Turn the spotlights on the people Switch the dial and eat the worm Take your chances, kill the engine Drop your bombs and let it burn

Enjoy the last release of Prowler v3 🤘🏽🔥 with this Iron Maiden song!

New features to highlight in this version

💪🏼 17 New Azure checks

• Prowler is improving its Azure coverage by including 17 new checks that appears in the CIS Benchmark v2.0.0 and v2.1.0. See all the new available checks with prowler azure --list-checks

🔒 Azure CIS v2.0 and v2.1 coverage

• Prowler includes coverage for two new compliance frameworks for Azure CIS, v2.0.0 and v2.1.0. You can execute these new frameworks with prowler azure --compliance cis_2.1_azure

🔧 More fixes and updates for all the providers

Features

• feat(azure): New check related with diagnostics settings in subscriptions by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3539
• feat(azure): New check related with logging in Azure Key Vault by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3496
• feat(azure):App check related with http logs by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3568
• feat(entra): New 11 checks related with Microsoft Entra ID by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3585
• feat(azure): New check related with trusted launch in vm by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3616
• feat(azure) New Microsoft Entra ID checks by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3610
• feat(entra): Manage 403 error for getting user authentication methods by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3624
• feat(azure): Check related with roles and vm access with mfa by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3638
• feat(compliance): Add new CIS 2.0 / 2.1 compliance framework for Azure by @pedrooot in https://github.com/prowler-cloud/prowler/pull/3626

Fixes

• fix(metadata): change ResourceType Type for AWS Inline Policy Check by @gabrielsoltz in https://github.com/prowler-cloud/prowler/pull/3599
• fix(sts): handle China STS regions by @sergargar in https://github.com/prowler-cloud/prowler/pull/3613
• fix(azure): fixed check vm_ensure_using_managed_disks metadata by @Hugo966 in https://github.com/prowler-cloud/prowler/pull/3617
• fix(aws): break loop after FAIL in SQS and SNS checks by @kagahd in https://github.com/prowler-cloud/prowler/pull/3618
• fix(azure): normalize tenant domain set in checks by @sergargar in https://github.com/prowler-cloud/prowler/pull/3641
• fix(cis_2.0_azure): add remaining requirement with id 1.25 by @pedrooot in https://github.com/prowler-cloud/prowler/pull/3646
• fix(azure): add DefaultValue to Azure CIS compliance by @pedrooot in https://github.com/prowler-cloud/prowler/pull/3652

Documentation

• docs: Update number of Azure checks by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3639
• docs(azure): Add new permissions necessary from Microsoft Entra ID by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3648

Chores

• chore(regions_update): Changes in regions for AWS services. by @n4ch04 in https://github.com/prowler-cloud/prowler/pull/3598, https://github.com/prowler-cloud/prowler/pull/3609, https://github.com/prowler-cloud/prowler/pull/3615, https://github.com/prowler-cloud/prowler/pull/3621, https://github.com/prowler-cloud/prowler/pull/3637, https://github.com/prowler-cloud/prowler/pull/3647
• chore(version): update Prowler version by @sergargar in https://github.com/prowler-cloud/prowler/pull/3614
• chore(apigateway): Handle NotFoundException by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3623
• chore(action): Prepare containers release for v4 by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3597
• chore(entra): Moving constants from checks and services to config file by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3645
• chore(azure): Fix AKS and App tests to new format by @puchy22 in https://github.com/prowler-cloud/prowler/pull/3651

Dependencies

• build(deps): bump trufflesecurity/trufflehog from 3.70.2 to 3.71.0 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3603
• build(deps): bump crazy-max/ghaction-import-gpg from 4 to 6 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3604
• build(deps-dev): bump mkdocs-material from 9.5.14 to 9.5.15 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3606
• build(deps-dev): bump pytest-cov from 4.1.0 to 5.0.0 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3607
• build(deps): bump google-api-python-client from 2.122.0 to 2.123.0 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3608
• build(deps): bump tj-actions/changed-files from 43 to 44 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3627
• build(deps): bump trufflesecurity/trufflehog from 3.71.0 to 3.71.2 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3628
• build(deps): bump google-api-python-client from 2.123.0 to 2.124.0 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3630
• build(deps-dev): bump mkdocs-material from 9.5.15 to 9.5.17 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3633
• build(deps-dev): bump safety from 3.0.1 to 3.1.0 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3632
• build(deps-dev): bump moto from 5.0.3 to 5.0.4 by @dependabot in https://github.com/prowler-cloud/prowler/pull/3629

Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.15.3...3.16.0