Prowler: EKS or ECS Scanning

Table of Contents

• Running Default ECR and EKS Checks
• Running Specific Checks
• Using a Custom Checks Folder
• Filtering by Categories or Severity
• Output Formats
• Example Command

Running Custom Checks for ECR and EKS Using Prowler

To run custom checks for Elastic Container Registry (ECR) and Elastic Kubernetes Service (EKS) using Prowler, you need to follow these steps:

1. Specify Services: You can directly specify the ECR and EKS services using the -service or -services option.
2. Add Custom Checks: If you have custom checks, you can add them using a custom checks folder with the -checks-folder option and specify those custom checks with the -check option.

Here's how you can run the specified checks for ECR and EKS:

Running Default ECR and EKS Checks

Use the --service option to specify ECR and EKS:

prowler aws --service ecr eks

Running Specific Checks

If you know specific check IDs for ECR and EKS, you can use the --check option to run only those checks. For example:

prowler aws --check check_id_for_ecr_1 check_id_for_ecr_2 check_id_for_eks_1 check_id_for_eks_2

Using a Custom Checks Folder

If you have custom checks scripts and metadata, place them in a folder. The structure should follow Prowler's custom checks guidelines.

• Example folder structure:
Copy

custom-checks/
├── check_ecr_custom1/
│   ├── check_ecr_custom1.py
│   ├── check_ecr_custom1_metadata.yaml
├── check_eks_custom1/
│   ├── check_eks_custom1.py
│   ├── check_eks_custom1_metadata.yaml

• Using the -checks-folder option:
Copy

prowler aws --checks-folder custom-checks --check check_ecr_custom1 check_eks_custom1

Filtering by Categories or Severity

You can also filter checks by categories or severity if your custom checks are categorized accordingly:

prowler aws --service ecr eks --category "Container Security" --severity medium high

Output Formats

Customize the output format and directory as needed:

prowler aws --service ecr eks --output-formats csv html --output-directory ./prowler-reports

Example Command

Combining the above options, a full example command might look like this:

prowler aws --service ecr eks --checks-folder custom-checks --check check_ecr_custom1 check_eks_custom1 --output-formats csv html --output-directory ./prowler-reports

Make sure the custom checks and metadata files are compliant with Prowler's expected format for it to execute them correctly.

Refer to Prowler's official documentation for more detailed information on custom checks and metadata formats: Prowler Custom Checks Documentation.