Prowler Scan says "No Findings" on an Active AWS Account (ap-southeast-2: Sydney region)

[yusryyesneen]

Hello Prowler Team,

I have installed Prowler on my workstation(Laptop) to perform a security assessment of our AWS environment. While the tool runs, it incorrectly reports that there are no security findings.

My Environment:

Workstation OS: Windows 11

Python Version: 3.10.9

Prowler version: Prowler 5.13.1 (You are running the latest version, yay!)

Steps to Reproduce:

Installed Prowler on my workstation (laptop).

Configured AWS credentials for a read-only IAM user (prowler-scanner) with the recommended SecurityAudit, ViewOnlyAccess, and custom policies attached. I just gave aws configure without a profile because I have not created access keys before for other users. Using default profile.

Ran the scan using the command: prowler aws

Actual Behavior:
The scan initializes correctly and runs for a significant amount of time (approximately 10-15 minutes), executing over 500 checks. However, upon completion, the final output is:
There are no findings in Account <ACCOUNT_ID>

Expected Behavior:
I expect the scan to produce a report containing a mix of PASS and FAIL statuses, as the target AWS account is active and contains numerous resources (EC2, S3, IAM, etc.) with a variety of configurations. A result of zero findings is not plausible.

Supporting Information:
To confirm my credentials and permissions are working, I can successfully use the AWS CLI with the same profile to list resources (e.g., aws ec2 describe-instances), proving that resources exist and are visible to the IAM user. This suggests the issue lies within Prowler's assessment or reporting phase.

Could you please provide guidance on what might be causing Prowler to miss or suppress all findings?

[danibarranqueroo]

Hi @yusryyesneen! I already answered you on our slack community, let's continue talking there!