Prerequisites
- A Scaleway organization with IAM access.
- A Scaleway API key with at least the
IAMReadOnlypolicy bound to a dedicated IAM user (do not use the account root user). - Your organization ID (visible at the top right of the Scaleway console).
Authentication Method
Prowler reads credentials exclusively from the standard Scaleway environment variables. There are no credential CLI flags, so secrets are never exposed in shell history or process listings.
The scope variables can also be passed as CLI flags (
--organization-id, --project-id, --region), which override the corresponding environment variables.
Required Scaleway Permissions
The API key bearer needs read access to the IAM API in order to list users and API keys. TheIAMReadOnly policy is sufficient. Refer to the Scaleway IAM policy reference for the full list of permissions.
