Firehose client checks only 10 streams

[ivan-morgun]

Steps to Reproduce

1. prowler aws -f us-west-1 --profile live -c firehose_stream_encrypted_at_rest
2. aws
3. single account
4. No error

Expected behavior

When region has more than 10 delivery streams they are not included in the report. It seems that the issue is in the _list_delivery_streams method which uses list_delivery_streams boto3 method which return 10 streams by default when limit parater is not configured https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/firehose/client/list_delivery_streams.html

Also, prowler has a false\positive results when the source for delivery stream is a data stream with encryption enabled. In such setup delivery stream can't have encription and prowler treats it as FAIL.

Actual Result with Screenshots or Logs

How did you install Prowler?

From pip package (pip install prowler)

Environment Resource

Workstation

OS used

MacOS

Prowler version

5.7.5

Pip version

24.0

Context

No response

[danibarranqueroo]

Hi there!

Thank you very much for reporting these issues and providing clear steps to reproduce them.
We appreciate your feedback regarding the limitation with the number of delivery streams returned and the false positive when the delivery stream source is an encrypted data stream. We will work on addressing both points to improve the check’s accuracy and usability.

Thanks again for helping us make Prowler better! 🚀