.env.example

# AWS credentials for Prowler container
AWS_ACCESS_KEY_ID=AKIAXX...XXXX
AWS_SECRET_ACCESS_KEY=your-s...here
AWS_DEFAULT_REGION=us-east-1

# Prowler dry-run — set to false to actually scan (requires IAM role with read permissions)
PROWLER_DRY_RUN=true

# Remediation mode
#  - daemon: continuously poll for new findings and enqueue remediation
#  - once: process all existing files then exit
REMEDIATION_MODE=daemon

# Set to "true" to actually apply remediation changes to AWS (DANGEROUS — default is dry-run)
REMEDIATION_APPLY=false

# Output directory for Prowler JSON findings
OUTPUT_DIR=./output

# Findings SQLite database
FINDINGS_DB=./consumer/findings.db
Initial commit: prowler-ops 2026-05-08 17:45:30 -05:00			`# AWS credentials for Prowler container`
			`AWS_ACCESS_KEY_ID=AKIAXX...XXXX`
			`AWS_SECRET_ACCESS_KEY=your-s...here`
			`AWS_DEFAULT_REGION=us-east-1`

			`# Prowler dry-run — set to false to actually scan (requires IAM role with read permissions)`
			`PROWLER_DRY_RUN=true`

			`# Remediation mode`
			`# - daemon: continuously poll for new findings and enqueue remediation`
			`# - once: process all existing files then exit`
			`REMEDIATION_MODE=daemon`

			`# Set to "true" to actually apply remediation changes to AWS (DANGEROUS — default is dry-run)`
			`REMEDIATION_APPLY=false`

			`# Output directory for Prowler JSON findings`
			`OUTPUT_DIR=./output`

			`# Findings SQLite database`
			`FINDINGS_DB=./consumer/findings.db`