chore(allowlist): Rename references (#1108)

* chore(allowlist): rename file

* chore(allowlist): remove old references

README.md

@@ -33,7 +33,7 @@
 - [Advanced Usage](#advanced-usage)
 - [Security Hub integration](#security-hub-integration)
 - [CodeBuild deployment](#codebuild-deployment)
-- [Whitelist/allowlist or remove FAIL from resources](#whitelist-or-allowlist-or-remove-a-fail-from-resources)
+- [Allowlist or remove FAIL from resources](#allowlist-or-allowlist-or-remove-a-fail-from-resources)
 - [Fix](#how-to-fix-every-fail)
 - [Troubleshooting](#troubleshooting)
 - [Extras](#extras)
@@ -484,18 +484,18 @@ The Cloud Formation template that helps you doing that is [here](https://github.
 
 > This is a simple solution to monitor one account. For multiples accounts see [Multi Account and Continuous Monitoring](util/org-multi-account/README.md).
 
-## Whitelist or allowlist or remove a fail from resources
+## Allowlist or remove a fail from resources
 
-Sometimes you may find resources that are intentionally configured in a certain way that may be a bad practice but it is all right with it, for example an S3 bucket open to the internet hosting a web site, or a security group with an open port needed in your use case. Now you can use `-w whitelist_sample.txt` and add your resources as `checkID:resourcename` as in this command:
+Sometimes you may find resources that are intentionally configured in a certain way that may be a bad practice but it is all right with it, for example an S3 bucket open to the internet hosting a web site, or a security group with an open port needed in your use case. Now you can use `-w allowlist_sample.txt` and add your resources as `checkID:resourcename` as in this command:
 
 ```
-./prowler -w whitelist_sample.txt
+./prowler -w allowlist_sample.txt
 ```
 
 S3 URIs are also supported as allowlist file, e.g. `s3://bucket/prefix/allowlist_sample.txt`
->Make sure that the used credentials have s3:GetObject permissions in the S3 path where the whitelist file is located.
+>Make sure that the used credentials have s3:GetObject permissions in the S3 path where the allowlist file is located.
 
-Whitelist option works along with other options and adds a `WARNING` instead of `INFO`, `PASS` or `FAIL` to any output format except for `json-asff`.
+Allowlist option works along with other options and adds a `WARNING` instead of `INFO`, `PASS` or `FAIL` to any output format except for `json-asff`.
 
 ## How to fix every FAIL
 
@@ -703,7 +703,7 @@ Current coverage of Amazon Web Service (AWS) taken from [here](https://docs.aws.
 | Topic                           | Service    | Trust Boundary                                                            |
 |---------------------------------|------------|---------------------------------------------------------------------------|
 | Networking and Content Delivery | Amazon VPC | VPC endpoints connections ([extra786](checks/check_extra786))             |
-|                                 |            | VPC endpoints whitelisted principals ([extra787](checks/check_extra787))  |
+|                                 |            | VPC endpoints allowlisted principals ([extra787](checks/check_extra787))  |
 
 All ideas or recommendations to extend this group are very welcome [here](https://github.com/prowler-cloud/prowler/issues/new/choose).
 

allowlist_example.txt

@@ -16,12 +16,12 @@ check26:myignoredbucket
 #<checkid2>:<resource to ignore 1>
 
 # REGEXES
-# This whitelist works with regexes (ERE, the same style of regex as grep -E and bash's =~ use)
+# This allowlist works with regexes (ERE, the same style of regex as grep -E and bash's =~ use)
 # therefore:
 # extra718:[[:alnum:]]+-logs # will ignore all buckets containing the terms ci-logs, qa-logs, etc.
 
 # EXAMPLE: CONTROL TOWER
-# When using Control Tower, guardrails prevent access to certain protected resources. The whitelist
+# When using Control Tower, guardrails prevent access to certain protected resources. The allowlist
 # below ensures that warnings instead of errors are reported for the affected resources.
 #extra734:aws-controltower-logs-[[:digit:]]+-[[:alpha:]\-]+
 #extra734:aws-controltower-s3-access-logs-[[:digit:]]+-[[:alpha:]\-]+

checks/check_extra789

@@ -54,7 +54,7 @@ extra789(){
                         # Algorithm:
                         # Remove all trusted ACCOUNT_IDs from ENDPOINT_CONNECTION_LIST.
                         # As a result, the ENDPOINT_CONNECTION_LIST finally contains only unknown/untrusted account ids.
-                        ENDPOINT_CONNECTION_LIST=("${ENDPOINT_CONNECTION_LIST[@]/$ENDPOINT_CONNECTION}") # remove hit from whitelist
+                        ENDPOINT_CONNECTION_LIST=("${ENDPOINT_CONNECTION_LIST[@]/$ENDPOINT_CONNECTION}") # remove hit from allowlist
                     fi
                 done
             done

checks/check_extra790

@@ -12,7 +12,7 @@
 # specific language governing permissions and limitations under the License.
 
 CHECK_ID_extra790="7.90"
-CHECK_TITLE_extra790="[extra790] Find trust boundaries in VPC endpoint services whitelisted principles"
+CHECK_TITLE_extra790="[extra790] Find trust boundaries in VPC endpoint services allowlisted principles"
 CHECK_SCORED_extra790="NOT_SCORED"
 CHECK_CIS_LEVEL_extra790="EXTRA"
 CHECK_SEVERITY_extra790="Medium"

groups/group18_iso27001

@@ -156,7 +156,7 @@ GROUP_CHECKS[18]='check11,check110,check111,check112,check113,check114,check115,
 #136	A.13 Communications Security	A.13.1	Network Security Management	extra778	Find VPC security groups with wide-open public IPv4 CIDR ranges (non-RFC1918)
 #137	A.13 Communications Security	A.13.1	Network Security Management	extra789	Find trust boundaries in VPC endpoint services connections
 #138	A.13 Communications Security	A.13.1	Network Security Management	extra79	Check for internet facing Elastic Load Balancers
-#139	A.13 Communications Security	A.13.1	Network Security Management	extra790	Find trust boundaries in VPC endpoint services whitelisted principles
+#139	A.13 Communications Security	A.13.1	Network Security Management	extra790	Find trust boundaries in VPC endpoint services allowlisted principles
 #140	A.13 Communications Security	A.13.1	Network Security Management	extra78	Ensure there are no Public Accessible RDS instances
 #141    A.14 System acquisition, dev & maintenance A.14.2 Security in Dev & Support	extra731 Check if SNS topics have policy set as Public
 #142    A.14 System acquisition, dev & maintenance A.14.2 Security in Dev & Support	extra741 Find secrets in EC2 User Data

include/colors

@@ -70,7 +70,7 @@ printColorsCode(){
     echo -e "\n$NORMAL Color code for results: "
     echo -e " - $NOTICE INFO (Information)$NORMAL"
     echo -e " - $OK PASS (Recommended value)$NORMAL"
-    echo -e " - $WARNING WARNING (Ignored by whitelist)$NORMAL"
+    echo -e " - $WARNING WARNING (Ignored by allowlist)$NORMAL"
     echo -e " - $BAD FAIL (Fix required)$NORMAL"
   fi
 }

include/outputs

@@ -50,7 +50,7 @@ PROWLER_PARAMETERS=$@
 # $ACCOUNT_NUM AWS Account ID
 # $REPREGION AWS region scanned
 # $TITLE_ID Numeric identifier of each check (1.2, 2.3, etc), originally based on CIS checks.
-# $CHECK_RESULT values can be PASS, FAIL, INFO or WARNING if whitelisted
+# $CHECK_RESULT values can be PASS, FAIL, INFO or WARNING if allowlisted
 # $ITEM_SCORED corresponds to CHECK_SCORED, values can be Scored/Not Scored. This is CIS only, will be deprecated in Prowler.
 # $ITEM_CIS_LEVEL corresponds to CHECK_TYPE_ currently only for CIS Level 1, CIS Level 2 and Extras (all checks not part of CIS)
 # $TITLE_TEXT corresponds to CHECK_TITLE_ shows title of each check
@@ -173,11 +173,11 @@ textInfo(){
 }
 
 textFail(){
-  ## ignore whitelists for current check
+  ## ignore allowlists for current check
   level="FAIL"
   colorcode="$BAD"
   while read -r excluded_item; do
-    # ignore_check_name is the check with resources whitelisted
+    # ignore_check_name is the check with resources allowlisted
     ignore_check_name=$(awk -F ":" '{print $1}' <<< "${excluded_item}")
     # Resource value is what it comes after CHECK_NAME: :
     resource_value=$(awk -F "$CHECK_NAME:" '{print $2}' <<< "${excluded_item}")
@@ -349,7 +349,7 @@ generateJsonAsffOutput(){
   local message=$1
   local status=$2
   
-  #Checks to determine if the rule passes in a resource name that prowler uses to track the AWS Resource for whitelisting purposes
+  #Checks to determine if the rule passes in a resource name that prowler uses to track the AWS Resource for allowlisting purposes
   if [[ -z $3 ]]; then
     local resource_id="NONE_PROVIDED"
   else