
Sign up for Prowler Updates
Automate Multi-Cloud Security at Scale: Bulk Provider Provisioning in Prowler
Managing cloud security across dozens or even hundreds of cloud accounts is a challenge, especially when you have to do it for multiple cloud providers. Manually onboarding each account is time-consuming and error-prone.
At Prowler, we understand this challenge. That’s why we’ve leveraged our Prowler API to create a tool that allows you to onboard all your cloud providers to Prowler in minutes instead of hours. We recently released a Prowler Bulk Provisioning tool, a Python-based utility that reads your provider configurations from a YAML file and automatically provisions them in Prowler Cloud or your self-hosted Prowler App instance.
The Multi-Cloud Management Challenge
Picture this: Your organization has just completed a merger, and suddenly you’re responsible for securing 150 AWS accounts, 75 Azure subscriptions, and 30 GCP projects. Each one needs to be configured in Prowler with the right authentication credentials, proper naming conventions, and connection verification.
Doing this manually through the UI means:
- Clicking through the same forms hundreds of times
- Risk of configuration errors and typos
- Hours of repetitive work
- Delayed security visibility across your newly expanded infrastructure
This is exactly the scenario that led us to develop the Bulk Provider Provisioning tool.
Here’s what makes it powerful:
- Multi-cloud support: AWS, Azure, GCP, Kubernetes, Microsoft 365, and GitHub
- Concurrent processing: Provision multiple providers simultaneously
- Automatic verification: Built-in connection testing ensures everything works
Getting Started: Your First Bulk Provisioning
Let’s walk through a real-world scenario. Imagine you need to onboard 20 AWS accounts, 10 Azure subscriptions, and 5 GCP projects for your production environment.
Step 1: Prepare Your Environment
First, grab the tool from the Prowler repository:
git clone https://github.com/prowler-cloud/prowler.git
cd prowler/util/prowler-bulk-provisioning
pip install -r requirements.txt
Step 2: Set Your API Token
You’ll need your Prowler API token. If you’re using Prowler Cloud, you can obtain your token using the following command:
export PROWLER_API_TOKEN=$(curl --location 'https://api.prowler.com/api/v1/tokens' \
--header 'Content-Type: application/vnd.api+json' \
--header 'Accept: application/vnd.api+json' \
--data-raw '{
"data": {
"type": "tokens",
"attributes": {
"email": "your@email.com",
"password": "your-password"
}
}
}' | jq -r .data.attributes.access)
If you are self-hosting Prowler App, you will need to update the URL to match your Prowler App instance.
Step 3: Create Your Provider Configuration
Here’s where the magic happens. Create a providers.yaml
file with all your cloud accounts (you can find examples in the Prowler repository):
# AWS Production Accounts
- provider: aws
uid: "123456789012"
alias: "production-main"
auth_method: role
credentials:
role_arn: "arn:aws:iam::123456789012:role/ProwlerSecurityAudit"
external_id: "some-external-id"
- provider: aws
uid: "234567890123"
alias: "production-data"
auth_method: role
credentials:
role_arn: "arn:aws:iam::234567890123:role/ProwlerSecurityAudit"
external_id: "some-external-id"
# [... more AWS accounts ...]
# Azure Subscriptions
- provider: azure
uid: "11111111-2222-3333-4444-555555555555"
alias: "azure-production"
auth_method: service_principal
credentials:
tenant_id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
client_id: "ffffffff-1111-2222-3333-444444444444"
client_secret: "AZURE_CLIENT_SECRET"
# [... more Azure subscriptions ...]
# GCP Projects
- provider: gcp
uid: "my-production-project"
alias: "gcp-production"
auth_method: service_account
credentials:
service_account_key_json_path: "/path/to/service-accounts/production-sa.json"
# [... more GCP projects ...]
Security Note: Be careful with this file. Ensure you remove it when you finish and that it’s never committed to your version control system.
Step 4: Validate Your Configuration
Before making any changes, run a dry-run to see exactly what will happen:
python prowler_bulk_provisioning.py providers.yaml --dry-run
This shows you the API calls that would be made without actually creating anything, perfect for validation.
Step 5: Execute the Bulk Provisioning
Ready to go? Run the provisioning:
python prowler_bulk_provisioning.py providers.yaml
Watch as the tool:
- Creates each provider in Prowler
- Configures authentication credentials
- Tests the connection to verify everything works
- Reports the status of each operation
You’ll see output like:
[1] ✅ Created provider (id=db9a8985-f9ec-4dd8-b5a0-e05ab3880bed)
[1] ✅ Created secret (id=466f76c6-5878-4602-a4bc-13f9522c1fd2)
[1] ✅ Connection test: Connected
[2] ✅ Created provider (id=7a99f789-0cf5-4329-8279-2d443a962676)
[2] ✅ Created secret (id=c5702180-f7c4-40fd-be0e-f6433479b126)
[2] ✅ Connection test: Connected
...
Done. Success: 35 Failures: 0
In under 5 minutes, you’ve onboarded all 35 cloud providers with verified connections.
Handling Provider Rotation
Need to clean up old providers before adding new ones? The nuke_providers.py
script helps with bulk deletion:
# Remove all test providers
python nuke_providers.py --confirm --filter-alias "test-*"
# Remove all AWS providers (careful!)
python nuke_providers.py --confirm --filter-provider aws
Start Provisioning at Scale Today
Whether you’re managing 10 cloud accounts or 500, this tool eliminates the manual burden of provider configuration, letting your security team focus on what matters most—protecting your cloud infrastructure.
But the Bulk Provider Provisioning tool is just one of the many powerful features available in Prowler. With Prowler Cloud, you get:
- Continuous monitoring across all your cloud environments
- Real-time alerts for critical security findings
- Compliance reporting for frameworks like CIS, PCI-DSS, GDPR, and more
- Remediation guidance with step-by-step fixes
- Advanced analytics to track your security posture over time
Start your Prowler Cloud free trial and see how Prowler can transform your cloud security operations. With the Bulk Provider Provisioning tool, you can have hundreds of accounts monitored within your first hour.
Have questions or feedback? Join our Slack community where thousands of cloud security practitioners share tips and best practices.
Recent Articles

Unmasking Hidden Dangers: How Prowler Now Detects Obfuscated IAM Policies
It all started with a fascinating blog post from the team at Permiso introducing their "Sky Scalpel" tool. Their research highlighted a clever technique for hiding dangerous permissions within AWS...

Bedrock’s New API Keys: Convenience at a Hidden Security Cost
Recently, the AWS team rolled out the red carpet for a slick new feature in their post, "Accelerate AI development with Amazon Bedrock API keys." The promise was a dream...
CSPM for GCP: Securing Your Google Cloud Environment with Modern Cloud Security Posture Management
Modern organizations rapidly embrace the Google Cloud Platform for its scalability, innovation capabilities, and cost-effectiveness. However, this digital transformation comes with a critical challenge: maintaining robust security across increasingly complex...