New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to run Azure Cloud Scan #3747
Comments
Hi @imvignesh27, thanks for the report. In our test environment, we are failing to replicate this error, it is likely the issue may lie with the credentials that you are using. Please refer to the documentation to ensure all permissions are correctly set and the service principal application is properly created. Also, verify if the subscription ID is well typed and exists in the same tenant as the service principal application. If the error persists, send the output again adding the |
I'm just getting the below error : 2024-04-15 11:45:24,236 [File: azure_provider.py:275] [Module: azure_provider] ERROR: ClientAuthenticationError[269] -- DefaultAzureCredential failed to retrieve a token from the included credentials. 2024-04-15 11:45:29,386 [File: azure_provider.py:350] [Module: azure_provider] CRITICAL: Error with credentials provided getting subscriptions and tenants to scan 2024-04-15 11:45:29,387 [File: azure_provider.py:353] [Module: azure_provider] CRITICAL: ClientAuthenticationError[324] -- DefaultAzureCredential failed to retrieve a token from the included credentials. |
Hi again @imvignesh27, I have been studying your problem further and my conclusion is that the problem with the cert verify could be because you are using a system with a proxy configured. If it is the case refer to the official documentation of Microsoft, if it is not the case I could need more details of your system or about the Service Principal that you use to authenticate because it was impossible to me to reproduce the same error on a Kali machine. Thanks for the feedback and I wait for your response. |
Yes, I think the proxy is the problem. I'm also running in kali machine. I had generated the AWS report but azure only I'm getting these errors. I will refer your document link and comeback to u 👍 |
Hi @imvignesh27, we are closing this issue. Please feel free to reopen it if you notice the same behaviour or if you want to add something. Thanks for using Prowler 🚀 |
Steps to Reproduce
Command used: prowler azure --sp-env-auth --subscription-id xxxxxxxxxxxxxxxxxxxxx
Expected to run the scan but failed with certifcate error.
Expected behavior
Expected to run the scan and show the result
Actual Result with Screenshots or Logs
─$ prowler azure --sp-env-auth --subscription-id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx _
_ __ _ __ _____ | | ___ _ __
| ' | '/ _ \ \ /\ / / |/ _ \ '|
| |) | | | () \ V V /| | / |
| ./|| ___/ _/_/ ||___||v4.0.0
|| the handy multi-cloud security tool
Date: 2024-04-10 14:49:34
2024-04-10 14:49:47,077 [File: azure_provider.py:350] [Module: azure_provider] CRITICAL: Error with credentials provided getting subscriptions and tenants to scan
2024-04-10 14:49:47,078 [File: azure_provider.py:353] [Module: azure_provider] CRITICAL: ClientAuthenticationError[333] -- DefaultAzureCredential failed to retrieve a token from the included credentials.
Attempted credentials:
EnvironmentCredential: Authentication failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1006)
To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
How did you install Prowler?
Cloning the repository from github.com (git clone)
Environment Resource
Running from VMware
OS used
Kali Linux
Prowler version
4
Pip version
23.3
Context
No response
The text was updated successfully, but these errors were encountered: