prowler-provider

Original source / Raw SKILL.md

---
name: prowler-provider
description: >
  Creates new Prowler cloud providers or adds services to existing providers.
  Trigger: When extending Prowler SDK provider architecture (adding a new provider or a new service to an existing provider).
license: Apache-2.0
metadata:
  author: prowler-cloud
  version: "1.0"
  scope: [root, sdk]
  auto_invoke:
    - "Adding new providers"
    - "Adding services to existing providers"
allowed-tools: Read, Edit, Write, Glob, Grep, Bash, WebFetch, WebSearch, Task
---

## When to Use

Use this skill when:
- Adding a new cloud provider to Prowler
- Adding a new service to an existing provider
- Understanding the provider architecture pattern

## Provider Architecture Pattern

Every provider MUST follow this structure:

```
prowler/providers/{provider}/
├── __init__.py
├── {provider}_provider.py      # Main provider class
├── models.py                   # Provider-specific models
├── config.py                   # Provider configuration
├── exceptions/                 # Provider-specific exceptions
├── lib/
│   ├── service/               # Base service class
│   ├── arguments/             # CLI arguments parser
│   └── mutelist/              # Mutelist functionality
└── services/
    └── {service}/
        ├── {service}_service.py   # Resource fetcher
        ├── {service}_client.py    # Python singleton instance
        └── {check_name}/          # Individual checks
            ├── {check_name}.py
            └── {check_name}.metadata.json
```

## Provider Class Template

```python
from prowler.providers.common.provider import Provider

class {Provider}Provider(Provider):
    """Provider class for {Provider} cloud platform."""

    def __init__(self, arguments):
        super().__init__(arguments)
        self.session = self._setup_session(arguments)
        self.regions = self._get_regions()

    def _setup_session(self, arguments):
        """Provider-specific authentication."""
        # Implement credential handling
        pass

    def _get_regions(self):
        """Get available regions for provider."""
        # Return list of regions
        pass
```

## Service Class Template

```python
from prowler.providers.{provider}.lib.service.service import {Provider}Service

class {Service}({Provider}Service):
    """Service class for {service} resources."""

    def __init__(self, provider):
        super().__init__(provider)
        self.{resources} = []
        self._fetch_{resources}()

    def _fetch_{resources}(self):
        """Fetch {resource} data from API."""
        try:
            response = self.client.list_{resources}()
            for item in response:
                self.{resources}.append(
                    {Resource}(
                        id=item["id"],
                        name=item["name"],
                        region=item.get("region"),
                    )
                )
        except Exception as e:
            logger.error(f"Error fetching {resources}: {e}")
```

## Service Client Template

```python
from prowler.providers.{provider}.services.{service}.{service}_service import {Service}

{service}_client = {Service}
```

## Supported Providers

Current providers:
- AWS (Amazon Web Services)
- Azure (Microsoft Azure)
- GCP (Google Cloud Platform)
- Kubernetes
- GitHub
- M365 (Microsoft 365)
- OracleCloud (Oracle Cloud Infrastructure)
- AlibabaCloud
- MongoDB Atlas
- NHN (NHN Cloud)
- LLM (Language Model providers)
- IaC (Infrastructure as Code)

## Commands

```bash
# Run provider
poetry run python prowler-cli.py {provider}

# List services for provider
poetry run python prowler-cli.py {provider} --list-services

# List checks for provider
poetry run python prowler-cli.py {provider} --list-checks

# Run specific service
poetry run python prowler-cli.py {provider} --services {service}

# Debug mode
poetry run python prowler-cli.py {provider} --log-level DEBUG
```

## Resources

- **Templates**: See [assets/](assets/) for Provider, Service, and Client singleton templates
- **Documentation**: See [references/provider-docs.md](references/provider-docs.md) for official Prowler Developer Guide links


---

## Referenced Files

> The following files are referenced in this skill and included for context.

### references/provider-docs.md

```markdown
# Provider Documentation

## Local Documentation

For detailed provider development patterns, see:

### Core Documentation
- `docs/developer-guide/provider.mdx` - Provider architecture and creation guide
- `docs/developer-guide/services.mdx` - Adding services to existing providers

### Provider-Specific Details
- `docs/developer-guide/aws-details.mdx` - AWS provider implementation
- `docs/developer-guide/azure-details.mdx` - Azure provider implementation
- `docs/developer-guide/gcp-details.mdx` - GCP provider implementation
- `docs/developer-guide/kubernetes-details.mdx` - Kubernetes provider implementation
- `docs/developer-guide/github-details.mdx` - GitHub provider implementation
- `docs/developer-guide/m365-details.mdx` - Microsoft 365 provider implementation
- `docs/developer-guide/alibabacloud-details.mdx` - Alibaba Cloud provider implementation
- `docs/developer-guide/llm-details.mdx` - LLM provider implementation

## Contents

The documentation covers:
- Provider types (SDK, API, Tool/Wrapper)
- Provider class structure and identity
- Service creation patterns
- Client singleton implementation
- Provider-specific authentication and API patterns

```