prowler-cloud 5.12.0__py3-none-any.whl → 5.12.2__py3-none-any.whl

prowler/CHANGELOG.md

@@ -1,6 +1,14 @@
 # Prowler SDK Changelog
 
 All notable changes to the **Prowler SDK** are documented in this file.
+
+## [v5.12.1] (Prowler v5.12.1)
+
+### Fixed
+- Replaced old check id with new ones for compliance files [(#8682)](https://github.com/prowler-cloud/prowler/pull/8682)
+- `firehose_stream_encrypted_at_rest` check false positives and new api call in kafka service [(#8599)](https://github.com/prowler-cloud/prowler/pull/8599)
+- Replace defender rules policies key to use old name [(#8702)](https://github.com/prowler-cloud/prowler/pull/8702)
+
 ## [v5.12.0] (Prowler v5.12.0)
 
 ### Added

prowler/compliance/aws/aws_foundational_technical_review_aws.json

@@ -364,8 +364,8 @@
         "ec2_ami_public",
         "ec2_instance_public_ip",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json

@@ -721,8 +721,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/compliance/aws/iso27001_2022_aws.json

@@ -1510,8 +1510,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1604,8 +1604,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1698,8 +1698,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/compliance/aws/kisa_isms_p_2023_aws.json

@@ -1558,8 +1558,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1682,7 +1682,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601",
@@ -1814,7 +1814,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306",
@@ -1917,7 +1917,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23",
@@ -3024,8 +3024,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -4588,4 +4588,4 @@
       ]
     }
   ]
-}
+}

prowler/compliance/aws/kisa_isms_p_2023_korean_aws.json

@@ -1557,8 +1557,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1682,7 +1682,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601",
@@ -1816,7 +1816,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306",
@@ -1919,7 +1919,7 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23",
@@ -3028,8 +3028,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -4603,4 +4603,4 @@
       ]
     }
   ]
-}
+}

prowler/compliance/aws/mitre_attack_aws.json

@@ -107,8 +107,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1024,8 +1024,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1470,8 +1470,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1650,8 +1650,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
@@ -1902,8 +1902,8 @@
         "ec2_networkacl_allow_ingress_tcp_port_22",
         "ec2_networkacl_allow_ingress_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/compliance/aws/prowler_threatscore_aws.json

@@ -553,8 +553,8 @@
       "Description": "Ensure that ec2 security groups do not allow ingress from internet to common ports",
       "Checks": [
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/compliance/aws/rbi_cyber_security_framework_aws.json

@@ -66,7 +66,7 @@
         "elbv2_ssl_listeners",
         "ssm_documents_set_as_public",
         "vpc_subnet_no_public_ip_by_default",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mysql_3306",
         "s3_account_level_public_access_blocks"

prowler/compliance/aws/soc2_aws.json

@@ -253,8 +253,8 @@
         "ec2_securitygroup_allow_ingress_from_internet_to_all_ports",
         "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
         "ec2_securitygroup_allow_ingress_from_internet_to_high_risk_tcp_ports",
-        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
-        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_ftp_20_21",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
         "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",

prowler/config/config.py

@@ -12,7 +12,7 @@ from prowler.lib.logger import logger
 
 timestamp = datetime.today()
 timestamp_utc = datetime.now(timezone.utc).replace(tzinfo=timezone.utc)
-prowler_version = "5.12.0"
+prowler_version = "5.12.2"
 html_logo_url = "https://github.com/prowler-cloud/prowler/"
 square_logo_img = "https://prowler.com/wp-content/uploads/logo-html.png"
 aws_logo = "https://user-images.githubusercontent.com/38561120/235953920-3e3fba08-0795-41dc-b480-9bea57db9f2e.png"

prowler/providers/aws/services/firehose/firehose_stream_encrypted_at_rest/firehose_stream_encrypted_at_rest.py

@@ -3,6 +3,7 @@ from typing import List
 from prowler.lib.check.models import Check, Check_Report_AWS
 from prowler.providers.aws.services.firehose.firehose_client import firehose_client
 from prowler.providers.aws.services.firehose.firehose_service import EncryptionStatus
+from prowler.providers.aws.services.kafka.kafka_client import kafka_client
 from prowler.providers.aws.services.kinesis.kinesis_client import kinesis_client
 from prowler.providers.aws.services.kinesis.kinesis_service import EncryptionType
 
@@ -37,7 +38,28 @@ class firehose_stream_encrypted_at_rest(Check):
                         report.status = "PASS"
                         report.status_extended = f"Firehose Stream {stream.name} does not have at rest encryption enabled but the source stream {source_stream.name} has at rest encryption enabled."
 
-            # Check if the stream has encryption enabled directly
+            # MSK source - check if the MSK cluster has encryption at rest with CMK
+            elif stream.delivery_stream_type == "MSKAsSource":
+                msk_cluster_arn = stream.source.msk.msk_cluster_arn
+                if msk_cluster_arn:
+                    msk_cluster = None
+                    for cluster in kafka_client.clusters.values():
+                        if cluster.arn == msk_cluster_arn:
+                            msk_cluster = cluster
+                            break
+
+                    if msk_cluster:
+                        # All MSK clusters (both provisioned and serverless) always have encryption at rest enabled by AWS
+                        # AWS MSK always encrypts data at rest - either with AWS managed keys or CMK
+                        report.status = "PASS"
+                        if msk_cluster.kafka_version == "SERVERLESS":
+                            report.status_extended = f"Firehose Stream {stream.name} uses MSK serverless source which always has encryption at rest enabled by default."
+                        else:
+                            report.status_extended = f"Firehose Stream {stream.name} uses MSK provisioned source which always has encryption at rest enabled by AWS (either with AWS managed keys or CMK)."
+                    else:
+                        report.status_extended = f"Firehose Stream {stream.name} uses MSK source which always has encryption at rest enabled by AWS."
+
+            # Check if the stream has encryption enabled directly (DirectPut or DatabaseAsSource cases)
             elif stream.kms_encryption == EncryptionStatus.ENABLED:
                 report.status = "PASS"
                 report.status_extended = f"Firehose Stream {stream.name} does have at rest encryption enabled."

prowler/providers/aws/services/kafka/kafka_cluster_encryption_at_rest_uses_cmk/kafka_cluster_encryption_at_rest_uses_cmk.py

@@ -12,7 +12,12 @@ class kafka_cluster_encryption_at_rest_uses_cmk(Check):
             report.status = "FAIL"
             report.status_extended = f"Kafka cluster '{cluster.name}' does not have encryption at rest enabled with a CMK."
 
-            if any(
+            # Serverless clusters always have encryption at rest enabled by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and always has encryption at rest enabled by default."
+            # For provisioned clusters, check if they use a customer managed KMS key
+            elif any(
                 (
                     cluster.data_volume_kms_key_id == key.arn
                     and getattr(key, "manager", "") == "CUSTOMER"

prowler/providers/aws/services/kafka/kafka_cluster_enhanced_monitoring_enabled/kafka_cluster_enhanced_monitoring_enabled.py

@@ -13,7 +13,12 @@ class kafka_cluster_enhanced_monitoring_enabled(Check):
                 f"Kafka cluster '{cluster.name}' has enhanced monitoring enabled."
             )
 
-            if cluster.enhanced_monitoring == "DEFAULT":
+            # Serverless clusters always have enhanced monitoring enabled by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and always has enhanced monitoring enabled by default."
+            # For provisioned clusters, check the enhanced monitoring configuration
+            elif cluster.enhanced_monitoring == "DEFAULT":
                 report.status = "FAIL"
                 report.status_extended = f"Kafka cluster '{cluster.name}' does not have enhanced monitoring enabled."
 

prowler/providers/aws/services/kafka/kafka_cluster_in_transit_encryption_enabled/kafka_cluster_in_transit_encryption_enabled.py

@@ -11,7 +11,12 @@ class kafka_cluster_in_transit_encryption_enabled(Check):
             report.status = "FAIL"
             report.status_extended = f"Kafka cluster '{cluster.name}' does not have encryption in transit enabled."
 
-            if (
+            # Serverless clusters always have encryption in transit enabled by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and always has encryption in transit enabled by default."
+            # For provisioned clusters, check the encryption configuration
+            elif (
                 cluster.encryption_in_transit.client_broker == "TLS"
                 and cluster.encryption_in_transit.in_cluster
             ):

prowler/providers/aws/services/kafka/kafka_cluster_is_public/kafka_cluster_is_public.py

@@ -13,7 +13,12 @@ class kafka_cluster_is_public(Check):
                 f"Kafka cluster {cluster.name} is publicly accessible."
             )
 
-            if not cluster.public_access:
+            # Serverless clusters are always private by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster {cluster.name} is serverless and always private by default."
+            # For provisioned clusters, check the public access configuration
+            elif not cluster.public_access:
                 report.status = "PASS"
                 report.status_extended = (
                     f"Kafka cluster {cluster.name} is not publicly accessible."

prowler/providers/aws/services/kafka/kafka_cluster_mutual_tls_authentication_enabled/kafka_cluster_mutual_tls_authentication_enabled.py

@@ -11,7 +11,12 @@ class kafka_cluster_mutual_tls_authentication_enabled(Check):
             report.status = "FAIL"
             report.status_extended = f"Kafka cluster '{cluster.name}' does not have mutual TLS authentication enabled."
 
-            if cluster.tls_authentication:
+            # Serverless clusters always have TLS authentication enabled by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and always has TLS authentication enabled by default."
+            # For provisioned clusters, check the TLS configuration
+            elif cluster.tls_authentication:
                 report.status = "PASS"
                 report.status_extended = f"Kafka cluster '{cluster.name}' has mutual TLS authentication enabled."
 

prowler/providers/aws/services/kafka/kafka_cluster_unrestricted_access_disabled/kafka_cluster_unrestricted_access_disabled.py

@@ -13,7 +13,12 @@ class kafka_cluster_unrestricted_access_disabled(Check):
                 f"Kafka cluster '{cluster.name}' has unrestricted access enabled."
             )
 
-            if not cluster.unauthentication_access:
+            # Serverless clusters always require authentication by default
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and always requires authentication by default."
+            # For provisioned clusters, check the unauthenticated access configuration
+            elif not cluster.unauthentication_access:
                 report.status = "PASS"
                 report.status_extended = f"Kafka cluster '{cluster.name}' does not have unrestricted access enabled."
 

prowler/providers/aws/services/kafka/kafka_cluster_uses_latest_version/kafka_cluster_uses_latest_version.py

@@ -13,7 +13,12 @@ class kafka_cluster_uses_latest_version(Check):
                 f"Kafka cluster '{cluster.name}' is using the latest version."
             )
 
-            if cluster.kafka_version != kafka_client.kafka_versions[-1].version:
+            # Serverless clusters don't have specific Kafka versions - AWS manages them automatically
+            if cluster.kafka_version == "SERVERLESS":
+                report.status = "PASS"
+                report.status_extended = f"Kafka cluster '{cluster.name}' is serverless and AWS automatically manages the Kafka version."
+            # For provisioned clusters, check if they're using the latest version
+            elif cluster.kafka_version != kafka_client.kafka_versions[-1].version:
                 report.status = "FAIL"
                 report.status_extended = (
                     f"Kafka cluster '{cluster.name}' is not using the latest version."

prowler/providers/aws/services/kafka/kafka_service.py

@@ -15,61 +15,133 @@ class Kafka(AWSService):
         self.__threading_call__(self._list_kafka_versions)
 
     def _list_clusters(self, regional_client):
+        logger.info(f"Kafka - Listing clusters in region {regional_client.region}...")
         try:
-            cluster_paginator = regional_client.get_paginator("list_clusters")
+            # Use list_clusters_v2 to support both provisioned and serverless clusters
+            cluster_paginator = regional_client.get_paginator("list_clusters_v2")
+            logger.info(
+                f"Kafka - Paginator created for region {regional_client.region}"
+            )
 
             for page in cluster_paginator.paginate():
+                logger.info(
+                    f"Kafka - Processing page with {len(page.get('ClusterInfoList', []))} clusters in region {regional_client.region}"
+                )
                 for cluster in page["ClusterInfoList"]:
+                    logger.info(
+                        f"Kafka - Found cluster: {cluster.get('ClusterName', 'Unknown')} in region {regional_client.region}"
+                    )
                     arn = cluster.get(
                         "ClusterArn",
                         f"{self.account_arn_template}/{cluster.get('ClusterName', '')}",
                     )
+                    cluster_type = cluster.get("ClusterType", "UNKNOWN")
 
                     if not self.audit_resources or is_resource_filtered(
                         arn, self.audit_resources
                     ):
-                        self.clusters[cluster.get("ClusterArn", "")] = Cluster(
-                            id=arn.split(":")[-1].split("/")[-1],
-                            name=cluster.get("ClusterName", ""),
-                            arn=arn,
-                            region=regional_client.region,
-                            tags=list(cluster.get("Tags", {})),
-                            state=cluster.get("State", ""),
-                            kafka_version=cluster.get(
-                                "CurrentBrokerSoftwareInfo", {}
-                            ).get("KafkaVersion", ""),
-                            data_volume_kms_key_id=cluster.get("EncryptionInfo", {})
-                            .get("EncryptionAtRest", {})
-                            .get("DataVolumeKMSKeyId", ""),
-                            encryption_in_transit=EncryptionInTransit(
-                                client_broker=cluster.get("EncryptionInfo", {})
-                                .get("EncryptionInTransit", {})
-                                .get("ClientBroker", "PLAINTEXT"),
-                                in_cluster=cluster.get("EncryptionInfo", {})
-                                .get("EncryptionInTransit", {})
-                                .get("InCluster", False),
-                            ),
-                            tls_authentication=cluster.get("ClientAuthentication", {})
-                            .get("Tls", {})
-                            .get("Enabled", False),
-                            public_access=cluster.get("BrokerNodeGroupInfo", {})
-                            .get("ConnectivityInfo", {})
-                            .get("PublicAccess", {})
-                            .get("Type", "SERVICE_PROVIDED_EIPS")
-                            != "DISABLED",
-                            unauthentication_access=cluster.get(
-                                "ClientAuthentication", {}
+                        # Handle provisioned clusters
+                        if cluster_type == "PROVISIONED" and "Provisioned" in cluster:
+                            provisioned = cluster["Provisioned"]
+                            self.clusters[cluster.get("ClusterArn", "")] = Cluster(
+                                id=arn.split(":")[-1].split("/")[-1],
+                                name=cluster.get("ClusterName", ""),
+                                arn=arn,
+                                region=regional_client.region,
+                                tags=(
+                                    list(cluster.get("Tags", {}).values())
+                                    if cluster.get("Tags")
+                                    else []
+                                ),
+                                state=cluster.get("State", ""),
+                                kafka_version=provisioned.get(
+                                    "CurrentBrokerSoftwareInfo", {}
+                                ).get("KafkaVersion", ""),
+                                data_volume_kms_key_id=provisioned.get(
+                                    "EncryptionInfo", {}
+                                )
+                                .get("EncryptionAtRest", {})
+                                .get("DataVolumeKMSKeyId", ""),
+                                encryption_in_transit=EncryptionInTransit(
+                                    client_broker=provisioned.get("EncryptionInfo", {})
+                                    .get("EncryptionInTransit", {})
+                                    .get("ClientBroker", "PLAINTEXT"),
+                                    in_cluster=provisioned.get("EncryptionInfo", {})
+                                    .get("EncryptionInTransit", {})
+                                    .get("InCluster", False),
+                                ),
+                                tls_authentication=provisioned.get(
+                                    "ClientAuthentication", {}
+                                )
+                                .get("Tls", {})
+                                .get("Enabled", False),
+                                public_access=provisioned.get("BrokerNodeGroupInfo", {})
+                                .get("ConnectivityInfo", {})
+                                .get("PublicAccess", {})
+                                .get("Type", "SERVICE_PROVIDED_EIPS")
+                                != "DISABLED",
+                                unauthentication_access=provisioned.get(
+                                    "ClientAuthentication", {}
+                                )
+                                .get("Unauthenticated", {})
+                                .get("Enabled", False),
+                                enhanced_monitoring=provisioned.get(
+                                    "EnhancedMonitoring", "DEFAULT"
+                                ),
+                            )
+                            logger.info(
+                                f"Kafka - Added provisioned cluster {cluster.get('ClusterName', 'Unknown')} to clusters dict"
+                            )
+
+                        # Handle serverless clusters
+                        elif cluster_type == "SERVERLESS" and "Serverless" in cluster:
+                            # For serverless clusters, encryption is always enabled by default
+                            # We'll create a Cluster object with default encryption values
+                            self.clusters[cluster.get("ClusterArn", "")] = Cluster(
+                                id=arn.split(":")[-1].split("/")[-1],
+                                name=cluster.get("ClusterName", ""),
+                                arn=arn,
+                                region=regional_client.region,
+                                tags=(
+                                    list(cluster.get("Tags", {}).values())
+                                    if cluster.get("Tags")
+                                    else []
+                                ),
+                                state=cluster.get("State", ""),
+                                kafka_version="SERVERLESS",  # Serverless doesn't have specific Kafka version
+                                data_volume_kms_key_id="AWS_MANAGED",  # Serverless uses AWS managed keys
+                                encryption_in_transit=EncryptionInTransit(
+                                    client_broker="TLS",  # Serverless always has TLS enabled
+                                    in_cluster=True,  # Serverless always has in-cluster encryption
+                                ),
+                                tls_authentication=True,  # Serverless always has TLS authentication
+                                public_access=False,  # Serverless clusters are always private
+                                unauthentication_access=False,  # Serverless requires authentication
+                                enhanced_monitoring="DEFAULT",
+                            )
+                            logger.info(
+                                f"Kafka - Added serverless cluster {cluster.get('ClusterName', 'Unknown')} to clusters dict"
                             )
-                            .get("Unauthenticated", {})
-                            .get("Enabled", False),
-                            enhanced_monitoring=cluster.get(
-                                "EnhancedMonitoring", "DEFAULT"
-                            ),
+
+                        else:
+                            logger.warning(
+                                f"Kafka - Unknown cluster type {cluster_type} for cluster {cluster.get('ClusterName', 'Unknown')}"
+                            )
+                    else:
+                        logger.info(
+                            f"Kafka - Cluster {cluster.get('ClusterName', 'Unknown')} filtered out by audit_resources"
                         )
+
+            logger.info(
+                f"Kafka - Total clusters found in region {regional_client.region}: {len(self.clusters)}"
+            )
         except Exception as error:
             logger.error(
                 f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
             )
+            logger.error(
+                f"Kafka - Error details in region {regional_client.region}: {str(error)}"
+            )
 
     def _list_kafka_versions(self, regional_client):
         try:

prowler/providers/m365/services/defender/defender_service.py

@@ -91,7 +91,7 @@ class Defender(M365Service):
                 malware_rule = [malware_rule]
             for rule in malware_rule:
                 if rule:
-                    malware_rules[rule.get("Name", "")] = MalwareRule(
+                    malware_rules[rule.get("MalwareFilterPolicy", "")] = MalwareRule(
                         state=rule.get("State", ""),
                         priority=rule.get("Priority", 0),
                         users=rule.get("SentTo", None),
@@ -152,12 +152,14 @@ class Defender(M365Service):
                 antiphishing_rule = [antiphishing_rule]
             for rule in antiphishing_rule:
                 if rule:
-                    antiphishing_rules[rule.get("Name", "")] = AntiphishingRule(
-                        state=rule.get("State", ""),
-                        priority=rule.get("Priority", 0),
-                        users=rule.get("SentTo", None),
-                        groups=rule.get("SentToMemberOf", None),
-                        domains=rule.get("RecipientDomainIs", None),
+                    antiphishing_rules[rule.get("AntiPhishPolicy", "")] = (
+                        AntiphishingRule(
+                            state=rule.get("State", ""),
+                            priority=rule.get("Priority", 0),
+                            users=rule.get("SentTo", None),
+                            groups=rule.get("SentToMemberOf", None),
+                            domains=rule.get("RecipientDomainIs", None),
+                        )
                     )
         except Exception as error:
             logger.error(
@@ -250,7 +252,9 @@ class Defender(M365Service):
                 outbound_spam_rule = [outbound_spam_rule]
             for rule in outbound_spam_rule:
                 if rule:
-                    outbound_spam_rules[rule.get("Name", "")] = OutboundSpamRule(
+                    outbound_spam_rules[
+                        rule.get("HostedOutboundSpamFilterPolicy", "")
+                    ] = OutboundSpamRule(
                         state=rule.get("State", "Disabled"),
                         priority=rule.get("Priority", 0),
                         users=rule.get("From", None),
@@ -330,12 +334,14 @@ class Defender(M365Service):
                 inbound_spam_rule = [inbound_spam_rule]
             for rule in inbound_spam_rule:
                 if rule:
-                    inbound_spam_rules[rule.get("Name", "")] = InboundSpamRule(
-                        state=rule.get("State", "Disabled"),
-                        priority=rule.get("Priority", 0),
-                        users=rule.get("SentTo", None),
-                        groups=rule.get("SentToMemberOf", None),
-                        domains=rule.get("RecipientDomainIs", None),
+                    inbound_spam_rules[rule.get("HostedContentFilterPolicy", "")] = (
+                        InboundSpamRule(
+                            state=rule.get("State", "Disabled"),
+                            priority=rule.get("Priority", 0),
+                            users=rule.get("SentTo", None),
+                            groups=rule.get("SentToMemberOf", None),
+                            domains=rule.get("RecipientDomainIs", None),
+                        )
                     )
         except Exception as error:
             logger.error(

{prowler_cloud-5.12.0.dist-info → prowler_cloud-5.12.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: prowler-cloud
-Version: 5.12.0
+Version: 5.12.2
 Summary: Prowler is an Open Source security tool to perform AWS, GCP and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security Pillar, AWS Foundational Technical Review (FTR), ENS (Spanish National Security Scheme) and your custom security frameworks.
 License: Apache-2.0
 Author: Toni de la Fuente

{prowler_cloud-5.12.0.dist-info → prowler_cloud-5.12.2.dist-info}/RECORD

@@ -91,16 +91,16 @@ dashboard/pages/compliance.py,sha256=KvDfOvSM8Zs-YG_HZj2RG-uoFsNwAD0B_gO3QcAd5Ns
 dashboard/pages/overview.py,sha256=tv8sA9ww8LTDjvyCUPfQAt6ceTeeuDwDXY5ezjtP2rU,81497
 dashboard/src/input.css,sha256=ZjC7DV_hHZRH92s0D-8Wk-L9WpP5oqfwIkfLi16GJdk,2936
 dashboard/tailwind.config.js,sha256=sDwGYIDZwdefOCPrcCkjsOT8cYDHrkZAedPosdDnwMY,2391
-prowler/CHANGELOG.md,sha256=bug1lgGre4EtRQwQH0P6PnGX83akEHRYUJUrKsvM80Q,34598
+prowler/CHANGELOG.md,sha256=ztg9OuR0IIMVbGUhMnSIXII2qN2JSx4q89zELfsoqXQ,35035
 prowler/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/__main__.py,sha256=qPx3o5GODalfu051EQtmMciliRfoBtrGUd6-42OnBt4,41860
 prowler/compliance/aws/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/compliance/aws/aws_account_security_onboarding_aws.json,sha256=8wn1Wv9es8BOD6G4nO_T7hmuf0OFOJQL81xnpa4lIGc,34730
 prowler/compliance/aws/aws_audit_manager_control_tower_guardrails_aws.json,sha256=KJ9cS6YC0QuVhiHj9vkWbiCBXCbVdhFjeioVasp9qMI,7001
 prowler/compliance/aws/aws_foundational_security_best_practices_aws.json,sha256=OVnVnGzdDmbKo_niWkHxmjhY5pd0p-oiOMDeeuZTzzY,206922
-prowler/compliance/aws/aws_foundational_technical_review_aws.json,sha256=Ztu0YasvKzUxx9MozOJtwriWNUaKfgoWULuQB87IJKQ,39909
+prowler/compliance/aws/aws_foundational_technical_review_aws.json,sha256=87PohQ6JqR84FZFrg1dEokYd108SAlagNaze5ru1Zk4,39913
 prowler/compliance/aws/aws_well_architected_framework_reliability_pillar_aws.json,sha256=tqef9ofRWl4zTNnUPAZKWqsbld3MrXyCTU2pvxWItfI,4846
-prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json,sha256=RKdH0Qpm6MEGuOK39e2Yp2MZOlO12RTXTrC68pVi5jY,165486
+prowler/compliance/aws/aws_well_architected_framework_security_pillar_aws.json,sha256=IH0nOUU70lhHFykYpAGEp8N64-dqn0WbkmSjrRZ2goo,165490
 prowler/compliance/aws/cis_1.4_aws.json,sha256=f3hzOOq2D2TWkt0ybEus5No_Y13oNHp1KoMnJMpX9A4,257462
 prowler/compliance/aws/cis_1.5_aws.json,sha256=xKn2WLoA2CjygIL1A1y-7u8KGhzuyCR6uTV2Uuaub8g,284201
 prowler/compliance/aws/cis_2.0_aws.json,sha256=qBEUdZumWs2UZzuasKod_KRrxs8r0x2Ag1tIfkmS268,286324
@@ -117,10 +117,10 @@ prowler/compliance/aws/gxp_21_cfr_part_11_aws.json,sha256=Upx4B68GRl6i_U9-M9VRmu
 prowler/compliance/aws/gxp_eu_annex_11_aws.json,sha256=z3Bx_2ai4gV_koirTWp-NOxAkUdGKRIA45DSIVWk5Vo,11774
 prowler/compliance/aws/hipaa_aws.json,sha256=Nd-Sly2MQDFV-To7kVpgLVKIhNe90yYM7_0wmDo6Mik,31546
 prowler/compliance/aws/iso27001_2013_aws.json,sha256=G13PEwRbdp9VC8wkPCO50Ox2n0nIWwTHmLnmM6t4Xa4,41993
-prowler/compliance/aws/iso27001_2022_aws.json,sha256=WUHep_RE_GpAClWWMeBbimzo6gcX8AQtDuddvzTtu9M,92541
-prowler/compliance/aws/kisa_isms_p_2023_aws.json,sha256=Vzxz5WaNx8Km3jBxIFqNBSHQW0UEwncLGTe0_neQT0g,341887
-prowler/compliance/aws/kisa_isms_p_2023_korean_aws.json,sha256=pvRmVyMmKQUR9DbrGHokPjah257-DP-l-OEEGOesOcU,336392
-prowler/compliance/aws/mitre_attack_aws.json,sha256=L1OOQ8pIF5gyeZi6ncJWH5wbTVLli7tofIJ4_iHqGHA,133265
+prowler/compliance/aws/iso27001_2022_aws.json,sha256=TDfcPdSAh0Oq-0_Z7UNOnrkGw4r419DPYXi1o6io5Sk,92553
+prowler/compliance/aws/kisa_isms_p_2023_aws.json,sha256=Wdhqu8Vk7S_IGXt326Vg41HskEgwfyyh-xAW758i-6o,341900
+prowler/compliance/aws/kisa_isms_p_2023_korean_aws.json,sha256=vkv3rIg62GcUSgLg_iN-vf6MDwR8JzMmn-I3_Ats0yA,336405
+prowler/compliance/aws/mitre_attack_aws.json,sha256=oqlQDZTHKN6c7mbXW7gCXJ3aBy7Lu2P8SxFuvnbSzRQ,133285
 prowler/compliance/aws/nis2_aws.json,sha256=Z69BnoGNBrmxdXmpjr0JiO2XjF1m4QTahxbS7iXW_to,89149
 prowler/compliance/aws/nist_800_171_revision_2_aws.json,sha256=XtNrW0qEYSKapOmd7re03IO86vpWPwnHbDogy1EcQvs,86998
 prowler/compliance/aws/nist_800_53_revision_4_aws.json,sha256=Lrd89PNsiDpHOvzHutS9I-Rlra-l0sLPYWXWWvKPeoI,51053
@@ -128,9 +128,9 @@ prowler/compliance/aws/nist_800_53_revision_5_aws.json,sha256=NMEOcp5GuIEStDbTjG
 prowler/compliance/aws/nist_csf_1.1_aws.json,sha256=VZPUjlEKVPgTsCgTM_TgvZnclRHBZ8Suf--yoKtVU3U,40334
 prowler/compliance/aws/pci_3.2.1_aws.json,sha256=e7sZjXKEciTEOenBUy4p6Gjp0W4V6x9p691PIFXNKGY,232631
 prowler/compliance/aws/pci_4.0_aws.json,sha256=NYF-aRz6Rtk0ekYDzL-aZt6t55B6qseMrwGdfd9aKew,755486
-prowler/compliance/aws/prowler_threatscore_aws.json,sha256=11VQimMEpfS2YHuoTukSJq1uN429GXoa3DQwC60SthU,147531
-prowler/compliance/aws/rbi_cyber_security_framework_aws.json,sha256=ifM4NOPOb19CGIDJi7hljhAD5p7tajArO5Pa1JbPkcc,8935
-prowler/compliance/aws/soc2_aws.json,sha256=0_l0NxGX8ta7fkpITnAFJpfnxj3Nl-EkFunjhDD4uX4,49381
+prowler/compliance/aws/prowler_threatscore_aws.json,sha256=QcwJ1ZPxEfKKFll81opPhDN4cpQG3-G8ZxJ8YsmaLcQ,147535
+prowler/compliance/aws/rbi_cyber_security_framework_aws.json,sha256=vfz3xbUNB1OZMHK0jE00APOp--ru3neDJBYesOR_QGs,8935
+prowler/compliance/aws/soc2_aws.json,sha256=tktJyqlVvHhStX66tSFsIXWKUTqM1T0f80Mq3y5dpz8,49385
 prowler/compliance/azure/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/compliance/azure/cis_2.0_azure.json,sha256=CFmBHWInIkSt41WJWEzz1BxZgCbt28pFKsvVhVtajPg,554990
 prowler/compliance/azure/cis_2.1_azure.json,sha256=M8QNDk_h4BP1dKfZw8LsVh0Wx7nbENCcUnQN4Zgcb9o,634232
@@ -175,7 +175,7 @@ prowler/config/aws_mutelist.yaml,sha256=PW3ekqtwhpBedyPWyvh5oXCiJz94P3nJLrMYGUGI
 prowler/config/aws_mutelist_example.yaml,sha256=O3fscPxW73tBcrAtKGo43btqnA6_mNW3myC21Gj0ysQ,2848
 prowler/config/azure_mutelist_example.yaml,sha256=r87OAhBg0N32s-XFRHEY4BzrHfZLGE9DfM8YgAHn7cY,2024
 prowler/config/checklist_example.json,sha256=E36OiPBUXF3fuKIu4mK92R3a3zFRGzKdztZdYsx5vQs,165
-prowler/config/config.py,sha256=dwZni8VgppW5hiOwmsiY_zoGSOxUTsjPLVOs_nGJyZg,7125
+prowler/config/config.py,sha256=VwuI8pP-sde6OnSOrkjoW1-Hih_vMlSmwHDK5cI_jrc,7125
 prowler/config/config.yaml,sha256=QXWavNONnpVpINWEf2xCUWW4DuJRNndvUvsmMQ3sQpU,19261
 prowler/config/custom_checks_metadata_example.yaml,sha256=vsn66e-kGDKfHJ0KhTa525wbquZN88Z5G_bMCIM0iG0,5720
 prowler/config/fixer_config.yaml,sha256=D3yIuDsgcvLyMc4-nwhU4569l6z48CWm1UKekbqupKo,1591
@@ -1409,7 +1409,7 @@ prowler/providers/aws/services/firehose/firehose_client.py,sha256=Y45uVQ_AD4Ka22
 prowler/providers/aws/services/firehose/firehose_service.py,sha256=CAJRVErKHSOINOtFMNMwPD4V70hG-oy87DZAKr6cZfM,7314
 prowler/providers/aws/services/firehose/firehose_stream_encrypted_at_rest/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/firehose/firehose_stream_encrypted_at_rest/firehose_stream_encrypted_at_rest.metadata.json,sha256=afnnPrppWbBmcSAVwpNMIhm4DOzX9PzJUDDaczYZefc,2090
-prowler/providers/aws/services/firehose/firehose_stream_encrypted_at_rest/firehose_stream_encrypted_at_rest.py,sha256=GrBffIv_1Q8NYfnBA7gT7UCr4XnnEkNGHTIpSYcucko,2345
+prowler/providers/aws/services/firehose/firehose_stream_encrypted_at_rest/firehose_stream_encrypted_at_rest.py,sha256=KmIuwbWN9xqeMkmX3yNse_90-I1g_QyShoWZ8krhgw0,3916
 prowler/providers/aws/services/fms/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/fms/fms_client.py,sha256=cODP6jSTVc2AwhOQij7vp5jVvyqRoEtWu0mwTfZenKk,168
 prowler/providers/aws/services/fms/fms_policy_compliant/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -1663,29 +1663,29 @@ prowler/providers/aws/services/kafka/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeu
 prowler/providers/aws/services/kafka/kafka_client.py,sha256=cK3DJBkLptXHTn99o5QqHs-Y9MRQcfskaghKc2MnhcI,178
 prowler/providers/aws/services/kafka/kafka_cluster_encryption_at_rest_uses_cmk/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_encryption_at_rest_uses_cmk/kafka_cluster_encryption_at_rest_uses_cmk.metadata.json,sha256=1Esq18ZIDzfpKPSOv2HG5Ifz6TmETNHmLmeP-LbJfbM,1622
-prowler/providers/aws/services/kafka/kafka_cluster_encryption_at_rest_uses_cmk/kafka_cluster_encryption_at_rest_uses_cmk.py,sha256=IApA1VJRmThryS1ofLvk909DM7d6RNfjRQchatLrHmE,1067
+prowler/providers/aws/services/kafka/kafka_cluster_encryption_at_rest_uses_cmk/kafka_cluster_encryption_at_rest_uses_cmk.py,sha256=bBFGs0W38L83c5lsqpIbRYFWA0go779ttqBrLGt0yHU,1474
 prowler/providers/aws/services/kafka/kafka_cluster_enhanced_monitoring_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_enhanced_monitoring_enabled/kafka_cluster_enhanced_monitoring_enabled.metadata.json,sha256=b4pnHGqT91-iIwDK7v7xmJ8_hVb7pvX7ibUCpwwNctU,1677
-prowler/providers/aws/services/kafka/kafka_cluster_enhanced_monitoring_enabled/kafka_cluster_enhanced_monitoring_enabled.py,sha256=SuJ61fPHLKm6qdJHILmwG7pZmBjNQoRf0dRcrZDAUnA,825
+prowler/providers/aws/services/kafka/kafka_cluster_enhanced_monitoring_enabled/kafka_cluster_enhanced_monitoring_enabled.py,sha256=QNPm5Pehu_atSo4plI1F8cI19QNc1OuxBANd9KPDlIg,1233
 prowler/providers/aws/services/kafka/kafka_cluster_in_transit_encryption_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_in_transit_encryption_enabled/kafka_cluster_in_transit_encryption_enabled.metadata.json,sha256=dHsV0D9vLNt8oWHXvLL1NOLw-twtFvYhTU4X4Qrjx3M,1733
-prowler/providers/aws/services/kafka/kafka_cluster_in_transit_encryption_enabled/kafka_cluster_in_transit_encryption_enabled.py,sha256=YWSl6Id_CsQ0u0gu5UGZf1vmX40sGPVUiUo1DeIgpyM,944
+prowler/providers/aws/services/kafka/kafka_cluster_in_transit_encryption_enabled/kafka_cluster_in_transit_encryption_enabled.py,sha256=FKB_L8-oJEykx-rjCtn7uPOZqkay9bid5KRfv8hFrA8,1347
 prowler/providers/aws/services/kafka/kafka_cluster_is_public/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_is_public/kafka_cluster_is_public.metadata.json,sha256=du4-4pjWwjbrrYICLsbqNQhGTnhoHnMBD1nq5TD6wpM,1462
-prowler/providers/aws/services/kafka/kafka_cluster_is_public/kafka_cluster_is_public.py,sha256=q0kM-B3i9kCqekJpBiZ_Hx6JphYjZmnf6YYgWt9wL40,804
+prowler/providers/aws/services/kafka/kafka_cluster_is_public/kafka_cluster_is_public.py,sha256=y5SpKWPm890EhoWxPi2jUukqh3NQuwOOuJEIb8kPiUY,1159
 prowler/providers/aws/services/kafka/kafka_cluster_mutual_tls_authentication_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_mutual_tls_authentication_enabled/kafka_cluster_mutual_tls_authentication_enabled.metadata.json,sha256=diSV74cjsFgpVhw22SW3iGxUZr9QNqIVb2EKsxEuAYk,1434
-prowler/providers/aws/services/kafka/kafka_cluster_mutual_tls_authentication_enabled/kafka_cluster_mutual_tls_authentication_enabled.py,sha256=aXwCX4dtf4RGlV1sPfBjMpb7s0B7KzSZd8AtYsn2wKo,797
+prowler/providers/aws/services/kafka/kafka_cluster_mutual_tls_authentication_enabled/kafka_cluster_mutual_tls_authentication_enabled.py,sha256=W3xYlXNs8NSR8OKwwh_uFZwFrIeWcmiIBIVUZQnywKU,1187
 prowler/providers/aws/services/kafka/kafka_cluster_unrestricted_access_disabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_unrestricted_access_disabled/kafka_cluster_unrestricted_access_disabled.metadata.json,sha256=DATHwHxgUyrTibW7Q7aI0SHIVnZLJN4UBw_dtF1EnDI,1727
-prowler/providers/aws/services/kafka/kafka_cluster_unrestricted_access_disabled/kafka_cluster_unrestricted_access_disabled.py,sha256=YUQfXOw0dp3jyguAHq-EGyxCdDbQUw2bghsxnukUBfU,821
+prowler/providers/aws/services/kafka/kafka_cluster_unrestricted_access_disabled/kafka_cluster_unrestricted_access_disabled.py,sha256=x7m2bKkmutVOTBwVMu0BE7Y3Nclf2MFZak7t6a56uJQ,1214
 prowler/providers/aws/services/kafka/kafka_cluster_uses_latest_version/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_cluster_uses_latest_version/kafka_cluster_uses_latest_version.metadata.json,sha256=5p4-tOGJLkuZ5r-gG8NY4ZrqEib5H0rNA7ODnbLglj4,1650
-prowler/providers/aws/services/kafka/kafka_cluster_uses_latest_version/kafka_cluster_uses_latest_version.py,sha256=9Onh205gKZwnJXFzSxx1SOdf7STP6fzCXVhb0o8ZQHs,867
+prowler/providers/aws/services/kafka/kafka_cluster_uses_latest_version/kafka_cluster_uses_latest_version.py,sha256=KsyvYatsp3ANZZD7J2MU7YxliVnqgX5o2bMxQMgTrRM,1284
 prowler/providers/aws/services/kafka/kafka_connector_in_transit_encryption_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kafka/kafka_connector_in_transit_encryption_enabled/kafka_connector_in_transit_encryption_enabled.metadata.json,sha256=VnFlJBqfv5jvBHS_CGqT_g6aYo7KFUq1thAf6D2_dZg,1606
 prowler/providers/aws/services/kafka/kafka_connector_in_transit_encryption_enabled/kafka_connector_in_transit_encryption_enabled.py,sha256=hKeHIezXS3hZTWDnDYrZnhhbCMnthT3M8pJpD_fd85I,832
-prowler/providers/aws/services/kafka/kafka_service.py,sha256=yjk2RZB6QRbNGBlY_tZsiq3Y7dtoHiNox6i6JLflKgs,6337
+prowler/providers/aws/services/kafka/kafka_service.py,sha256=lQ9DJoXGvG2tLa5t4uYsLorqUfVXbolGD-D0NuTp6xM,10775
 prowler/providers/aws/services/kafka/kafkaconnect_client.py,sha256=9Dxozx9B2WmXUcXx5SxF7_f0n2R-h34hMjtCXLOCsEI,199
 prowler/providers/aws/services/kinesis/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/aws/services/kinesis/kinesis_client.py,sha256=D5WJkQNhteGpCaPbfaA9_ahB_NKrg6XBGolqF-1wn_Y,188
@@ -3670,7 +3670,7 @@ prowler/providers/m365/services/defender/defender_malware_policy_comprehensive_a
 prowler/providers/m365/services/defender/defender_malware_policy_notifications_internal_users_malware_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/m365/services/defender/defender_malware_policy_notifications_internal_users_malware_enabled/defender_malware_policy_notifications_internal_users_malware_enabled.metadata.json,sha256=-jG7XmkijgLL7LJMyOhDniix7TPiEgQUk4jR2Q55tgw,1848
 prowler/providers/m365/services/defender/defender_malware_policy_notifications_internal_users_malware_enabled/defender_malware_policy_notifications_internal_users_malware_enabled.py,sha256=6u_iEHsiVEAeObGw9u2G_EUe9vk5eWwkfD8hkg9ui7A,9558
-prowler/providers/m365/services/defender/defender_service.py,sha256=PwidaGJR1zp1Km8wAuSDFGh0NFcRNz2ajyz4HL0iU7Q,20280
+prowler/providers/m365/services/defender/defender_service.py,sha256=oZfx5IdErLNN4NDr5Z2FwE3nsNrESc9QkVG5fNK8G0E,20543
 prowler/providers/m365/services/entra/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/m365/services/entra/entra_admin_consent_workflow_enabled/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/m365/services/entra/entra_admin_consent_workflow_enabled/entra_admin_consent_workflow_enabled.metadata.json,sha256=B63TmvE46KubExAtUmLfXG-jocPFgb98MoIBAsftkjc,1680
@@ -3933,8 +3933,8 @@ prowler/providers/nhn/services/network/network_vpc_subnet_enable_dhcp/network_vp
 prowler/providers/nhn/services/network/network_vpc_subnet_has_external_router/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 prowler/providers/nhn/services/network/network_vpc_subnet_has_external_router/network_vpc_subnet_has_external_router.metadata.json,sha256=FNNOLX0F1IRAt9RwuKm7m8ZAH52onk0QHjlgghApjdI,766
 prowler/providers/nhn/services/network/network_vpc_subnet_has_external_router/network_vpc_subnet_has_external_router.py,sha256=u6FIeMqvWT8gj3e_dBabg4vcCyJ37lUFJ5r5awpr4JA,898
-prowler_cloud-5.12.0.dist-info/LICENSE,sha256=oGZr2ZEftLZTNys3IcUA_b0JftHKg0Zq2wfnrnr7guA,11348
-prowler_cloud-5.12.0.dist-info/METADATA,sha256=9aQfoziFH7ymMBndvOrl2fYt4QYUbxdp5hcCEwzxpBI,18294
-prowler_cloud-5.12.0.dist-info/WHEEL,sha256=XbeZDeTWKc1w7CSIyre5aMDU_-PohRwTQceYnisIYYY,88
-prowler_cloud-5.12.0.dist-info/entry_points.txt,sha256=sWks5LHwHN_Rhj9HcrghwVKzHPIS4I4lebr-lkVZ-Dk,52
-prowler_cloud-5.12.0.dist-info/RECORD,,
+prowler_cloud-5.12.2.dist-info/LICENSE,sha256=oGZr2ZEftLZTNys3IcUA_b0JftHKg0Zq2wfnrnr7guA,11348
+prowler_cloud-5.12.2.dist-info/METADATA,sha256=CYdTJyDr5sLMquZKRe-KczcK_iEA13yROhnsi54O2oA,18294
+prowler_cloud-5.12.2.dist-info/WHEEL,sha256=XbeZDeTWKc1w7CSIyre5aMDU_-PohRwTQceYnisIYYY,88
+prowler_cloud-5.12.2.dist-info/entry_points.txt,sha256=sWks5LHwHN_Rhj9HcrghwVKzHPIS4I4lebr-lkVZ-Dk,52
+prowler_cloud-5.12.2.dist-info/RECORD,,