feat(docs): add Powler config.yaml information to docs (#1546)

Co-authored-by: sergargar <sergio@verica.io>

README.md

@@ -1,6 +1,6 @@
 <p align="center">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/tree/prowler-3.0-dev/docs/img/prowler-pro-dark.png#gh-dark-mode-only" width="150" height="36">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/tree/prowler-3.0-dev/docs/img/prowler-pro-light.png#gh-light-mode-only" width="15%" height="15%">
+  <img align="center" src="docs/img/prowler-pro-dark.png#gh-dark-mode-only" width="150" height="36">
+  <img align="center" src="docs/img/prowler-pro-light.png#gh-light-mode-only" width="15%" height="15%">
 </p>
 <p align="center">
   <b><i>&nbsp&nbsp&nbsp See all the things you and your team can do with ProwlerPro at <a href="https://prowler.pro">prowler.pro</a></i></b>
@@ -58,7 +58,7 @@ The container images are available here:
 
 You can run Prowler from your workstation, an EC2 instance, Fargate or any other container, Codebuild, CloudShell and Cloud9.
 
-![Architecture](https://github.com/prowler-cloud/prowler/tree/prowler-3.0-dev/docs/img/architecture.png)
+![Architecture](docs/img/architecture.png)
 
 # 📝 Requirements
 
@@ -98,7 +98,7 @@ To run prowler, you will need to specify the provider (e.g aws or azure):
 prowler <provider>
 ```
 
-![Prowler Execution](https://github.com/prowler-cloud/prowler/tree/prowler-3.0-dev/docs/img/short-display.png)
+![Prowler Execution](docs/img/short-display.png)
 
 > Running the `prowler` command without options will use your environment variable credentials.
 
@@ -135,6 +135,13 @@ You can always use `-h`/`--help` to access to the usage information and all the
 prowler -h
 ```
 
+## Checks Configurations
+Several Prowler's checks have user configurable variables that can be modified in a common **configuration file**.
+This file can be found in the following path:
+```
+prowler/config/config.yaml
+```
+
 ## AWS
 
 Use a custom AWS profile with `-p`/`--profile` and/or AWS regions which you want to audit with `-f`/`--filter-region`:

docs/tutorials/configuration_file.md

@@ -0,0 +1,76 @@
+# Configuration File
+Several Prowler's checks have user configurable variables that can be modified in a common **configuration file**.
+This file can be found in the following path:
+```
+prowler/config/config.yaml
+```
+
+## Configurable Checks
+The following list includes all the checks with configurable variables that can be changed in the mentioned configuration yaml file:
+
+1. aws.ec2_elastic_ip_shodan
+    - shodan_api_key (String)
+- aws.ec2_securitygroup_with_many_ingress_egress_rules
+    - max_security_group_rules (Integer)
+- aws.ec2_instance_older_than_specific_days
+    - max_ec2_instance_age_in_days (Integer)
+- aws.vpc_endpoint_connections_trust_boundaries
+    - trusted_account_ids (List of Strings)
+- aws.vpc_endpoint_services_allowed_principals_trust_boundaries
+    - trusted_account_ids (List of Strings)
+- aws.cloudwatch_log_group_retention_policy_specific_days_enabled
+    - log_group_retention_days (Integer)
+- aws.appstream_fleet_session_idle_disconnect_timeout
+    - max_idle_disconnect_timeout_in_seconds (Integer)
+- aws.appstream_fleet_session_disconnect_timeout
+    - max_disconnect_timeout_in_seconds (Integer)
+- aws.appstream_fleet_maximum_session_duration
+    - max_session_duration_seconds (Integer)
+- aws.awslambda_function_using_supported_runtimes
+    - obsolete_lambda_runtimes (List of Strings)
+
+## Config Yaml File
+
+    # AWS EC2 Configuration
+    # aws.ec2_elastic_ip_shodan
+    shodan_api_key: null
+    # aws.ec2_securitygroup_with_many_ingress_egress_rules --> by default is 50 rules
+    max_security_group_rules: 50
+    # aws.ec2_instance_older_than_specific_days --> by default is 6 months (180 days)
+    max_ec2_instance_age_in_days: 180
+
+    # AWS VPC Configuration (vpc_endpoint_connections_trust_boundaries, vpc_endpoint_services_allowed_principals_trust_boundaries)
+    # Single account environment: No action required. The AWS account number will be automatically added by the checks.
+    # Multi account environment: Any additional trusted account number should be added as a space separated list, e.g.
+    # trusted_account_ids : ["123456789012", "098765432109", "678901234567"]
+    trusted_account_ids: []
+
+    # AWS Cloudwatch Configuration
+    # aws.cloudwatch_log_group_retention_policy_specific_days_enabled --> by default is 365 days
+    log_group_retention_days: 365
+
+    # AWS AppStream Session Configuration
+    # aws.appstream_fleet_session_idle_disconnect_timeout
+    max_idle_disconnect_timeout_in_seconds: 600 # 10 Minutes
+    # aws.appstream_fleet_session_disconnect_timeout
+    max_disconnect_timeout_in_seconds: 300 # 5 Minutes
+    # aws.appstream_fleet_maximum_session_duration
+    max_session_duration_seconds: 36000 # 10 Hours
+
+    # AWS Lambda Configuration
+    # aws.awslambda_function_using_supported_runtimes
+    obsolete_lambda_runtimes:
+    [
+        "python3.6",
+        "python2.7",
+        "nodejs4.3",
+        "nodejs4.3-edge",
+        "nodejs6.10",
+        "nodejs",
+        "nodejs8.10",
+        "nodejs10.x",
+        "dotnetcore1.0",
+        "dotnetcore2.0",
+        "dotnetcore2.1",
+        "ruby2.5",
+    ]

mkdocs.yml

@@ -33,6 +33,7 @@ nav:
         - Reporting: tutorials/reporting.md
         - Compliance: tutorials/compliance.md
         - Quick Inventory: tutorials/quick-inventory.md
+        - Configuration File: tutorials/configuration_file.md
         - Logging: tutorials/logging.md
         - Allowlist: tutorials/allowlist.md
         - Pentesting: tutorials/pentesting.md