Prowler is an open-source cloud security tool that performs security assessments, audits, and compliance checks across AWS, Azure, GCP, Microsoft 365, and Kubernetes. It maps findings to frameworks including CIS, SOC2, ISO27001, GDPR, HIPAA, and more, and supports multiple output formats.

• Multi-cloud: AWS, Azure, GCP, M365, Kubernetes
• Output formats: CSV, JSON, HTML, and OCSF
• Maps to CIS, SOC2, ISO27001, NIST, HIPAA, and other frameworks
• Supports filtering by service, severity, region, and subscription

Prowler runs in a Python virtual environment.

cd /opt/prowler/
. prowler.sh          # activates the venv; also updates Prowler on each run

Note: Prowler requires Python 3.12. Python 3.13 is not yet supported.

Prowler does not handle cloud authentication. Authenticate to your provider before running. See Cloud Authentication via CLI.

prowler aws -M csv json-asff json-ocsf html \
    --profile <profile> \
    --region <region>    # e.g. ap-southeast-2

prowler azure --az-cli-auth -M csv html
# Optionally scope to specific subscriptions
prowler azure --az-cli-auth -M csv html \
    --subscription-ids <subscription-id>

prowler gcp -M csv html

prowler m365 --az-cli-auth -M csv  html

prowler kubernetes -M csv  html

# Run only specific checks
prowler aws --checks s3_bucket_public_access s3_bucket_no_mfa_delete

# Run checks for a specific service
prowler aws --services s3 iam ec2

# Run only CRITICAL and HIGH severity checks
prowler aws --severity critical high

• If Killed appears mid-execution, the container VM has insufficient memory. Recreate the Podman VM with more RAM (minimum 4GB recommended, 8GB for large environments).

• GitHub Repo