From 9e2580cc3412394ba39db215ac11a8dd3207bcb4 Mon Sep 17 00:00:00 2001
From: Julio Delgado Jr <delgjul@amazon.com>
Date: Fri, 5 Jun 2020 12:06:33 -0400
Subject: [PATCH] removed ansi2html, added -M html

---
 util/org-multi-account/ProwlerEC2.yaml            |  2 +-
 util/org-multi-account/README.md                  | 11 ++++-------
 util/org-multi-account/src/run-prowler-reports.sh | 13 +++++--------
 3 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/util/org-multi-account/ProwlerEC2.yaml b/util/org-multi-account/ProwlerEC2.yaml
index 78b936e7..ad9390e4 100644
--- a/util/org-multi-account/ProwlerEC2.yaml
+++ b/util/org-multi-account/ProwlerEC2.yaml
@@ -201,7 +201,7 @@ Resources:
                 yum install python-pip git jq -y
             02-install-prowler-prereqs-pip:
               command: |
-                sudo -u ec2-user pip install --user boto3 awscli ansi2html detect-secrets
+                sudo -u ec2-user pip install --user boto3 awscli detect-secrets
         prowler-reports:
           files:
             /home/ec2-user/run-prowler-reports.sh:
diff --git a/util/org-multi-account/README.md b/util/org-multi-account/README.md
index 3bc0fb42..71c6faad 100644
--- a/util/org-multi-account/README.md
+++ b/util/org-multi-account/README.md
@@ -1,7 +1,5 @@
 # Example Solution:  Organizational Prowler Deployment
 
-Created by: Julio Delgado Jr. <delgjul@amazon.com>
-
 Deploys [Prowler](https://github.com/toniblyx/prowler) to assess all Accounts in an AWS Organization on a schedule, creates assessment reports in HTML, and stores them in an S3 bucket.
 
 ---
@@ -59,10 +57,9 @@ Deploys [Prowler](https://github.com/toniblyx/prowler) to assess all Accounts in
       - -R: used to specify Cross-Account role for Prowler to assume to run its assessment.
       - -A: used to specify AWS Account number for Prowler to run assessment against.
       - -g cislevel1: used to specify cislevel1 checks for Prowler to assess
-      - ansi2html -la: used to generate HTML assessment report
 
         ```bash
-        ./prowler/prowler -R "$ROLE" -A "$accountId" -g cislevel1 | ansi2html -la >"$Report"
+        ./prowler/prowler -R "$ROLE" -A "$accountId" -g cislevel1 -M html
         ```
 
       - NOTE: Script can be modified to run Prowler as desired.
@@ -112,7 +109,7 @@ Deploys [Prowler](https://github.com/toniblyx/prowler) to assess all Accounts in
 ### Ad hoc Run Prowler against all Accounts in AWS Organization
 
 1. Connect to Prowler EC2 Instance
-    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash; su - ec2-user```
+    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash``` and ```su - ec2-user```
     - If using SSH, then login as ```ec2-user```
 1. Run Prowler Script
 
@@ -124,7 +121,7 @@ Deploys [Prowler](https://github.com/toniblyx/prowler) to assess all Accounts in
 ### Ad hoc Run Prowler Interactively
 
 1. Connect to Prowler EC2 Instance
-    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash; su - ec2-user```
+    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash``` and ```su - ec2-user```
     - If using SSH, then login as ```ec2-user```
 1. See Cross-Account Role and S3 Bucket being used for Prowler
 
@@ -143,7 +140,7 @@ Deploys [Prowler](https://github.com/toniblyx/prowler) to assess all Accounts in
 ### Upgrading Prowler to Latest Version
 
 1. Connect to Prowler EC2 Instance
-    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash; su - ec2-user```
+    - If using Session Manager, then after login, switch to ```ec2-user```, via: ```sudo bash``` and ```su - ec2-user```
     - If using SSH, then login as ```ec2-user```
 1. Delete the existing version of Prowler, and download the latest version of Prowler
 
diff --git a/util/org-multi-account/src/run-prowler-reports.sh b/util/org-multi-account/src/run-prowler-reports.sh
index 2e797a76..54201b84 100644
--- a/util/org-multi-account/src/run-prowler-reports.sh
+++ b/util/org-multi-account/src/run-prowler-reports.sh
@@ -20,11 +20,8 @@ echo "S3:             $S3"
 echo "S3ACCOUNT:      $S3ACCOUNT"
 echo "ROLE:           $ROLE"
 
-# Create Folder to Store Prowler Reports
-mkdir -p prowler-reports
-
 # CleanUp Last Ran Prowler Reports, as they are already stored in S3.
-rm -rf prowler-reports/*.html
+rm -rf prowler/output/*.html
 
 # Function to unset AWS Profile Variables
 unset_aws() {
@@ -90,13 +87,13 @@ for accountId in $ACCOUNTS_IN_ORGS; do
         # Unset AWS Profile Variables
         unset_aws
         # Run Prowler
-        Report="prowler-reports/$(date +'%Y-%m-%d-%H%M%P')-$accountId-report.html"
         echo -e "Assessing AWS Account: $accountId, using Role: $ROLE on $(date)"
-        ./prowler/prowler -R "$ROLE" -A "$accountId" -g cislevel1 | ansi2html -la >"$Report"
-        echo "Report stored locally at: $Report"
+        # remove -g cislevel for a full report and add other formats if needed
+        ./prowler/prowler -R "$ROLE" -A "$accountId" -g cislevel1 -M html
+        echo "Report stored locally at: prowler/output/ directory"
         # Upload Prowler Report to S3
         s3_account_session
-        aws s3 cp "$Report" "$S3/reports/"
+        aws s3 cp prowler/output/ "$S3/reports/" --recursive --include "*.html"
         TOTAL_SEC=$((SECONDS - START_TIME))
         echo -e "Completed AWS Account: $accountId, using Role: $ROLE on $(date)"
         printf "Completed AWS Account: $accountId in %02dh:%02dm:%02ds" $((TOTAL_SEC / 3600)) $((TOTAL_SEC % 3600 / 60)) $((TOTAL_SEC % 60))