HiveBrain v1.2.0
Get Started
← Back to all entries
snippetbashTip

prowler azure — Assess Azure security best practices, perform audits, compliance checks, and generate reports. See a

Submitted by: @import:tldr-pages··
0
Viewed 0 times
clitldrprowler azurecommand-line
commandprowler azureazuresecuritypracticesassessclibest

Problem

How to use the prowler azure command: Assess Azure security best practices, perform audits, compliance checks, and generate reports. See also: prowler, prowler-aws, prowler-gcp, prowler-kubernetes, prowler-m365, prowler-github. More information: <https://docs.prowler.com/user-guide/cli/tutorials/misc>.

Solution

prowler azure — Assess Azure security best practices, perform audits, compliance checks, and generate reports. See also: prowler, prowler-aws, prowler-gcp, prowler-kubernetes, prowler-m365, prowler-github. More information: <https://docs.prowler.com/user-guide/cli/tutorials/misc>.

Run the default set of checks on the current Azure account using Azure CLI authentication:
prowler azure --az-cli-auth


Run checks for specific Azure subscriptions:
prowler azure --az-cli-auth --subscription-ids {{subscription_id1 subscription_id2 ...}}


Authenticate using a service principal via environment variables:
prowler azure --sp-env-auth


Authenticate using browser login and specify a tenant ID:
prowler azure --browser-auth --tenant-id "{{XXXXXXXX}}"


Authenticate using a managed identity (e.g. for Azure VM):
prowler azure --managed-identity-auth


Run checks for selected Azure services:
prowler azure {{[-s|--services]}} {{defender|iam|...}}


Run a specific Azure check:
prowler azure {{[-c|--checks]}} {{storage_blob_public_access_level_is_disabled}}


Exclude specific checks or services:
prowler azure {{[-e|--excluded-checks]}} {{storage_blob_public_access_level_is_disabled}} --exclude-services {{defender|iam|...}}

Code Snippets

Run the default set of checks on the current Azure account using Azure CLI authentication

prowler azure --az-cli-auth

Run checks for specific Azure subscriptions

prowler azure --az-cli-auth --subscription-ids {{subscription_id1 subscription_id2 ...}}

Authenticate using a service principal via environment variables

prowler azure --sp-env-auth

Authenticate using browser login and specify a tenant ID

prowler azure --browser-auth --tenant-id "{{XXXXXXXX}}"

Authenticate using a managed identity (e.g. for Azure VM)

prowler azure --managed-identity-auth

Context

tldr-pages: common/prowler azure

Revisions (0)

No revisions yet.