Azure - filtering scans by Resource Groups

[vwkE67JR6M]

Feature search

• I have searched the existing issues and this feature has not been requested yet or is already in our Public Roadmap

Which component would this feature affect?

Prowler CLI/SDK

Related to specific cloud provider?

Azure

New feature motivation

At first thank you for the wonderful tool! I'd like to ask if it's possible to implement a simple switch for Azure scans that narrows down scans to a certain Resource Group. I often audit customers' Azure environments, but most often they request only one (or two) RGs to be validated, corresponding to the environment of some application - not entire Azure tenant/sub.

Solution Proposed

Adding a CLI arg for Azure scans like --resource-group group1 group2 that narrow searches to given RGs.

Use case and benefits

1. Scans are faster, especially for large subscriptions.
2. Scans consume less memory and disk, especially with Cloud Shell for large subscriptions.
3. Scans are compliant with customer's scope ("Please audit only RG 'foo', 'bar' is out of scope").

Describe alternatives you've considered

For now I'm parsing JSON output with jq:

jq '.[] | select(.resources[].data.metadata.id|test("some-resource-group")?)' prowler-output-xxx.ocsf.json

Then load into my own simple HTML viewer. It does not, however, solve the problems described above in "use cases and benefits".

Additional context

No response

[jfagoagas]

Hi @vwkE67JR6M this would be a great addition for Prowler's CLI. Currently this is not in our roadmap but we are looking for new contributors hence contributions. If you are interested in working on this let us know. We/you can create an implementation plan, validate it and the assign the issue to you.

Thanks for using Prowler!