fix(errors): solve different errors in KMS, EFS and Lambda (#1835)

Co-authored-by: sergargar <sergargar@users.noreply.github.com>

prowler/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.py

@@ -21,13 +21,14 @@ class awslambda_function_invoke_api_operations_cloudtrail_logging_enabled(Check)
             lambda_recorded_cloudtrail = False
             for trail in cloudtrail_client.trails:
                 for data_event in trail.data_events:
-                    for resource in data_event.event_selector["DataResources"]:
+                    if "DataResources" in data_event.event_selector:
-                        if (
+                        for resource in data_event.event_selector["DataResources"]:
-                            resource["Type"] == "AWS::Lambda::Function"
+                            if (
-                            and function.arn in resource["Values"]
+                                resource["Type"] == "AWS::Lambda::Function"
-                        ):
+                                and function.arn in resource["Values"]
-                            lambda_recorded_cloudtrail = True
+                            ):
-                            break
+                                lambda_recorded_cloudtrail = True
+                                break
 
                     if lambda_recorded_cloudtrail:
                         break

prowler/providers/aws/services/efs/efs_not_publicly_accessible/efs_not_publicly_accessible.py

@@ -21,8 +21,12 @@ class efs_not_publicly_accessible(Check):
                 for statement in fs.policy["Statement"]:
                     if statement["Effect"] == "Allow":
                         if (
-                            statement["Principal"]["AWS"] == "*"
+                            ("Principal" in statement and statement["Principal"] == "*")
-                            or statement["Principal"] == "*"
+                            or (
+                                "Principal" in statement
+                                and "AWS" in statement["Principal"]
+                                and statement["Principal"]["AWS"] == "*"
+                            )
                             or (
                                 "CanonicalUser" in statement["Principal"]
                                 and statement["Principal"]["CanonicalUser"] == "*"

prowler/providers/aws/services/kms/kms_service.py

@@ -73,10 +73,11 @@ class KMS:
         logger.info("KMS - Get Key Rotation Status...")
         for key in self.keys:
             try:
-                regional_client = self.regional_clients[key.region]
+                if "EXTERNAL" not in key.origin:
-                key.rotation_enabled = regional_client.get_key_rotation_status(
+                    regional_client = self.regional_clients[key.region]
-                    KeyId=key.id
+                    key.rotation_enabled = regional_client.get_key_rotation_status(
-                )["KeyRotationEnabled"]
+                        KeyId=key.id
+                    )["KeyRotationEnabled"]
             except Exception as error:
                 logger.error(
                     f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"