ghstshdw
22 lines
667 B
Bash
22 lines
667 B
Bash
# AWS credentials for Prowler container
|
|
AWS_ACCESS_KEY_ID=AKIAXX...XXXX
|
|
AWS_SECRET_ACCESS_KEY=your-s...here
|
|
AWS_DEFAULT_REGION=us-east-1
|
|
|
|
# Prowler dry-run — set to false to actually scan (requires IAM role with read permissions)
|
|
PROWLER_DRY_RUN=true
|
|
|
|
# Remediation mode
|
|
# - daemon: continuously poll for new findings and enqueue remediation
|
|
# - once: process all existing files then exit
|
|
REMEDIATION_MODE=daemon
|
|
|
|
# Set to "true" to actually apply remediation changes to AWS (DANGEROUS — default is dry-run)
|
|
REMEDIATION_APPLY=false
|
|
|
|
# Output directory for Prowler JSON findings
|
|
OUTPUT_DIR=./output
|
|
|
|
# Findings SQLite database
|
|
FINDINGS_DB=./consumer/findings.db
|