PyPI - prowler-cloud - Versions diffs - 5.13.1__py3-none-any.whl → 5.14.1__py3-none-any.whl - Mend

prowler-cloud 5.13.1py3-none-any.whl → 5.14.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (298) hide show

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_auto_minor_version_upgrades/elasticache_redis_cluster_auto_minor_version_upgrades.metadata.json CHANGED Viewed

@@ -1,26 +1,35 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_auto_minor_version_upgrades",
-  "CheckTitle": "Ensure Elasticache Redis cache clusters have automatic minor upgrades enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis cache cluster has automatic minor version upgrades enabled",
+  "CheckType": [
+    "Software and Configuration Checks/Patch Management",
+    "Software and Configuration Checks/AWS Security Best Practices"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "high",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis cache clusters have automatic minor upgrades enabled.",
-  "Risk": "Not enabling automatic minor version upgrades can expose your Redis cluster to security vulnerabilities, performance issues, and increased operational overhead due to the need for manual updates.",
-  "RelatedUrl": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/VersionManagement.html",
+  "Description": "**ElastiCache for Redis** replication groups are configured to apply **automatic minor engine upgrades** using `AutoMinorVersionUpgrade`",
+  "Risk": "Without **automatic minor upgrades**, Redis nodes may run versions with known CVEs and stability bugs, enabling unauthorized access, replication inconsistencies, or crashes. Delayed patching widens the attack window and lengthens maintenance, degrading confidentiality, integrity, and availability.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/VersionManagementConsiderations.html",
+    "https://support.icompaas.com/support/solutions/articles/62000233595-ensure-elasticache-redis-cache-clusters-have-automatic-minor-upgrades-enabled",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/engine-versions.html",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/VersionManagement.html"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticache modify-cache-cluster --cache-cluster-id <cluster_id> --apply-immediately --auto-minor-version-upgrade",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-2",
-      "Terraform": ""
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <replication_group_id> --auto-minor-version-upgrade --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: enable auto minor version upgrades on a Replication Group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupDescription: \"<example_description>\"\n      CacheNodeType: \"<example_node_type>\"\n      NumCacheClusters: 1\n      AutoMinorVersionUpgrade: true  # CRITICAL: turns on automatic minor version upgrades\n      # This ensures new minor engine versions are applied automatically\n```",
+      "Other": "1. Open the AWS console and go to ElastiCache\n2. Select Replication groups, choose the target group\n3. Click Modify\n4. Enable Automatic minor version upgrade\n5. Check Apply immediately and click Modify to save",
+      "Terraform": "```hcl\n# Enable auto minor version upgrades on an ElastiCache replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id       = \"<example_resource_id>\"\n  description                = \"<example_description>\"\n  node_type                  = \"<example_node_type>\"\n  num_cache_clusters         = 1\n  auto_minor_version_upgrade = true  # CRITICAL: automatically applies minor engine upgrades\n}\n```"
     },
     "Recommendation": {
-      "Text": "Ensure Elasticache clusters have automatic minor upgrades enabled.",
-      "Url": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Clusters.html#Modify"
+      "Text": "Enable `AutoMinorVersionUpgrade` for Redis replication groups and govern updates with a maintenance window. Apply **patch management** and **defense in depth**: validate in staging, keep recent backups, use Multi-AZ for resilience, and monitor release notes to ensure timely, low-impact updates.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_auto_minor_version_upgrades"
     }
   },
   "Categories": [],

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_automatic_failover_enabled/elasticache_redis_cluster_automatic_failover_enabled.metadata.json CHANGED Viewed

@@ -1,30 +1,37 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_automatic_failover_enabled",
-  "CheckTitle": "Ensure Elasticache Redis clusters have automatic failover enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis cluster has automatic failover enabled",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/Industry and Regulatory Standards/AWS Foundational Security Best Practices"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "medium",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis OSS cache clusters use automatic failover.",
-  "Risk": "If automatic failover is not enabled, a failure in the primary node could result in significant downtime, impacting the availability and resilience of your application.",
-  "RelatedUrl": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html",
+  "Description": "**Amazon ElastiCache (Redis OSS) replication groups** have **automatic failover** set to `enabled`, allowing a replica to be promoted when the primary becomes unavailable",
+  "Risk": "**Missing automatic failover** reduces **availability**: a primary or AZ outage can stop writes and require manual recovery, prolonging downtime.\n\nAs Redis replication is asynchronous, delayed promotion increases chances of **lost or stale writes**, affecting **data integrity** and causing client timeouts.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://aws.amazon.com/blogs/database/testing-automatic-failover-to-a-read-replica-on-amazon-elasticache-for-redis/",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-3",
-      "Terraform": "https://docs.prowler.com/checks/aws/general-policies/ensure-aws-elasticache-redis-cluster-with-multi-az-automatic-failover-feature-set-to-enabled/"
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <example_resource_id> --automatic-failover-enabled --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: enable automatic failover for a Redis replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupId: <example_resource_id>\n      ReplicationGroupDescription: \"<description>\"\n      NumCacheClusters: 2\n      AutomaticFailoverEnabled: true  # Critical: turns on automatic failover so the check passes\n      Engine: redis\n```",
+      "Other": "1. Open the AWS Console and go to ElastiCache\n2. Select your Redis replication group (<example_resource_id>)\n3. Click Modify\n4. Set Auto failover to Enabled\n5. Check Apply immediately\n6. Click Save changes",
+      "Terraform": "```hcl\n# Terraform: enable automatic failover for a Redis replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id          = \"<example_resource_id>\"\n  replication_group_description = \"<description>\"\n  node_type                     = \"cache.t3.small\"\n  number_cache_clusters         = 2\n  automatic_failover_enabled    = true  # Critical: turns on automatic failover so the check passes\n}\n```"
     },
     "Recommendation": {
-      "Text": "Enable automatic failover for ElastiCache (Redis OSS) clusters to ensure high availability and minimize downtime during failures.",
-      "Url": "https://redis.io/blog/highly-available-in-memory-cloud-datastores/"
+      "Text": "Enable **automatic failover** with **Multi-AZ**, keeping at least one replica per shard in a different AZ. Regularly *test failover* and monitor replication lag.\n\nArchitect clients for resilience with retries and backoff to tolerate brief role changes, aligning with **fault tolerance** and **defense in depth**.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_automatic_failover_enabled"
     }
   },
   "Categories": [
-    "redundancy"
+    "resilience"
   ],
   "DependsOn": [],
   "RelatedTo": [],

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_backup_enabled/elasticache_redis_cluster_backup_enabled.metadata.json CHANGED Viewed

@@ -1,29 +1,39 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_backup_enabled",
-  "CheckTitle": "Ensure Elasticache Redis cache cluster has automatic backups enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis cache cluster has automated snapshot backups enabled with retention of at least 7 days",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/Industry and Regulatory Standards/AWS Foundational Security Best Practices",
+    "Effects/Data Destruction"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "high",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis cache cluster has automatic backups enabled.",
-  "Risk": "Ensure that your Amazon ElastiCache Redis cache clusters have a sufficient backup retention period set in order to fulfill your organization's compliance requirements. The retention period represents the number of days for which Amazon ElastiCache service retains automatic Redis cluster backups before deleting them.",
-  "RelatedUrl": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-1",
+  "Description": "Amazon ElastiCache Redis replication groups have **automated snapshot backups** enabled with a **retention period** of at least `7` days.\n\nThe evaluation focuses on whether backups are enabled and the configured retention meets the minimum threshold.",
+  "Risk": "Absent or short-retained backups degrade **availability** and heighten **data loss** risk. Hardware failures, corruption, or accidental deletes may not be recoverable to needed points, undermining **RPO/RTO**, prolonging outages, and limiting **forensics** on cache data.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ElastiCache/enable-automatic-backups.html",
+    "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-1"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticache modify-replication-group --region <value> --replication-group-id <value> --snapshot-retention-limit <value> --apply-immediately",
-      "NativeIaC": "",
-      "Other": "",
-      "Terraform": "https://docs.prowler.com/checks/aws/general-policies/ensure-that-amazon-elasticache-redis-clusters-have-automatic-backup-turned-on/"
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <REPLICATION_GROUP_ID> --snapshot-retention-limit 7 --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: set automated snapshot retention for a Redis replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupDescription: example\n      SnapshotRetentionLimit: 7  # Critical: enables automatic snapshots and retains them for >=7 days\n```",
+      "Other": "1. In the AWS Console, open ElastiCache\n2. Go to Redis > Replication groups\n3. Select <example_resource_id> and click Modify\n4. Set Snapshot retention (days) to 7 or higher\n5. Check Apply immediately\n6. Click Modify to save",
+      "Terraform": "```hcl\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id       = \"<example_resource_id>\"\n  replication_group_description = \"<example_description>\"\n  snapshot_retention_limit   = 7  # Critical: enable automated backups and keep them for >=7 days\n}\n```"
     },
     "Recommendation": {
-      "Text": "Ensure Elasticache Cluster has automatic backups enabled.",
-      "Url": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-1"
+      "Text": "Enable **automated backups** and set **retention** to meet RPO/RTO (typically  `7` days).\n- Define a consistent `snapshot window`\n- Test restores regularly\n- Protect backup storage with **least privilege** and immutability\n- Monitor backup status for failures\n- Apply **defense in depth** with replicas/Multi-AZ",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_backup_enabled"
     }
   },
-  "Categories": [],
+  "Categories": [
+    "resilience"
+  ],
   "DependsOn": [],
   "RelatedTo": [],
   "Notes": ""

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_in_transit_encryption_enabled/elasticache_redis_cluster_in_transit_encryption_enabled.metadata.json CHANGED Viewed

@@ -1,26 +1,35 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_in_transit_encryption_enabled",
-  "CheckTitle": "Ensure Elasticache Redis cache clusters have in transit encryption enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis cache cluster has in-transit encryption enabled",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices/Network Security",
+    "Software and Configuration Checks/Industry and Regulatory Standards/AWS Foundational Security Best Practices",
+    "Effects/Data Exposure"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "medium",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis cache clusters have in transit encryption enabled.",
-  "Risk": "There is a risk of exposing sensitive data if Elasticache Redis cache cluster does not have in transit encryption enabled.",
-  "RelatedUrl": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-5",
+  "Description": "**ElastiCache for Redis** replication groups have **in-transit encryption (TLS)** enabled for client and inter-node traffic (`TransitEncryptionEnabled=true`).",
+  "Risk": "Absent **in-transit encryption**, traffic between apps and Redis or between nodes can be **eavesdropped** or **tampered**.\n\nThis exposes keys, tokens, and cached sensitive data, enables **MITM** and session hijacking, and can corrupt replication, harming **confidentiality** and **integrity**.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ElastiCache/in-transit-and-at-rest-encryption.html",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/in-transit-encryption-enable.html",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/in-transit-encryption.html"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "",
-      "NativeIaC": "https://docs.prowler.com/checks/aws/general-policies/general_10#cloudformation",
-      "Other": "https://docs.prowler.com/checks/aws/general-policies/general_10/",
-      "Terraform": "https://docs.prowler.com/checks/aws/general-policies/general_10#terraform"
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <example_resource_id> --transit-encryption-enabled --transit-encryption-mode preferred --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: enable in-transit encryption for a Redis replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupId: \"<example_resource_id>\"\n      ReplicationGroupDescription: \"<example_description>\"\n      NumCacheClusters: 1\n      CacheSubnetGroupName: \"<example_resource_name>\"\n      TransitEncryptionEnabled: true  # CRITICAL: enables TLS in-transit to pass the check\n```",
+      "Other": "1. In the AWS Console, go to ElastiCache > Redis OSS (or Valkey) replication groups\n2. Select the replication group and click Actions > Modify\n3. Under Security, enable Encryption in transit and set Transit encryption mode to Preferred\n4. Check Apply immediately and Save changes",
+      "Terraform": "```hcl\n# Enable in-transit encryption for a Redis replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id       = \"<example_resource_id>\"\n  description                = \"<example_description>\"\n  node_type                  = \"cache.t3.micro\"\n  num_cache_clusters         = 1\n  subnet_group_name          = \"<example_resource_name>\"\n  transit_encryption_enabled = true  # CRITICAL: enables TLS in-transit to pass the check\n}\n```"
     },
     "Recommendation": {
-      "Text": "Ensure your Elasticache Redis cache clusters have in transit encryption enabled.",
-      "Url": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/in-transit-encryption.html"
+      "Text": "Enable **TLS** by setting `TransitEncryptionEnabled=true` and enforce a strict mode (require TLS 1.2+).\n\nEnsure clients validate certificates, restrict network paths, and pair with **least privilege** plus Redis AUTH/RBAC for defense in depth.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_in_transit_encryption_enabled"
     }
   },
   "Categories": [

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_multi_az_enabled/elasticache_redis_cluster_multi_az_enabled.metadata.json CHANGED Viewed

@@ -1,30 +1,38 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_multi_az_enabled",
-  "CheckTitle": "Ensure Elasticache Redis cache cluster has Multi-AZ enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis replication group has Multi-AZ enabled",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Effects/Denial of Service"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "medium",
-  "ResourceType": "AWSElastiCacheClusters",
-  "Description": "Ensure Elasticache Redis cache cluster has Multi-AZ enabled.",
-  "Risk": "Ensure that your Amazon ElastiCache Redis cache clusters has Multi-AZ enabled.",
-  "RelatedUrl": "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/elasticache-multi-az.html#",
+  "ResourceType": "Other",
+  "Description": "**ElastiCache for Redis replication groups** have **Multi-AZ automatic failover** enabled, distributing primary and replicas across distinct Availability Zones",
+  "Risk": "Without **Multi-AZ failover**, a node or AZ outage can make Redis endpoints unreachable, reducing **availability**. Cold-cache rebuilds shift load to databases, risking saturation and cascading timeouts. Recent writes may be lost during failures, impacting **integrity**.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/AutoFailover.html",
+    "https://repost.aws/knowledge-center/multi-az-replication-redis",
+    "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/elasticache-multi-az.html#"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticache modify-replication-group --region <value> --replication-group-id <value> --multi-az-enabled --apply-immediately",
-      "NativeIaC": "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/elasticache-multi-az.html#",
-      "Other": "",
-      "Terraform": "https://docs.prowler.com/checks/aws/general-policies/ensure-aws-elasticache-redis-cluster-with-multi-az-automatic-failover-feature-set-to-enabled/"
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <example_resource_id> --multi-az-enabled --automatic-failover-enabled --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: Enable Multi-AZ on an ElastiCache Redis replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupDescription: \"<description>\"\n      Engine: redis\n      CacheNodeType: cache.t4g.small\n      NumCacheClusters: 2\n      MultiAZEnabled: true  # CRITICAL: Enables Multi-AZ for the replication group\n```",
+      "Other": "1. In the AWS Console, go to ElastiCache > Redis\n2. Select the target replication group\n3. Click Modify\n4. Enable Multi-AZ (and Automatic failover if prompted)\n5. Check Apply immediately and click Modify",
+      "Terraform": "```hcl\n# Enable Multi-AZ on an ElastiCache Redis replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id  = \"<example_resource_id>\"\n  description           = \"<description>\"\n  engine                = \"redis\"\n  node_type             = \"cache.t4g.small\"\n  number_cache_clusters = 2\n\n  multi_az_enabled           = true  # CRITICAL: Enables Multi-AZ\n  automatic_failover_enabled = true  # Required for Multi-AZ failover\n}\n```"
     },
     "Recommendation": {
-      "Text": "Ensure Elasticache Redis cache cluster has Multi-AZ enabled.",
-      "Url": "https://www.trendmicro.com/cloudoneconformity-staging/knowledge-base/aws/ElastiCache/elasticache-multi-az.html#"
+      "Text": "Enable **Multi-AZ with automatic failover** (`MultiAZ: enabled`) on Redis replication groups and place replicas in separate AZs. Use clients that follow primary/reader endpoints, monitor replication lag, and regularly test failover. Pair with snapshots for recovery; this enforces high **availability** and **resilience**.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_multi_az_enabled"
     }
   },
   "Categories": [
-    "redundancy"
+    "resilience"
   ],
   "DependsOn": [],
   "RelatedTo": [],

prowler/providers/aws/services/elasticache/elasticache_redis_cluster_rest_encryption_enabled/elasticache_redis_cluster_rest_encryption_enabled.metadata.json CHANGED Viewed

@@ -1,26 +1,35 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_cluster_rest_encryption_enabled",
-  "CheckTitle": "Ensure Elasticache Redis cache clusters have at rest encryption enabled.",
-  "CheckType": [],
+  "CheckTitle": "ElastiCache Redis cache cluster has at rest encryption enabled",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/Industry and Regulatory Standards/AWS Foundational Security Best Practices",
+    "Effects/Data Exposure"
+  ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "medium",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis cache clusters have at rest encryption enabled.",
-  "Risk": "There is a risk of exposing sensitive data if Elasticache Redis cache clusters does not have at rest encryption enabled.",
-  "RelatedUrl": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-4",
+  "Description": "**ElastiCache for Redis replication groups** are evaluated for **encryption at rest** of on-disk cache data and backups. The finding pinpoints groups where this protection is not enabled.",
+  "Risk": "Without at-rest encryption, cache files and snapshots can be read if storage or backups are accessed via compromise or misconfiguration. Secrets, tokens, and PII may be exposed, breaking **confidentiality** and aiding **lateral movement** through offline analysis of cached data.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ElastiCache/in-transit-and-at-rest-encryption.html",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/at-rest-encryption.html#at-rest-encryption-enable",
+    "https://aws.amazon.com/blogs/security/amazon-elasticache-now-supports-encryption-for-elasticache-for-redis/"
+  ],
   "Remediation": {
     "Code": {
       "CLI": "",
-      "NativeIaC": "https://docs.prowler.com/checks/aws/general-policies/general_9#cloudformation",
-      "Other": "https://docs.prowler.com/checks/aws/general-policies/general_9/",
-      "Terraform": "https://docs.prowler.com/checks/aws/general-policies/general_9#terraform"
+      "NativeIaC": "```yaml\n# CloudFormation: enable at-rest encryption for an ElastiCache Redis replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupId: <example_resource_id>\n      ReplicationGroupDescription: Enable at-rest encryption\n      Engine: redis\n      CacheNodeType: cache.t3.micro\n      NumCacheClusters: 1\n      AtRestEncryptionEnabled: true  # CRITICAL: turns on encryption at rest for the replication group\n```",
+      "Other": "1. In the AWS Console, go to ElastiCache > Redis\n2. Select the non-encrypted replication group, click Actions > Backup and create a manual backup\n3. After the backup completes, click Backups, select it, then Restore\n4. In restore settings, check/enable Encryption at rest (use default KMS key) and create the new replication group\n5. Update your application to use the new replication group endpoint\n6. Verify connectivity and data, then delete the old (non-encrypted) replication group",
+      "Terraform": "```hcl\n# Terraform: enable at-rest encryption for an ElastiCache Redis replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id  = \"<example_resource_id>\"\n  description           = \"Enable at-rest encryption\"\n  node_type             = \"cache.t3.micro\"\n  number_cache_clusters = 1\n  at_rest_encryption_enabled = true  # CRITICAL: turns on encryption at rest for the replication group\n}\n```"
     },
     "Recommendation": {
-      "Text": "Ensure your Elasticache Redis cache clusters have at rest encryption enabled.",
-      "Url": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/at-rest-encryption.html#at-rest-encryption-enable"
+      "Text": "Enable **encryption at rest** on all Redis replication groups. Use **customer-managed KMS keys**, apply least-privilege access to keys, and audit key usage. Plan a controlled migration since at-rest encryption is enabled at creation (backup, restore, replace). Pair with **in-transit encryption** and authentication for defense in depth.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_cluster_rest_encryption_enabled"
     }
   },
   "Categories": [

prowler/providers/aws/services/elasticache/elasticache_redis_replication_group_auth_enabled/elasticache_redis_replication_group_auth_enabled.metadata.json CHANGED Viewed

@@ -1,31 +1,41 @@
 {
   "Provider": "aws",
   "CheckID": "elasticache_redis_replication_group_auth_enabled",
-  "CheckTitle": "Ensure Elasticache Elasticache Redis replication groups of earlier versions should have Redis OSS AUTH enabled.",
+  "CheckTitle": "ElastiCache Redis replication group with engine version < 6.0 has Redis OSS AUTH enabled",
   "CheckType": [
-    "Software and Configuration Checks/Industry and Regulatory Standards/NIST 800-53 Controls"
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/Industry and Regulatory Standards/NIST 800-53 Controls",
+    "TTPs/Initial Access/Unauthorized Access",
+    "Effects/Data Exposure"
   ],
   "ServiceName": "elasticache",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceIdTemplate": "",
   "Severity": "medium",
   "ResourceType": "Other",
-  "Description": "Ensure Elasticache Redis replication groups of earlier versions use Redis OSS AUTH.",
-  "Risk": "Without Redis AUTH enabled, your ElastiCache (Redis) instance is vulnerable to unauthorized access and potential data breaches.",
-  "RelatedUrl": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html",
+  "Description": "Amazon ElastiCache Redis replication groups running versions prior to `6.0` are evaluated for the use of **AUTH tokens**. For `6.0+`, the finding indicates **ACL/RBAC** configuration should be reviewed instead of token-based AUTH.",
+  "Risk": "Without **AUTH** on pre-`6.0` clusters, clients can run unauthenticated commands, enabling data reads/writes, key deletion, and cache poisoning. This threatens **confidentiality** and **integrity**, and can facilitate lateral movement via stolen or injected session data.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-6",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html#auth-modifyng-token",
+    "https://docs.aws.amazon.com/AmazonElastiCache/latest/dg/auth.html"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticache-controls.html#elasticache-6",
-      "Terraform": ""
+      "CLI": "aws elasticache modify-replication-group --replication-group-id <example_resource_id> --auth-token <AUTH_TOKEN> --auth-token-update-strategy SET --apply-immediately",
+      "NativeIaC": "```yaml\n# CloudFormation: enable Redis AUTH on an existing replication group\nResources:\n  <example_resource_name>:\n    Type: AWS::ElastiCache::ReplicationGroup\n    Properties:\n      ReplicationGroupId: <example_resource_id>\n      ReplicationGroupDescription: enable-auth\n      TransitEncryptionEnabled: true   # CRITICAL: required to use AUTH\n      AuthToken: <AUTH_TOKEN>          # CRITICAL: enables Redis AUTH\n      AuthTokenUpdateStrategy: SET  # CRITICAL: adds token; enables AUTH\n```",
+      "Other": "1. In the AWS Console, go to ElastiCache > Redis replication groups\n2. Select the replication group <example_resource_id> and click Modify\n3. Under Access control, choose Redis OSS AUTH and enter <AUTH_TOKEN>\n4. Check Apply immediately and click Modify\n5. Wait for status to return to Available; AUTH is now enabled",
+      "Terraform": "```hcl\n# Terraform: enable Redis AUTH on an existing replication group\nresource \"aws_elasticache_replication_group\" \"<example_resource_name>\" {\n  replication_group_id       = \"<example_resource_id>\"\n  description                = \"enable-auth\"\n  transit_encryption_enabled = true            # CRITICAL: required to use AUTH\n  auth_token                 = \"<AUTH_TOKEN>\" # CRITICAL: enables Redis AUTH\n  auth_token_update_strategy = \"SET\"       # CRITICAL: adds token; enables AUTH\n}\n```"
     },
     "Recommendation": {
-      "Text": "Enable Redis AUTH to require authentication before accessing your Redis instance, and for Redis 6.0 and later, consider implementing Role-Based Access Control (RBAC) for enhanced security.",
-      "Url": "https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html#auth-modifyng-token"
+      "Text": "Apply defense in depth:\n- For versions < `6.0`, enable **AUTH** with strong, rotated tokens and require in-transit encryption.\n- For `6.0+`, prefer **RBAC/ACLs** with least-privilege, deny-by-default roles.\n- Restrict network access to trusted sources and audit access regularly.",
+      "Url": "https://hub.prowler.com/check/elasticache_redis_replication_group_auth_enabled"
     }
   },
-  "Categories": [],
+  "Categories": [
+    "identity-access"
+  ],
   "DependsOn": [],
   "RelatedTo": [],
   "Notes": ""

prowler/providers/aws/services/elasticbeanstalk/elasticbeanstalk_environment_cloudwatch_logging_enabled/elasticbeanstalk_environment_cloudwatch_logging_enabled.metadata.json CHANGED Viewed

@@ -1,28 +1,34 @@
 {
   "Provider": "aws",
   "CheckID": "elasticbeanstalk_environment_cloudwatch_logging_enabled",
-  "CheckTitle": "Elastic Beanstalk environment should stream logs to CloudWatch",
+  "CheckTitle": "Elastic Beanstalk environment streams logs to CloudWatch Logs",
   "CheckType": [
-    "Software and Configuration Checks/AWS Security Best Practices"
+    "Software and Configuration Checks/AWS Security Best Practices/Runtime Behavior Analysis",
+    "TTPs/Defense Evasion"
   ],
   "ServiceName": "elasticbeanstalk",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:aws:elasticbeanstalk:{region}:{account-id}:environment/{environment-id}",
+  "ResourceIdTemplate": "",
   "Severity": "high",
   "ResourceType": "AwsElasticBeanstalkEnvironment",
-  "Description": "This control checks whether an Elastic Beanstalk environment is configured to send logs to CloudWatch Logs. The control fails if an Elastic Beanstalk environment isn't configured to send logs to CloudWatch Logs.",
-  "Risk": "Without log streaming to CloudWatch, it becomes difficult to monitor and troubleshoot your Elastic Beanstalk environments, which can lead to missed events or security incidents.",
-  "RelatedUrl": "https://docs.aws.amazon.com/config/latest/developerguide/elastic-beanstalk-logs-to-cloudwatch.html",
+  "Description": "**Elastic Beanstalk environments** are configured to stream instance and proxy logs to **Amazon CloudWatch Logs** via the `StreamLogs` setting",
+  "Risk": "Without **centralized logging** to CloudWatch, logs may be lost during rotation or instance termination, delaying detection and response. Attackers can delete local logs to evade audits, hiding evidence of web attacks or config tampering and undermining **confidentiality**, **integrity**, and **availability**.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.cloudwatchlogs.html",
+    "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-logging.html",
+    "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-3"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticbeanstalk update-environment --environment-id <environment-id> --option-settings Namespace=aws:elasticbeanstalk:environment:proxy:logging,OptionName=StreamLogs,Value=true",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-3",
-      "Terraform": ""
+      "CLI": "aws elasticbeanstalk update-environment --environment-name <example_resource_name> --option-settings Namespace=aws:elasticbeanstalk:cloudwatch:logs,OptionName=StreamLogs,Value=true",
+      "NativeIaC": "```yaml\nResources:\n  <example_resource_name>:\n    Type: AWS::ElasticBeanstalk::Environment\n    Properties:\n      ApplicationName: \"<example_resource_name>\"\n      PlatformArn: \"<platform_arn>\"\n      OptionSettings:\n        - Namespace: aws:elasticbeanstalk:cloudwatch:logs\n          OptionName: StreamLogs\n          Value: \"true\"  # Critical: Enables instance log streaming to CloudWatch Logs\n```",
+      "Other": "1. Open the AWS Elastic Beanstalk console and select your environment\n2. Go to Configuration > Updates, monitoring, and logging > Edit\n3. Under \"Instance log streaming to CloudWatch Logs\", set Log streaming to Activated\n4. Click Apply to save",
+      "Terraform": "```hcl\nresource \"aws_elastic_beanstalk_environment\" \"<example_resource_name>\" {\n  name         = \"<example_resource_name>\"\n  application  = \"<example_resource_name>\"\n  platform_arn = \"<platform_arn>\"\n\n  # Critical: Enables instance log streaming to CloudWatch Logs\n  setting {\n    namespace = \"aws:elasticbeanstalk:cloudwatch:logs\"\n    name      = \"StreamLogs\"\n    value     = \"true\"\n  }\n}\n```"
     },
     "Recommendation": {
-      "Text": "Enable log streaming to CloudWatch for your Elastic Beanstalk environment to monitor and retain logs.",
-      "Url": "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.cloudwatchlogs.html#AWSHowTo.cloudwatchlogs.streaming"
+      "Text": "Enable streaming to **CloudWatch Logs**. Set sensible retention, avoid deletion on termination, and restrict access with least-privilege IAM. Add metric filters and alerts for early detection, and retain archives to support **forensics**, **accountability**, and **defense in depth**.",
+      "Url": "https://hub.prowler.com/check/elasticbeanstalk_environment_cloudwatch_logging_enabled"
     }
   },
   "Categories": [

prowler/providers/aws/services/elasticbeanstalk/elasticbeanstalk_environment_enhanced_health_reporting/elasticbeanstalk_environment_enhanced_health_reporting.metadata.json CHANGED Viewed

@@ -1,28 +1,33 @@
 {
   "Provider": "aws",
   "CheckID": "elasticbeanstalk_environment_enhanced_health_reporting",
-  "CheckTitle": "Elastic Beanstalk environments should have enhanced health reporting enabled",
+  "CheckTitle": "Elastic Beanstalk environment has enhanced health reporting enabled",
   "CheckType": [
-    "Software and Configuration Checks/AWS Security Best Practices"
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/AWS Security Best Practices/Runtime Behavior Analysis"
   ],
   "ServiceName": "elasticbeanstalk",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:aws:elasticbeanstalk:{region}:{account-id}:environment/{environment-id}",
+  "ResourceIdTemplate": "",
   "Severity": "low",
   "ResourceType": "AwsElasticBeanstalkEnvironment",
-  "Description": "This control checks whether enhanced health reporting is enabled for your AWS Elastic Beanstalk environments.",
-  "Risk": "Without enhanced health reporting, you may face delays in detecting and responding to issues in your Elastic Beanstalk environment, affecting application availability and performance.",
-  "RelatedUrl": "https://docs.aws.amazon.com/config/latest/developerguide/beanstalk-enhanced-health-reporting-enabled.html",
+  "Description": "**Elastic Beanstalk environments** have health reporting set to `enhanced` instead of basic.",
+  "Risk": "Without **enhanced health**, issues are detected late, raising MTTR and enabling **service outages**. Hidden instance failures or bad deployments can create uneven fleets, degrading **availability** and potentially **integrity** (serving stale versions), while error spikes and thrash increase operational cost.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/health-enhanced-enable.html#health-enhanced-enable-console",
+    "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-1"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticbeanstalk update-environment --environment-id <environment-id> --option-settings Namespace=aws:elasticbeanstalk:healthreporting:system,OptionName=EnhancedHealthReporting,Value=enabled",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-1",
-      "Terraform": ""
+      "CLI": "aws elasticbeanstalk update-environment --environment-name <environment-name> --option-settings Namespace=aws:elasticbeanstalk:healthreporting:system,OptionName=SystemType,Value=enhanced",
+      "NativeIaC": "```yaml\n# CloudFormation: enable enhanced health reporting for an Elastic Beanstalk environment\nResources:\n  <example_resource_name>:\n    Type: AWS::ElasticBeanstalk::Environment\n    Properties:\n      ApplicationName: <example_resource_name>\n      EnvironmentName: <example_resource_name>\n      SolutionStackName: <example_solution_stack>\n      OptionSettings:\n        - Namespace: aws:elasticbeanstalk:healthreporting:system\n          OptionName: SystemType  # Critical: selects the enhanced health reporting system\n          Value: enhanced          # Critical: sets health reporting to enhanced\n```",
+      "Other": "1. Open the AWS Elastic Beanstalk console and select your Region\n2. Go to Environments and choose your environment\n3. Select Configuration > Monitoring > Edit\n4. Under Health reporting, set System to Enhanced\n5. Click Apply to save the change",
+      "Terraform": "```hcl\n# Terraform: enable enhanced health reporting for an Elastic Beanstalk environment\nresource \"aws_elastic_beanstalk_environment\" \"<example_resource_name>\" {\n  name                = \"<example_resource_name>\"\n  application         = \"<example_resource_name>\"\n  solution_stack_name = \"<example_solution_stack>\"\n\n  setting {\n    namespace = \"aws:elasticbeanstalk:healthreporting:system\"\n    name      = \"SystemType\"  # Critical: selects the enhanced health reporting system\n    value     = \"enhanced\"    # Critical: sets health reporting to enhanced\n  }\n}\n```"
     },
     "Recommendation": {
-      "Text": "Enable enhanced health reporting in your Elastic Beanstalk environments for better monitoring and faster issue detection.",
-      "Url": "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/health-enhanced-enable.html#health-enhanced-enable-console"
+      "Text": "Set health reporting to `enhanced` for all environments and make it a security baseline. Connect health signals to alerts for rapid response. Apply **least privilege** to required roles and use **defense in depth** with auto-healing, alarms, and runbooks to prevent prolonged degradation.",
+      "Url": "https://hub.prowler.com/check/elasticbeanstalk_environment_enhanced_health_reporting"
     }
   },
   "Categories": [

prowler/providers/aws/services/elasticbeanstalk/elasticbeanstalk_environment_managed_updates_enabled/elasticbeanstalk_environment_managed_updates_enabled.metadata.json CHANGED Viewed

@@ -1,28 +1,34 @@
 {
   "Provider": "aws",
   "CheckID": "elasticbeanstalk_environment_managed_updates_enabled",
-  "CheckTitle": "Elastic Beanstalk managed platform updates should be enabled",
+  "CheckTitle": "Elastic Beanstalk environment has managed platform updates enabled",
   "CheckType": [
+    "Software and Configuration Checks/Patch Management",
     "Software and Configuration Checks/AWS Security Best Practices"
   ],
   "ServiceName": "elasticbeanstalk",
   "SubServiceName": "",
-  "ResourceIdTemplate": "arn:aws:elasticbeanstalk:{region}:{account-id}:environment/{environment-id}",
+  "ResourceIdTemplate": "",
   "Severity": "high",
   "ResourceType": "AwsElasticBeanstalkEnvironment",
-  "Description": "This control checks whether managed platform updates are enabled for an Elastic Beanstalk environment. The control fails if no managed platform updates are enabled.",
-  "Risk": "If managed platform updates are not enabled, the environment might miss critical security patches and updates, which can expose it to vulnerabilities.",
-  "RelatedUrl": "https://docs.aws.amazon.com/config/latest/developerguide/elastic-beanstalk-managed-updates-enabled.html",
+  "Description": "**Elastic Beanstalk environments** with **managed platform updates** enabled (`ManagedActionsEnabled: true`) automatically apply platform patch/minor updates during a scheduled maintenance window.",
+  "Risk": "Without automatic platform updates, environments may run **vulnerable OS/runtime versions**, enabling exploitation of known CVEs, RCE, or privilege escalation.\n\nPatch drift also increases instability, harming **availability** and undermining application **integrity**.",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-2",
+    "https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ElasticBeanstalk/managed-platform-updates.html",
+    "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environment-platform-update-managed.html"
+  ],
   "Remediation": {
     "Code": {
-      "CLI": "aws elasticbeanstalk update-environment --environment-id <environment-id> --option-settings Namespace=aws:elasticbeanstalk:environment:ManagedActions,OptionName=ManagedActionsEnabled,Value=true",
-      "NativeIaC": "",
-      "Other": "https://docs.aws.amazon.com/securityhub/latest/userguide/elasticbeanstalk-controls.html#elasticbeanstalk-2",
-      "Terraform": ""
+      "CLI": "aws elasticbeanstalk update-environment --environment-name <environment-name> --option-settings Namespace=aws:elasticbeanstalk:managedactions,OptionName=ManagedActionsEnabled,Value=true",
+      "NativeIaC": "```yaml\nResources:\n  <example_resource_name>:\n    Type: AWS::ElasticBeanstalk::Environment\n    Properties:\n      ApplicationName: <example_resource_name>\n      SolutionStackName: <example_resource_name>\n      OptionSettings:\n        - Namespace: aws:elasticbeanstalk:managedactions\n          OptionName: ManagedActionsEnabled  # Critical: enables managed platform updates\n          Value: \"true\"                      # Critical: set to true to pass the check\n```",
+      "Other": "1. Open the AWS Management Console and go to Elastic Beanstalk\n2. Select your environment\n3. Choose Configuration\n4. In Managed updates, click Edit\n5. Turn Managed updates to Enabled\n6. Click Apply/Save",
+      "Terraform": "```hcl\nresource \"aws_elastic_beanstalk_environment\" \"<example_resource_name>\" {\n  name                = \"<example_resource_name>\"\n  application         = \"<example_resource_name>\"\n  solution_stack_name = \"<example_resource_name>\"\n\n  setting {\n    namespace = \"aws:elasticbeanstalk:managedactions\"\n    name      = \"ManagedActionsEnabled\"   # Critical: enables managed platform updates\n    value     = \"true\"                    # Critical: set to true to pass the check\n  }\n}\n```"
     },
     "Recommendation": {
-      "Text": "Enable managed platform updates for your Elastic Beanstalk environment to ensure the latest security patches and updates are applied.",
-      "Url": "https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environment-platform-update-managed.html"
+      "Text": "Enable **managed platform updates** with a set maintenance window and choose an update level (`patch` or `minor`). Ensure **enhanced health** is on and the update role follows **least privilege**. Validate in staging, roll out gradually, and stagger windows across environments to strengthen **defense in depth** and resilience.",
+      "Url": "https://hub.prowler.com/check/elasticbeanstalk_environment_managed_updates_enabled"
     }
   },
   "Categories": [

prowler-cloud 5.13.1__py3-none-any.whl → 5.14.1__py3-none-any.whl

prowler-cloud 5.13.1py3-none-any.whl → 5.14.1py3-none-any.whl