test: fix import path

.github/ISSUE_TEMPLATE/bug_report.md

@@ -15,30 +15,30 @@ PROTIP: record your screen and attach it as a gif to showcase the issue.
 - How to record and attach gif: https://bit.ly/2Mi8T6K
 -->
 
-**What happened?**  
+**What happened?**
 A clear and concise description of what the bug is or what is not working as expected
 
 
-**How to reproduce it**  
+**How to reproduce it**
 Steps to reproduce the behavior:
 1. What command are you running?
 2. Environment you have, like single account, multi-account, organizations, etc.
 3. See error
 
 
-**Expected behavior**  
+**Expected behavior**
 A clear and concise description of what you expected to happen.
 
 
-**Screenshots or Logs**  
+**Screenshots or Logs**
 If applicable, add screenshots to help explain your problem.
 Also, you can add logs (anonymize them first!). Here a command that may help to share a log
 `bash -x ./prowler -options > debug.log 2>&1` then attach here `debug.log`
 
 
-**From where are you running Prowler?**  
+**From where are you running Prowler?**
 Please, complete the following information:
- - Resource: [e.g. EC2 instance, Fargate task, Docker container manually, EKS, Cloud9, CodeBuild, workstation, etc.)  
+ - Resource: [e.g. EC2 instance, Fargate task, Docker container manually, EKS, Cloud9, CodeBuild, workstation, etc.)
  - OS: [e.g. Amazon Linux 2, Mac, Alpine, Windows, etc. ]
  - AWS-CLI Version [`aws --version`]:
  - Prowler Version [`./prowler -V`]:

.github/pull_request_template.md

@@ -1,4 +1,4 @@
-### Context 
+### Context
 
 Please include relevant motivation and context for this PR.
 

.github/workflows/build-lint-push-containers.yml

@@ -7,7 +7,7 @@ on:
     paths-ignore:
       - '.github/**'
       - 'README.md'
-      
+
   release:
     types: [published]
 

.github/workflows/refresh_aws_services_regions.yml

@@ -44,7 +44,7 @@ jobs:
             ### Description
 
             This PR updates the regions for AWS services.
-            
+
             ### License
 
             By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

.gitignore

@@ -9,6 +9,7 @@
 __pycache__
 venv/
 build/
+dist/
 *.egg-info/
 
 # Session

.pre-commit-config.yaml

@@ -57,7 +57,7 @@ repos:
     hooks:
       - id: pylint
         name: pylint
-        entry: bash -c 'pylint --disable=W,C,R,E -j 0 -rn -sn prowler/providers prowler/lib util prowler/config'
+        entry: bash -c 'pylint --disable=W,C,R,E -j 0 -rn -sn prowler/'
         language: system
 
       - id: pytest-check

LICENSE

@@ -198,4 +198,4 @@ Copyright 2018 Netflix, Inc.
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
-   limitations under the License.
+   limitations under the License.

contrib/cloudshell/README.md

@@ -2,11 +2,11 @@
 
 ### Use Case:
 
-Customers look to use multiple auditing tools in order to provide quick assessments about their AWS environments. These tools allow for reports to be generated for review by the customer and appropriate teams, which in turns helps them begin security remediation efforts. 
+Customers look to use multiple auditing tools in order to provide quick assessments about their AWS environments. These tools allow for reports to be generated for review by the customer and appropriate teams, which in turns helps them begin security remediation efforts.
 
 Prowler and ScoutSuite are two publicly available security auditing tools that provide comprehensive reports for customers using AWS.
 
-ShortCut is a mechanism for customers to use to run both Prowler and ScoutSuite within an AWS account, using AWS CloudShell. When customers use ShortCut, this allows for customers to quickly perform an audit on their environment, without having to provision IAM Access Keys or EC2 instances. 
+ShortCut is a mechanism for customers to use to run both Prowler and ScoutSuite within an AWS account, using AWS CloudShell. When customers use ShortCut, this allows for customers to quickly perform an audit on their environment, without having to provision IAM Access Keys or EC2 instances.
 
 ### Prerequisites:
 
@@ -54,4 +54,4 @@ screen -r scoutsuite
 
 8. In the Download File prompt, use the file path and file name to download the results.
 
-![Alt text](screenshots/download_prompt.png)
+![Alt text](screenshots/download_prompt.png)

contrib/cloudshell/shortcut.sh

@@ -17,7 +17,7 @@ mkdir ${account}-results
 cd ~
 git clone https://github.com/prowler-cloud/prowler
 pip3 install detect-secrets --user
-cd prowler 
+cd prowler
 screen -dmS prowler sh -c "./prowler -M csv,html;cd ~;zip -r ${account}-results/prowler-${account}.zip /home/cloudshell-user/prowler/output"
 
 # ScoutSuite

contrib/codebuild/codebuild-prowler-audit-account-cfn.yaml

@@ -12,14 +12,14 @@ Parameters:
     Type: Number
     Default: 3
     AllowedValues: [1, 3, 5, 7, 14, 30, 60, 90, 180, 365]
-  
+
   ProwlerOptions:
     Description: 'Options to pass to Prowler command, make sure at least -M junit-xml is used for CodeBuild reports. Use -r for the region to send API queries, -f to filter only one region, -M output formats, -c for comma separated checks, for all checks do not use -c or -g, for more options see -h. For a complete assessment use  "-M text,junit-xml,html,csv,json", for SecurityHub integration use "-r region -f region -M text,junit-xml,html,csv,json,json-asff -S -q"'
     Type: String
     # Prowler command below runs a set of checks, configure it base on your needs, no options will run all regions all checks.
     # option -M junit-xml is requirede in order to get the report in CodeBuild.
     Default: -r eu-west-1 -f eu-west-1 -M text,junit-xml,html,csv,json -c check11,check12,check13,check14
-  
+
   ProwlerScheduler:
     Description: The time when Prowler will run in cron format. Default is daily at 22:00h or 10PM 'cron(0 22 * * ? *)', for every 5 hours also works 'rate(5 hours)'. More info here https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html.
     Type: String
@@ -297,14 +297,14 @@ Resources:
                 python: 3.9
               commands:
                 - echo "Installing Prowler and dependencies..."
-                - pip3 install detect-secrets 
+                - pip3 install detect-secrets
             build:
               commands:
                 - echo "Running Prowler as ./prowler $PROWLER_OPTIONS"
-                - ./prowler $PROWLER_OPTIONS 
+                - ./prowler $PROWLER_OPTIONS
             post_build:
               commands:
-                - echo "Uploading reports to S3..." 
+                - echo "Uploading reports to S3..."
                 - aws s3 cp --sse AES256 output/ s3://$BUCKET_REPORT/ --recursive
                 - echo "Done!"
           reports:

contrib/html/generate-html-from-csv.sh

@@ -12,15 +12,15 @@
 # specific language governing permissions and limitations under the License.
 
 
-## This script helps to generate a single html report from a single or multiple csv 
+## This script helps to generate a single html report from a single or multiple csv
 # output reports.
 # I use it when I want to visualize multiple accounts reports in a single view.
-# Report information and Assessment Summary will be empty due to the variables 
+# Report information and Assessment Summary will be empty due to the variables
 # that are not set here.
 
 ## First: Remove the CSV header from each output report.
 
-## Second: If you want to aggretate all csv files in you can do like this: 
+## Second: If you want to aggretate all csv files in you can do like this:
 # find . -type f -name '*.csv' -exec cat {} + > prowler-output-unified-csv.file
 # use .file instead of .csv unless you want to get into an infinite loop ;)
 
@@ -30,7 +30,7 @@
 OUTPUT_FILE_NAME="report-unified-csv"
 EXTENSION_HTML="html"
 INPUT=$1
-IFS=',' # used inside the while loop for csv delimiter 
+IFS=',' # used inside the while loop for csv delimiter
 HTML_LOGO_URL="https://github.com/prowler-cloud/prowler/"
 HTML_LOGO_IMG="https://raw.githubusercontent.com/prowler-cloud/prowler/master/util/html/prowler-logo-new.png"
 
@@ -41,7 +41,7 @@ addHtmlHeader() {
   if [[ $PROFILE == "" ]];then
     PROFILE="ENV"
   fi
-  if [[ -z $HTML_REPORT_INIT ]]; then 
+  if [[ -z $HTML_REPORT_INIT ]]; then
   cat <<EOF
 <!DOCTYPE html>
 <html lang="en">
@@ -112,7 +112,7 @@ addHtmlHeader() {
             </li>
           </ul>
         </div>
-        * Sortable columns are CheckID (default) and Result 
+        * Sortable columns are CheckID (default) and Result
       </div>
     </div>
     <div class="row mt-3">
@@ -135,7 +135,7 @@ addHtmlHeader() {
           <tbody>
 EOF
 
-fi 
+fi
 }
 
 addHtmlFooter() {
@@ -170,7 +170,7 @@ unset HTML_REPORT_INIT
 
 addHtmlHeader > ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
 while IFS=, read -r PROFILE ACCOUNT_NUM REPREGION TITLE_ID RESULT SCORED LEVEL TITLE_TEXT NOTES ASFF_COMPLIANCE_TYPE CHECK_SEVERITY CHECK_SERVICENAME;do
-  if [[ $RESULT == "INFO" ]]; then 
+  if [[ $RESULT == "INFO" ]]; then
     echo '<tr class="table-info">' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td><i class="fas fa-info-circle"></i></td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>INFO</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
@@ -183,8 +183,8 @@ while IFS=, read -r PROFILE ACCOUNT_NUM REPREGION TITLE_ID RESULT SCORED LEVEL T
       echo '<td>'$TITLE_TEXT'</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>'$NOTES'</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
     echo '</tr>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
-  fi 
-  if [[ $RESULT == "PASS" ]]; then 
+  fi
+  if [[ $RESULT == "PASS" ]]; then
     echo '<tr class="p-3 mb-2 bg-success">' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td><i class="fas fa-thumbs-up"></i></td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>PASS</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
@@ -197,8 +197,8 @@ while IFS=, read -r PROFILE ACCOUNT_NUM REPREGION TITLE_ID RESULT SCORED LEVEL T
       echo '<td>'$TITLE_TEXT'</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>'$NOTES'</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
     echo '</tr>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
-  fi 
-  if [[ $RESULT == "FAIL" ]]; then 
+  fi
+  if [[ $RESULT == "FAIL" ]]; then
     echo '<tr class="table-danger" >' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td> <i class="fas fa-thumbs-down"></i></td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>FAIL</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
@@ -212,7 +212,7 @@ while IFS=, read -r PROFILE ACCOUNT_NUM REPREGION TITLE_ID RESULT SCORED LEVEL T
       echo '<td>'$NOTES'</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
     echo '</tr>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
   fi
-  if [[ $RESULT == "WARNING" ]]; then 
+  if [[ $RESULT == "WARNING" ]]; then
     echo '<tr class="table-warning">' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td><i class="fas fa-exclamation-triangle"></i></td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
       echo '<td>WARN</td>' >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
@@ -228,6 +228,3 @@ while IFS=, read -r PROFILE ACCOUNT_NUM REPREGION TITLE_ID RESULT SCORED LEVEL T
   fi
 done < $INPUT
 addHtmlFooter >> ${OUTPUT_FILE_NAME}.$EXTENSION_HTML
-
-
-

contrib/k8s/README.md

@@ -1,9 +1,9 @@
 ## K8S - Cronjob
 Simple instructions to add a cronjob on K8S to execute a prowler and save the results on AWS S3.
 
-### Files: 
+### Files:
 cronjob.yml ---> is a **cronjob** for K8S, you must set the frequency and probes from yours scans \
-secret.yml -----> is a **secret** file with AWS ID/Secret and the name of bucket 
+secret.yml -----> is a **secret** file with AWS ID/Secret and the name of bucket
 
 ### To apply:
 

contrib/k8s/cronjob.yml

@@ -16,7 +16,7 @@ spec:
           - name: prowler
             image: toniblyx/prowler:latest
             imagePullPolicy: Always
-            command: 
+            command:
             - "./prowler"
             args: [ "-g", "hipaa", "-M", "csv,json,html", "-B", "$(awsS3Bucket)" ]
             env:
@@ -30,11 +30,11 @@ spec:
                 secretKeyRef:
                   name:  devsecops-prowler-cronjob-secret
                   key: awsSecretKey
-            - name: awsS3Bucket 
+            - name: awsS3Bucket
               valueFrom:
                 secretKeyRef:
                   name:  devsecops-prowler-cronjob-secret
-                  key: awsS3Bucket 
+                  key: awsS3Bucket
             imagePullPolicy: IfNotPresent
           restartPolicy: OnFailure
       backoffLimit: 3

contrib/multi-account-securityhub/.awsvariables

@@ -1,3 +1,3 @@
 export ROLE=ProwlerXA-Role
 export PARALLEL_ACCOUNTS=1
-export REGION=us-east-1
+export REGION=us-east-1

contrib/multi-account-securityhub/Dockerfile

@@ -42,4 +42,4 @@ RUN \
 USER ${USERNAME}
 
 # Run script
-ENTRYPOINT ["/run-prowler-securityhub.sh"]
+ENTRYPOINT ["/run-prowler-securityhub.sh"]

contrib/multi-account-securityhub/README.md

@@ -15,7 +15,7 @@ Originally based on [org-multi-account](https://github.com/prowler-cloud/prowler
  The solution is designed to be very simple. Prowler is run via an ECS Task definition that launches a single Fargate container. This Task Definition is executed on a schedule using an EventBridge Rule.
 
 ## CloudFormation Templates
- 
+
  ### CF-Prowler-IAM.yml
 Creates the following IAM Roles:
 
@@ -33,7 +33,7 @@ Creates the following resources:
  5. **ProwlerTaskScheduler**: EventBridge Rule that schedules the execution of the Task Definition. The cron expression is specified as a CloudFormation template parameter.
 
 ### CF-Prowler-CrossAccountRole.yml
-Creates the cross account IAM Role required for Prowler to run. Deploy it as StackSet in every account in the AWS Organization.  
+Creates the cross account IAM Role required for Prowler to run. Deploy it as StackSet in every account in the AWS Organization.
 
 ## Docker Container
 
@@ -42,7 +42,7 @@ The Dockerfile does the following:
  1. Uses amazonlinux:2022 as a base.
  2. Downloads required dependencies.
  3. Copies the .awsvariables and run-prowler-securityhub.sh files into the root.
- 4. Downloads the specified version of Prowler as recommended in the release notes. 
+ 4. Downloads the specified version of Prowler as recommended in the release notes.
  5. Assigns permissions to a lower privileged user and then drops to it.
  6. Runs the script.
 
@@ -58,10 +58,10 @@ The script gets the list of accounts in AWS Organizations, and then executes Pro
 The logs that are generated and sent to Cloudwatch are error logs, and assessment start and finish logs.
 
 ## Instructions
- 1. Create a Private ECR Repository in the account that will host the Prowler container. The Audit account is recommended, but any account can be used. 
+ 1. Create a Private ECR Repository in the account that will host the Prowler container. The Audit account is recommended, but any account can be used.
  2.  Configure the .awsvariables file. Note the ROLE name chosen as it will be the CrossAccountRole.
  3. Follow the steps from "View Push Commands" to build and upload the container image. You need to have Docker and AWS CLI installed, and use the cli to login to the account first.  After upload note the Image URI, as it is required for the CF-Prowler-ECS template.
- 4.  Make sure SecurityHub is enabled in every account in AWS Organizations, and that the SecurityHub integration is enabled as explained in [Prowler - Security Hub Integration](https://github.com/prowler-cloud/prowler#security-hub-integration) 
+ 4.  Make sure SecurityHub is enabled in every account in AWS Organizations, and that the SecurityHub integration is enabled as explained in [Prowler - Security Hub Integration](https://github.com/prowler-cloud/prowler#security-hub-integration)
  5. Deploy **CF-Prowler-CrossAccountRole.yml** in the Master Account as a single stack. You will have to choose the CrossAccountRole name (ProwlerXA-Role by default) and the ProwlerTaskRoleName (ProwlerECSTask-Role by default)
  6. Deploy **CF-Prowler-CrossAccountRole.yml** in every Member Account as a StackSet. Choose the same CrossAccountName and ProwlerTaskRoleName as the previous step.
  7. Deploy **CF-Prowler-IAM.yml** in the account that will host the Prowler container (the same from step 1).  The following template parameters must be provided:
@@ -72,7 +72,7 @@ The logs that are generated and sent to Cloudwatch are error logs, and assessmen
  8. Deploy **CF-Prowler-ECS.yml** in the account that will host the Prowler container (the same from step 1).  The following template parameters must be provided:
 	- **ProwlerClusterName**: Name for the ECS Cluster (default ProwlerCluster)
 	- **ProwlerContainerName**: Name for the Prowler container (default prowler)
-	- **ProwlerContainerInfo**: ECR URI from step 1. 
+	- **ProwlerContainerInfo**: ECR URI from step 1.
 	- **ProwlerECSLogGroupName**: CloudWatch Log Group name (default /aws/ecs/SecurityHub-Prowler)
 	- **SecurityGroupVPCId**: VPC ID for the VPC where the container will run.
 	- **ProwlerScheduledSubnet1 and 2**: Subnets IDs from the VPC specified. Choose private subnets if possible.
@@ -90,5 +90,5 @@ If you permission find errors in the CloudWatch logs, the culprit might be a [Se
 ---
 ## Upgrading Prowler
 
-Prowler version is controlled by the PROWLERVER argument in the Dockerfile, change it to the desired version and follow the ECR Push Commands to update the container image. 
-Old images can be deleted from the ECR Repository after the new image is confirmed to work. They will show as "untagged" as only one image can hold the "latest" tag.
+Prowler version is controlled by the PROWLERVER argument in the Dockerfile, change it to the desired version and follow the ECR Push Commands to update the container image.
+Old images can be deleted from the ECR Repository after the new image is confirmed to work. They will show as "untagged" as only one image can hold the "latest" tag.

contrib/multi-account-securityhub/templates/CF-Prowler-CrossAccountRole.yml

@@ -94,4 +94,4 @@ Resources:
 Outputs:
   ProwlerCrossAccountRole:
     Description: CrossAccount Role to be used by Prowler to assess AWS Accounts in the AWS Organization.
-    Value: !Ref ProwlerCrossAccountRole
+    Value: !Ref ProwlerCrossAccountRole