prowler-cloud
Cloudflare Environment Support?
New feature motivation
Would it be possible to look into supporting the Cloudflare environment as well?
--Workers --Databases --SQL etc
For example HIPAA compliance from CF
https://www.cloudflare.com/resources/assets/slt3lc6tev37/3PeVHvuZAh7p3tN77kIfhG/596a459dd1cfbc2ad6b1dbef36ff0eb1/BDES-1265_Privacy_Compliance_Whitepapers_HIPAA.pdf
While I understand GitHub for example is audited and workers for example rely heavily on GitHub, having a quick scan on key items (configurations and tweaks) for various compliance frameworks would be very beneficial. Especially as you can very easily fall out of compliance with certain frameworks by leaving a frontdoor open on a storage bucket for example.
Solution Proposed
Add support for connecting into Cloudflare and analyzing various solutions enabled using Cloudflare API keys attached to the accounts across all solution areas for best practices, security configurations, attached to the controls of the frameworks being reviewed and then provide recommendations to solve.
Describe alternatives you've considered
Manual review as there are not many solutions out there today specifically for this
Additional context
No response
Hey! Thanks for the heads up, this would be a great feature. We'll take that into account 😄
Hey I can work on this one since I have been using prowler and cloudflare both for quite some time. Would love to contribute with this feature request.
Hi @rorschakTalabat 🖖 we’d be happy to welcome your contribution and provide any support and guidance you need throughout the process.
You can take a look to the latest provider added by the community, NHN in this PR https://github.com/prowler-cloud/prowler/pull/6870 so you can get an idea of what’s involved in adding a new one.
Also, you can check our docs, these are the most relevant pages for that task:
- Overview of how to contribute: docs.prowler.com/projects/prowler-open-source/en/latest/developer-guide/introduction
- Provider class documentation, which covers authentication and other provider-specific logic: docs.prowler.com/projects/prowler-open-source/en/latest/developer-guide/provider
- Services guide, where you'll learn how to fetch data from the provider’s services: docs.prowler.com/projects/prowler-open-source/en/latest/developer-guide/services
- Checks format documentation, which explains how each check should be structured: docs.prowler.com/projects/prowler-open-source/en/latest/developer-guide/checks
Thank you very much for your interest in helping improve Prowler! 🙌
This is terrific and so glad to see this is being worked on as this could be a terrific add-on as Cloudflare is adding so much one-off-infrastructure (outside just workers for example connecting to GitHub as an example)
Thank you all!
Hey I can work on this one since I have been using prowler and cloudflare both for quite some time. Would love to contribute with this feature request.
Hi @rorschakTalabat,
I wanted to check if you did end up implementing this, since we’re planning to add Cloudflare as a provider ourselves.
Hey @HugoPBrito , Not yet. I am currently doing a bit of research on what all can be added. Will take some time to be implemented. Let me know if thats alright.
Hey @HugoPBrito , Not yet. I am currently doing a bit of research on what all can be added. Will take some time to be implemented. Let me know if thats alright.
Since the Cloudflare integration is a bit of a priority right now, I was thinking about this: we handle the integration and add the provider, and you help us with the check development.
The idea is to enhance the PoC (https://github.com/prowler-cloud/prowler/pull/9010), and release the provider with those 13 checks.
We’ll open some check feature requests, smaller and more focused, where it’ll be easier to contribute, or you can contribute with checks from your own research, which will be really useful.
What do you think?