Prowler
Screenshot at

Sign up for Prowler Updates

Please enable JavaScript in your browser to complete this form.
Andoni Alonso headshot
Andoni Alonso // September 5, 2025

Automate Multi-Cloud Security at Scale: Bulk Provider Provisioning in Prowler

Managing cloud security across dozens or even hundreds of cloud accounts is a challenge, especially when you have to do it for multiple cloud providers. Manually onboarding each account is time-consuming and error-prone.

At Prowler, we understand this challenge. That’s why we’ve leveraged our Prowler API to create a tool that allows you to onboard all your cloud providers to Prowler in minutes instead of hours. We recently released a Prowler Bulk Provisioning tool, a Python-based utility that reads your provider configurations from a YAML file and automatically provisions them in Prowler Cloud or your self-hosted Prowler App instance.

The Multi-Cloud Management Challenge

Picture this: Your organization has just completed a merger, and suddenly you’re responsible for securing 150 AWS accounts, 75 Azure subscriptions, and 30 GCP projects. Each one needs to be configured in Prowler with the right authentication credentials, proper naming conventions, and connection verification.

Doing this manually through the UI means:

  • Clicking through the same forms hundreds of times
  • Risk of configuration errors and typos
  • Hours of repetitive work
  • Delayed security visibility across your newly expanded infrastructure

This is exactly the scenario that led us to develop the Bulk Provider Provisioning tool.

Here’s what makes it powerful:

  • Multi-cloud support: AWS, Azure, GCP, Kubernetes, Microsoft 365, and GitHub
  • Concurrent processing: Provision multiple providers simultaneously
  • Automatic verification: Built-in connection testing ensures everything works

Getting Started: Your First Bulk Provisioning

Let’s walk through a real-world scenario. Imagine you need to onboard 20 AWS accounts, 10 Azure subscriptions, and 5 GCP projects for your production environment.

Step 1: Prepare Your Environment

First, grab the tool from the Prowler repository:

git clone https://github.com/prowler-cloud/prowler.git
cd prowler/util/prowler-bulk-provisioning
pip install -r requirements.txt

Step 2: Set Your API Token

You’ll need your Prowler API token. If you’re using Prowler Cloud, you can obtain your token using the following command:

export PROWLER_API_TOKEN=$(curl --location 'https://api.prowler.com/api/v1/tokens' \
  --header 'Content-Type: application/vnd.api+json' \
  --header 'Accept: application/vnd.api+json' \
  --data-raw '{
    "data": {
      "type": "tokens",
      "attributes": {
        "email": "your@email.com",
        "password": "your-password"
      }
    }
  }' | jq -r .data.attributes.access)

If you are self-hosting Prowler App, you will need to update the URL to match your Prowler App instance.

Step 3: Create Your Provider Configuration

Here’s where the magic happens. Create a providers.yaml file with all your cloud accounts (you can find examples in the Prowler repository):

# AWS Production Accounts
- provider: aws
  uid: "123456789012"
  alias: "production-main"
  auth_method: role
  credentials:
    role_arn: "arn:aws:iam::123456789012:role/ProwlerSecurityAudit"
    external_id: "some-external-id"

- provider: aws
  uid: "234567890123"
  alias: "production-data"
  auth_method: role
  credentials:
    role_arn: "arn:aws:iam::234567890123:role/ProwlerSecurityAudit"
    external_id: "some-external-id"

# [... more AWS accounts ...]

# Azure Subscriptions
- provider: azure
  uid: "11111111-2222-3333-4444-555555555555"
  alias: "azure-production"
  auth_method: service_principal
  credentials:
    tenant_id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
    client_id: "ffffffff-1111-2222-3333-444444444444"
    client_secret: "AZURE_CLIENT_SECRET"

# [... more Azure subscriptions ...]

# GCP Projects
- provider: gcp
  uid: "my-production-project"
  alias: "gcp-production"
  auth_method: service_account
  credentials:
    service_account_key_json_path: "/path/to/service-accounts/production-sa.json"

# [... more GCP projects ...]

Security Note: Be careful with this file. Ensure you remove it when you finish and that it’s never committed to your version control system.

Step 4: Validate Your Configuration

Before making any changes, run a dry-run to see exactly what will happen:

python prowler_bulk_provisioning.py providers.yaml --dry-run

This shows you the API calls that would be made without actually creating anything, perfect for validation.

Step 5: Execute the Bulk Provisioning

Ready to go? Run the provisioning:

python prowler_bulk_provisioning.py providers.yaml

Watch as the tool:

  1. Creates each provider in Prowler
  2. Configures authentication credentials
  3. Tests the connection to verify everything works
  4. Reports the status of each operation

You’ll see output like:

[1] ✅ Created provider (id=db9a8985-f9ec-4dd8-b5a0-e05ab3880bed)
[1] ✅ Created secret (id=466f76c6-5878-4602-a4bc-13f9522c1fd2)
[1] ✅ Connection test: Connected

[2] ✅ Created provider (id=7a99f789-0cf5-4329-8279-2d443a962676)
[2] ✅ Created secret (id=c5702180-f7c4-40fd-be0e-f6433479b126)
[2] ✅ Connection test: Connected

...

Done. Success: 35  Failures: 0

In under 5 minutes, you’ve onboarded all 35 cloud providers with verified connections.

Handling Provider Rotation

Need to clean up old providers before adding new ones? The nuke_providers.py script helps with bulk deletion:

# Remove all test providers
python nuke_providers.py --confirm --filter-alias "test-*"

# Remove all AWS providers (careful!)
python nuke_providers.py --confirm --filter-provider aws

Start Provisioning at Scale Today

Whether you’re managing 10 cloud accounts or 500, this tool eliminates the manual burden of provider configuration, letting your security team focus on what matters most—protecting your cloud infrastructure.

But the Bulk Provider Provisioning tool is just one of the many powerful features available in Prowler. With Prowler Cloud, you get:

  • Continuous monitoring across all your cloud environments
  • Real-time alerts for critical security findings
  • Compliance reporting for frameworks like CIS, PCI-DSS, GDPR, and more
  • Remediation guidance with step-by-step fixes
  • Advanced analytics to track your security posture over time

Start your Prowler Cloud free trial and see how Prowler can transform your cloud security operations. With the Bulk Provider Provisioning tool, you can have hundreds of accounts monitored within your first hour.

Have questions or feedback? Join our Slack community where thousands of cloud security practitioners share tips and best practices.

Recent Articles

py iam expand
August 21, 2025

Unmasking Hidden Dangers: How Prowler Now Detects Obfuscated IAM Policies

It all started with a fascinating blog post from the team at Permiso introducing their "Sky Scalpel" tool. Their research highlighted a clever technique for hiding dangerous permissions within AWS...

bedrock header
August 12, 2025

Bedrock’s New API Keys: Convenience at a Hidden Security Cost

Recently, the AWS team rolled out the red carpet for a slick new feature in their post, "Accelerate AI development with Amazon Bedrock API keys." The promise was a dream...

June 24, 2025

CSPM for GCP: Securing Your Google Cloud Environment with Modern Cloud Security Posture Management

Modern organizations rapidly embrace the Google Cloud Platform for its scalability, innovation capabilities, and cost-effectiveness.  However, this digital transformation comes with a critical challenge: maintaining robust security across increasingly complex...