How does Prowler determine when a finding's Compliance Status is set to WARNING instead of FAILED|PASSED? #9052
-
|
Hi team, Some of these findings are related to resources deployed by AWS Control Tower, so I was trying to understand how Prowler classifies this "WARNING" state. I've read through the documentation, but the definition of the warning compliance status isn't very clear. It appears as a warning, even though the SNS topic policy has:
Could you please clarify: |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
|
Hi @leonardorosilva, That’s happening because you have muted findings, and Prowler uses You can see the exact line where we assign that value: prowler/prowler/lib/outputs/asff/asff.py Line 187 in c0df0cd |
Beta Was this translation helpful? Give feedback.
-
|
Hello @HugoPBrito Thanks for clarifying that! Would there be any other condition that could cause the |
Beta Was this translation helpful? Give feedback.
-
|
Hi again @leonardorosilva, Since you’re not using a custom mutelist, the default prowler mutelist for aws is being automatically applied (https://github.com/prowler-cloud/prowler/blob/v4.6/prowler/config/aws_mutelist.yaml). It’s configured to silence findings such as those from resources created by AWS Control Tower. That’s why those specific findings are being marked as warnings. I hope this answers your question! |
Beta Was this translation helpful? Give feedback.
-
|
Thank you so much. |
Beta Was this translation helpful? Give feedback.
-
|
My pleasure! |
Beta Was this translation helpful? Give feedback.
Hi again @leonardorosilva,
Since you’re not using a custom mutelist, the default prowler mutelist for aws is being automatically applied (https://github.com/prowler-cloud/prowler/blob/v4.6/prowler/config/aws_mutelist.yaml).
It’s configured to silence findings such as those from resources created by AWS Control Tower. That’s why those specific findings are being marked as warnings.
I hope this answers your question!