull/5158
* chore(deps-dev): bump pylint from 3.3.0 to 3.3.1 by dependabot in https://github.com/prowler-cloud/prowler/pull/5187
* chore(deps-dev): bump pytest-env from 1.1.4 to 1.1.5 by dependabot in https://github.com/prowler-cloud/prowler/pull/5090
* chore(deps-dev): bump pytest from 8.3.2 to 8.3.3 by dependabot in https://github.com/prowler-cloud/prowler/pull/4991
* chore(deps-dev): bump safety from 3.2.7 to 3.2.8 by dependabot in https://github.com/prowler-cloud/prowler/pull/5238
* chore(deps-dev): bump vulture from 2.11 to 2.12 by dependabot in https://github.com/prowler-cloud/prowler/pull/5071
* chore(docs): change ResourceType link of Security Hub by sergargar in https://github.com/prowler-cloud/prowler/pull/5063
* chore(ec2): add tags to report of EC2 launch templates by puchy22 in https://github.com/prowler-cloud/prowler/pull/5210
* chore(ec2): Change security groups to dict by puchy22 in https://github.com/prowler-cloud/prowler/pull/4700
* chore(elbv2): add SecurityHub link to `elbv2_desync_mitigation_mode` metadata by puchy22 in https://github.com/prowler-cloud/prowler/pull/4791
* chore(elbv2): Add SecurityHub link to `elbv2_ssl_listeners` metadata by puchy22 in https://github.com/prowler-cloud/prowler/pull/4787
* chore(labeler): Run also for v4.* by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4687
* chore(organizations): improve AWS Organizations service by sergargar in https://github.com/prowler-cloud/prowler/pull/5151
* chore(prowler): change all methods from services from format double underscore to single underscore by puchy22 in https://github.com/prowler-cloud/prowler/pull/4910
* chore(pull-request): add check for backport by pedrooot in https://github.com/prowler-cloud/prowler/pull/4901
* chore(rds): Revert changes on inherited instance checks by danibarranqueroo in https://github.com/prowler-cloud/prowler/pull/4827
* chore(README): update checks summary table by puchy22 in https://github.com/prowler-cloud/prowler/pull/5119
* chore(readme): Update Slack invite link by toniblyx in https://github.com/prowler-cloud/prowler/pull/4875
* chore(README): update summary table by sergargar in https://github.com/prowler-cloud/prowler/pull/4984
* chore(README): update summary table by sergargar in https://github.com/prowler-cloud/prowler/pull/5248
* chore(readme): Update the number of AWS checks by puchy22 in https://github.com/prowler-cloud/prowler/pull/4860
* chore(refactor): make Provider generation global by sergargar in https://github.com/prowler-cloud/prowler/pull/4961
* chore(regions): Update labels for backporting by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4678
* chore(regions_update): Changes in regions for AWS services by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5224
* chore(release): Remove unused step by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4874
* chore(scan-class): add new scan class by pedrooot in https://github.com/prowler-cloud/prowler/pull/4564
* chore(ssm): add tags to `ssm_managed_compliant_patching` by puchy22 in https://github.com/prowler-cloud/prowler/pull/5245
* chore(ssm): add trusted accounts variable to ssm check by sergargar in https://github.com/prowler-cloud/prowler/pull/5005
* chore(test): improve `iam_root_hardware_mfa_enabled` tests by sergargar in https://github.com/prowler-cloud/prowler/pull/4833
* chore(version): update master version by sergargar in https://github.com/prowler-cloud/prowler/pull/4681
* chore(version): update version logic in Prowler by sergargar in https://github.com/prowler-cloud/prowler/pull/4654
* chore: change SaaS for Prowler by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4651
* chore: remove not used variable by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4873
* docs(check): change where extract ResourceTypes by puchy22 in https://github.com/prowler-cloud/prowler/pull/5030
* docs(dev-guide): refer poetry docs for installation by puchy22 in https://github.com/prowler-cloud/prowler/pull/5031
* docs(developer-guide): add info about docstrings by pedrooot in https://github.com/prowler-cloud/prowler/pull/4701
* docs(fixers): improve docs about fixers by pedrooot in https://github.com/prowler-cloud/prowler/pull/4889
* docs(is_item_matched): update docstrings for method by pedrooot in https://github.com/prowler-cloud/prowler/pull/4836
* docs(mutelist): Add service_* documentation by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4650
* docs(Tutorials): include volume option when running dashboard in docker by thejaywhy in https://github.com/prowler-cloud/prowler/pull/4620
* docs: change installation methods by puchy22 in https://github.com/prowler-cloud/prowler/pull/5192
* refactor(aws): Refactor provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/4808
* refactor(azure): refactor azure provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/4653
* refactor(azure): remove validate_arguments for CLI by pedrooot in https://github.com/prowler-cloud/prowler/pull/4985
* refactor(check_metadata): move bulk_load_checks_metadata inside class by pedrooot in https://github.com/prowler-cloud/prowler/pull/4934
* refactor(cloudfront): replace origins dictionary with custom Origin class by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4981
* refactor(execute_check): refactor execute method by pedrooot in https://github.com/prowler-cloud/prowler/pull/4975
* refactor(gcp): refactor GCP provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/4790
* refactor(kubernetes): refactor Kubernetes provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/4805
* refactor(mutelist): Remove re.match and improve docs by jfagoagas in https://github.com/prowler-cloud/prowler/pull/4637
* refactor(output_options): remove output options from provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/5149
* refactor(provider): move audit and fixer config inside the provider by pedrooot in https://github.com/prowler-cloud/prowler/pull/4960
* refactor(s3): Changed buckets variable type form list to dict by HugoPBrito in https://github.com/prowler-cloud/prowler/pull/4742
* refactor(tags): convert tags to a dictionary by sergargar in https://github.com/prowler-cloud/prowler/pull/4598
* test(awslambda): Cover possible checks with moto instead MagicMock by puchy22 in https://github.com/prowler-cloud/prowler/pull/4609

New Contributors
* thejaywhy made their first contribution in https://github.com/prowler-cloud/prowler/pull/4620
* abant07 made their first contribution in https://github.com/prowler-cloud/prowler/pull/4604
* MarioRgzLpz made their first contribution in https://github.com/prowler-cloud/prowler/pull/4551
* LefterisXefteris made their first contribution in https://github.com/prowler-cloud/prowler/pull/4877
* h4r5h1t made their first contribution in https://github.com/prowler-cloud/prowler/pull/5044
* Jude-Bae made their first contribution in https://github.com/prowler-cloud/prowler/pull/5086
* johannes-engler-mw made their first contribution in https://github.com/prowler-cloud/prowler/pull/5191

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/4.3.7...4.4.0

4.3.7

What's Changed
Fixes
* fix(action): solve pypi-release action by sergargar in https://github.com/prowler-cloud/prowler/pull/5134
* fix(regions): show all for empty regions by pedrooot in https://github.com/prowler-cloud/prowler/pull/5143
* fix(iam): fill resource id with inline policy entity by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5147


**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/4.3.6...4.3.7

4.3.6

What's Changed
Fixes
* fix(asff): include status extended in ASFF output by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5116
* fix(audit): solve resources audit by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4988
* fix(aws): change check metadata ec2_securitygroup_allow_wide_open_public_ipv4 by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4950
* fix(aws): enchance check cloudformation_stack_outputs_find_secrets by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4862
* fix(aws): handle AWS key-only tags by github-actions in https://github.com/prowler-cloud/prowler/pull/4854
* fix(aws): make intersection to retrieve checks to execute by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4974
* fix(gcp): solve errors in GCP services by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5124
* fix(gcp): add default project for org level checks by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5132
* fix(iam-gcp): add getters in iam_service for gcp by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5001
* fix(lightsail): Remove second call to `is_resource_filtered` by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5125
* fix(main): logic for resource_tag and resource_arn usage by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4982
* fix(metadata): change description from documentdb_cluster_deletion_protection by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4913
* fix(rds): Modify RDS Event Notification Subscriptions for Security Groups Events check by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4977
* fix(security-groups): remove RFC1918 from ec2_securitygroup_allow_wide_open_public_ipv4 by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4953
* fix(vpc): check all routes tables in subnet by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5122
Chores
* chore(aws): Remove token from log line by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4905
* chore(aws_mutelist): Add more Control Tower resources and tests by prowler-bot in https://github.com/prowler-cloud/prowler/pull/4902
* chore(ssm): add trusted accounts variable to ssm check by prowler-bot in https://github.com/prowler-cloud/prowler/pull/5118

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/4.3.5...4.3.6

Page 13 of 31

Links

Releases

Has known vulnerabilities

Previous Next

Β© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.