prowler icon indicating copy to clipboard operation
prowler copied to clipboard
verified publisher icon prowler-cloud

Memory Leak in Prowler AWS Provider

Open collin-miller opened this issue 8 months ago • 3 comments

Steps to Reproduce

I am running prowler as a cronjob on Kubernetes and recently noticed the job was not running to completion. We have had prowler running as a cronjob for approximately 9 months without issues.

Pod memory limit was set to 2gb. While the pod memory was set to 2gb the pod would crash part way through completion. After I increased the limit to 6gb jobs are completing successfully.

After investigation I believe there is a memory leak in the Prowler AWS scanner leading the job to OOM. The Kubernetes memory profile shows the memory utilization is slowly climbing and finally peaks somewhere around ~5.5 gbs.

I am running Prowler 4.6.2.

prowler aws --region us-east-1 us-west-1 --output-directory dirname --output-filename 2025-04-05T03:00:36.183444 --ignore-exit-code-3 --only-logs --log-level INFO --mutelist-file mutelist.yaml --role arn:aws:iam::12345678912:role/prowler-role --output-bucket-no-assume bucket-name

Expected behavior

I don't believe it should take around 6 gb of memory to run prowler against one AWS account.

Actual Result with Screenshots or Logs

Image

How did you install Prowler?

From pip package (pip install prowler)

Environment Resource

EKS

OS used

Debian 12

python:3.12-slim docker image

Prowler version

Prowler 4.6.2 (latest is 5.4.3, upgrade for the latest features)

Pip version

pip 24.3.1 from /usr/local/lib/python3.12/site-packages/pip (python 3.12)

Context

No response

collin-miller avatar Apr 07 '25 19:04 collin-miller

Hi @collin-miller! Thanks for reaching out and providing detailed information. I’ll check this with the team and see how we can help identify and address the potential memory issue. We’ll get back to you as soon as we have more insights. Thanks for your patience!

danibarranqueroo avatar Apr 08 '25 10:04 danibarranqueroo

Hello again! After reviewing it, that memory is expected and now our recommendation is 8GB, we will update our docs so it's clearer for everyone to know it. Thanks for using Prowler! 🚀

danibarranqueroo avatar Apr 09 '25 10:04 danibarranqueroo

@danibarranqueroo Thank you for looking into this!

I am still suprised by the increased memory utilization. Were there any changes that drastically increased the memory requirements? I'm surprised since I had been running on 2gb of memory for previous versions. It seems like upgrading to the latest version of prowler 4 is when I ran into this issue.

collin-miller avatar Apr 29 '25 20:04 collin-miller

Hi there, I am experiencing a similar problem trying to run the CLI against my AWS account. It just crashes my ubuntu box :'( I could increase the memory size but if has done only 6% of the lambda's and using 14gb that seems like I will need a lot of memory.

Image Image Image

yerttle avatar Nov 07 '25 10:11 yerttle

Hello @yerttle there are several AWS checks for the Lambda service that requires a huge amount of memory because they look for secrets into the configuration or code. If you have a great amount of Lambdas you'll either to add more resources or exclude those checks from being executed.

jfagoagas avatar Nov 13 '25 10:11 jfagoagas