chore(aws): Replace audit_info for provider

docs/tutorials/mutelist.md

@@ -114,7 +114,7 @@ You will need to pass the S3 URI where your Mute List YAML file was uploaded to
 prowler aws -w s3://<bucket>/<prefix>/mutelist.yaml
 ```
 ???+ note
-    Make sure that the used AWS credentials have s3:GetObject permissions in the S3 path where the allowlist file is located.
+    Make sure that the used AWS credentials have `s3:GetObject` permissions in the S3 path where the mutelist file is located.
 
 ### AWS DynamoDB Table ARN
 

prowler/config/config.yaml

@@ -1,10 +1,10 @@
 # AWS Configuration
 aws:
   # AWS Global Configuration
-  # aws.allowlist_non_default_regions --> Set to True to allowlist failed findings in non-default regions for AccessAnalyzer, GuardDuty, SecurityHub, DRS and Config
-  allowlist_non_default_regions: False
-  # If you want to allowlist/mute failed findings only in specific regions, create a file with the following syntax and run it with `prowler aws -w allowlist.yaml`:
-  # Allowlist:
+  # aws.mute_non_default_regions --> Set to True to muted failed findings in non-default regions for AccessAnalyzer, GuardDuty, SecurityHub, DRS and Config
+  mute_non_default_regions: False
+  # If you want to mute failed findings only in specific regions, create a file with the following syntax and run it with `prowler aws -w mutelist.yaml`:
+  # Mutelist:
   #  Accounts:
   #   "*":
   #     Checks:

prowler/lib/outputs/models.py

@@ -6,6 +6,8 @@
 
 from prowler.config.config import prowler_version
 from prowler.lib.logger import logger
+from prowler.lib.utils.utils import outputs_unix_timestamp
+from prowler.providers.aws.models import AWSOrganizationsInfo
 
 
 def get_check_compliance(finding, provider_type, output_options) -> dict:

prowler/providers/aws/aws_provider.py

@@ -225,9 +225,11 @@ def __init__(self, arguments: Namespace):
         self._ignore_unused_services = ignore_unused_services
 
         # Audit Config
-        self._audit_config = load_and_validate_config_file(
-            self._type, arguments.config_file
-        )
+        self._audit_config = {}
+        if hasattr(arguments, "config_file"):
+            self._audit_config = load_and_validate_config_file(
+                self._type, arguments.config_file
+            )
 
     @property
     def identity(self):

prowler/providers/aws/lib/mutelist/mutelist.py

@@ -193,7 +193,7 @@ def is_muted_in_check(
             muted_regions = muted_check_info.get("Regions")
             muted_resources = muted_check_info.get("Resources")
             muted_tags = muted_check_info.get("Tags", "*")
-            # We need to set the allowlisted_tags if None, "" or [], so the falsy helps
+            # We need to set the muted_tags if None, "" or [], so the falsy helps
             if not muted_tags:
                 muted_tags = "*"
             # If there is a *, it affects to all checks

prowler/providers/aws/lib/quick_inventory/quick_inventory.py

@@ -15,10 +15,10 @@
 )
 from prowler.lib.logger import logger
 from prowler.providers.aws.lib.arn.models import get_arn_resource_type
-from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
 from prowler.providers.aws.lib.s3.s3 import send_to_s3_bucket
 
 
+# TODO(Audit_Info): use provider here
 def quick_inventory(audit_info: AWS_Audit_Info, args):
     resources = []
     global_resources = []
@@ -209,6 +209,7 @@ def create_inventory_table(resources: list, resources_in_region: dict) -> dict:
     return inventory_table
 
 
+# TODO(Audit_Info): use provider here
 def create_output(resources: list, audit_info: AWS_Audit_Info, args):
     json_output = []
     # Check if custom output filename was input, if not, set the default
@@ -302,6 +303,7 @@ def create_output(resources: list, audit_info: AWS_Audit_Info, args):
             )
 
 
+# TODO(Audit_Info): use provider here
 def get_regional_buckets(audit_info: AWS_Audit_Info, region: str) -> list:
     regional_buckets = []
     s3_client = audit_info.audit_session.client("s3", region_name=region)

prowler/providers/aws/lib/resource_api_tagging/resource_api_tagging.py

@@ -1,11 +1,10 @@
 import sys
 
 from prowler.lib.logger import logger
-from prowler.providers.aws.aws_provider import generate_regional_clients
-from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
 
 
-def get_tagged_resources(input_resource_tags: list, current_audit_info: AWS_Audit_Info):
+# TODO(aws): Remove from the provider or from here
+def get_tagged_resources(input_resource_tags: list, provider):
     """
     get_tagged_resources returns a list of the resources that are going to be scanned based on the given input tags
     """
@@ -17,8 +16,8 @@ def get_tagged_resources(input_resource_tags: list, current_audit_info: AWS_Audi
             value = tag.split("=")[1]
             resource_tags.append({"Key": key, "Values": [value]})
         # Get Resources with resource_tags for all regions
-        for regional_client in generate_regional_clients(
-            "resourcegroupstaggingapi", current_audit_info
+        for regional_client in provider.generate_regional_clients(
+            "resourcegroupstaggingapi"
         ).values():
             try:
                 get_resources_paginator = regional_client.get_paginator("get_resources")

prowler/providers/aws/services/globalaccelerator/globalaccelerator_service.py

@@ -11,7 +11,7 @@ def __init__(self, provider):
         # Call AWSService's __init__
         super().__init__(__class__.__name__, provider)
         self.accelerators = {}
-        if provider.audited_partition == "aws":
+        if self.audited_partition == "aws":
             # Global Accelerator is a global service that supports endpoints in multiple AWS Regions
             # but you must specify the US West (Oregon) Region to create, update, or otherwise work with accelerators.
             # That is, for example, specify --region us-west-2 on AWS CLI commands.

prowler/providers/aws/services/trustedadvisor/trustedadvisor_service.py

@@ -17,15 +17,13 @@ def __init__(self, provider):
         self.premium_support = PremiumSupport(enabled=False)
         # Support API is not available in China Partition
         # But only in us-east-1 or us-gov-west-1 https://docs.aws.amazon.com/general/latest/gr/awssupport.html
-        if provider.audited_partition != "aws-cn":
-            if provider.audited_partition == "aws":
+        if self.audited_partition != "aws-cn":
+            if self.audited_partition == "aws":
                 support_region = "us-east-1"
             else:
                 support_region = "us-gov-west-1"
 
-            self.client = provider.audit_session.client(
-                self.service, region_name=support_region
-            )
+            self.client = self.session.client(self.service, region_name=support_region)
             self.client.region = support_region
             self.__describe_services__()
             if self.premium_support.enabled:

pyproject.toml

@@ -70,7 +70,7 @@ docker = "7.0.0"
 flake8 = "7.0.0"
 freezegun = "1.4.0"
 mock = "5.1.0"
-moto = {extras = ["all"], version = "5.0.2"}
+moto = {extras = ["all"], version = "5.0.3"}
 openapi-schema-validator = "0.6.2"
 openapi-spec-validator = "0.7.1"
 pylint = "3.1.0"

tests/lib/check/check_test.py

@@ -27,7 +27,7 @@
     get_checks_from_input_arn,
     get_regions_from_audit_resources,
 )
-from tests.providers.aws.audit_info_utils import set_mocked_aws_audit_info
+from tests.providers.aws.utils import set_mocked_aws_audit_info
 
 AWS_ACCOUNT_NUMBER = "123456789012"
 AWS_REGION = "us-east-1"

tests/lib/outputs/outputs_test.py

@@ -62,7 +62,6 @@
 )
 from prowler.lib.outputs.outputs import extract_findings_statistics, set_report_color
 from prowler.lib.utils.utils import hash_sha512, open_file
-from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
 from prowler.providers.common.models import Audit_Metadata
 
 AWS_ACCOUNT_ID = "123456789012"
@@ -72,6 +71,7 @@ class Test_Outputs:
     def test_fill_file_descriptors(self):
         audited_account = AWS_ACCOUNT_ID
         output_directory = f"{os.path.dirname(os.path.realpath(__file__))}"
+        # TODO(Audit_Info): use provider here
         audit_info = AWS_Audit_Info(
             session_config=None,
             original_session=None,

tests/lib/outputs/slack_test.py

@@ -7,7 +7,6 @@
     create_message_identity,
     send_slack_message,
 )
-from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
 from prowler.providers.azure.lib.audit_info.models import (
     Azure_Audit_Info,
     AzureIdentityInfo,
@@ -29,6 +28,7 @@ def mock_create_message_identity(*_):
 
 class Test_Slack_Integration:
     def test_create_message_identity(self):
+        # TODO(Audit_Info): use provider here
         aws_audit_info = AWS_Audit_Info(
             session_config=None,
             original_session=None,

tests/providers/aws/aws_provider_test.py

@@ -13,7 +13,7 @@
     get_global_region,
 )
 from prowler.providers.aws.lib.audit_info.models import AWS_Assume_Role
-from tests.providers.aws.audit_info_utils import (
+from tests.providers.aws.utils import (
     AWS_ACCOUNT_NUMBER,
     AWS_CHINA_PARTITION,
     AWS_GOV_CLOUD_PARTITION,