Run Prowler from AWS CloudShell in seconds

Toni de la Fuente AWS

Using AWS CloudShell is probably the easier an quicker way to run Prowler in your AWS account.

Just start AWS CloudShell and run these commands:

git clone https://github.com/toniblyx/prowler
pip3 install detect-secrets --user
cd prowler 
./prowler

If you run Prowler and realize that takes more time that the CloudShell session you can use screen command line tool for that (screen manager with VT100/ANSI terminal emulation). To install it:

sudo yum install screen -y

Run Prowler in a screen session:

screen -dmS prowler sh -c "./prowler -M html"

Check existing running screen sessions:

screen -ls

Attach to the Prowler session:

screen -r prowler

Use ‘Ctrl+a d’ to detach without terminating.

If you want to run Prowler from CloudShell against multiple accounts, first declare a variable with all account you want to assess:

export AWS_ACCOUNTS='1111111 222222 333333'

Then, make sure you have a role to assume on each of those accounts. See this template (create_role_to_assume_cfn.yaml) that may help, then run this command:

for accountId in $AWS_ACCOUNTS; do  screen -dmS prowler sh -c "./prowler -A $accountId -R ProwlerExecRole -M csv,json,html"; done

For more options and details go to: https://github.com/toniblyx/prowler or run ./prowler -h.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.