feat(lambda): new test

README.md

@@ -131,7 +131,7 @@ The available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, `panic`
 
 <!-- BEGIN_YATAS -->
 
-## AWS - 63 Checks
+## AWS - 68 Checks
 
 ### AWS Certificate Manager
 - AWS_ACM_001 ACM certificates are valid
@@ -165,6 +165,7 @@ The available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, `panic`
 
 ### Cognito
 - AWS_COG_001 Cognito allows unauthenticated users
+- AWS_COG_002 Cognito allows self-registration
 
 ### DynamoDB
 - AWS_DYN_001 Dynamodbs are encrypted
@@ -193,12 +194,15 @@ The available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, `panic`
 - AWS_IAM_001 IAM Users have 2FA activated
 - AWS_IAM_002 IAM access key younger than 90 days
 - AWS_IAM_003 IAM User can't elevate rights
-- AWS_IAM_004 IAM Users have not used their password for 120 days
+- AWS_IAM_004 IAM Role can't elevate rights
+- AWS_IAM_005 IAM Users have not used their password for 120 days
 
 ### Lambda
 - AWS_LMD_001 Lambdas are private
 - AWS_LMD_002 Lambdas are in a security group
 - AWS_LMD_003 Lambdas are not with errors
+- AWS_LMD_004 Lambdas has no hard-coded secrets in environment
+- AWS_LMD_005 Lambdas has no public URL access
 
 ### RDS
 - AWS_RDS_001 RDS are encrypted
@@ -233,6 +237,7 @@ The available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, `panic`
 - AWS_VPC_003 VPC only have one Gateway
 - AWS_VPC_004 VPC Flow Logs are activated
 - AWS_VPC_005 VPC have at least 2 subnets
+- AWS_VPC_006 VPC's Subnets are in different zones
 
 <!-- END_YATAS -->
 

aws/cognito/getter.go

@@ -23,7 +23,6 @@ func GetCognitoPools(s aws.Config) []types.IdentityPoolShortDescription {
 		// Return an empty list of certificates
 		return []types.IdentityPoolShortDescription{}
 	}
-	fmt.Println("Hello")
 	return result.IdentityPools
 }
 
@@ -47,13 +46,15 @@ func GetDetailedCognitoPool(s aws.Config, pools []types.IdentityPoolShortDescrip
 
 func GetCognitoUserPools(s aws.Config) []ciptypes.UserPoolDescriptionType {
 	svc := cognitoidentityprovider.NewFromConfig(s)
-	fmt.Print(svc)
+	logger.Logger.Info(fmt.Sprintf("Getting Cognito User Pools"))
 	cognitoInput := &cognitoidentityprovider.ListUserPoolsInput{
 		MaxResults: 50,
 	}
 	result, err := svc.ListUserPools(context.TODO(), cognitoInput)
 	if err != nil {
-		fmt.Println(err)
+		logger.Logger.Error(err.Error())
+		// Return an empty list of certificates
+		return []ciptypes.UserPoolDescriptionType{}
 	}
 	return result.UserPools
 }
@@ -67,7 +68,9 @@ func GetDetailedCognitoUserPool(s aws.Config, userPools []ciptypes.UserPoolDescr
 		}
 		result, err := svc.DescribeUserPool(context.TODO(), cognitoInput)
 		if err != nil {
-			fmt.Println(err)
+			logger.Logger.Error(err.Error())
+			// Return an empty list of certificates
+			continue
 		}
 		detailedUserPools = append(detailedUserPools, *result)
 	}

aws/lambda/getter.go

@@ -48,7 +48,8 @@ func GetLambdaUrlConfigs(s aws.Config, lambdas []types.FunctionConfiguration) []
 		}
 		result, err := svc.ListFunctionUrlConfigs(context.TODO(), input)
 		if err != nil {
-			return nil
+			logger.Logger.Error(err.Error())
+			return []LambdaUrlConfig{}
 		}
 		lambdaUrlConfigs = append(lambdaUrlConfigs, LambdaUrlConfig{
 			LambdaName: *function.FunctionName,

go.mod

@@ -38,6 +38,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.26 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.33 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.24 // indirect
+	github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.22.7 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.27 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.26 // indirect
@@ -46,6 +47,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sso v1.12.7 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.7 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.18.8 // indirect
+	github.com/dlclark/regexp2 v1.9.0 // indirect
 	github.com/fatih/color v1.15.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-github/v35 v35.3.0 // indirect

go.sum

@@ -28,6 +28,8 @@ github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.24.5 h1:vgdcKjaRt3UVGEoSvSQ31
 github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.24.5/go.mod h1:Lpn4683moKqWUdyu4OpUOd9Yk82T31/+iauSAOBUNHQ=
 github.com/aws/aws-sdk-go-v2/service/cognitoidentity v1.15.7 h1:PIB81NoRm4IsLSUU998a+WPIy+Ucgj8qywPqDHDR1Hc=
 github.com/aws/aws-sdk-go-v2/service/cognitoidentity v1.15.7/go.mod h1:Q2V7AhAVeakJguXF9bVYxbU2PqBXbBzZPeKf/cMQ3y8=
+github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.22.7 h1:jJ/jIV3rE+MfOoIXBihvqNSgnB3NuPqRfANsEO4NYB4=
+github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.22.7/go.mod h1:euaNP81TKBtUkJWXk07ol4jAYkjh6EGYBM7EuYsSf9o=
 github.com/aws/aws-sdk-go-v2/service/dynamodb v1.19.3 h1:4bFeRtE0n7qdNgZomddCc6BNmqMKWEhq+YHcXERxWZQ=
 github.com/aws/aws-sdk-go-v2/service/dynamodb v1.19.3/go.mod h1:2XzQIYZ2VeZzxUnFIe0EpYIdkol6eEgs3vSAFjTLw4Q=
 github.com/aws/aws-sdk-go-v2/service/ec2 v1.93.1 h1:LXXltbK/NzSZot8qCKBffwz2/EMjuzinLXvBFz+xfEo=
@@ -72,6 +74,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dlclark/regexp2 v1.8.0 h1:rJD5HeGIT/2b5CDk63FVCwZA3qgYElfg+oQK7uH5pfE=
 github.com/dlclark/regexp2 v1.8.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
+github.com/dlclark/regexp2 v1.9.0 h1:pTK/l/3qYIKaRXuHnEnIf7Y5NxfRPfpb7dis6/gdlVI=
+github.com/dlclark/regexp2 v1.9.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=