fix(kms): add symmetric condition to kms_cmk_rotation_enabled check (#1788)

Co-authored-by: sergargar <sergio@verica.io>

prowler/providers/aws/services/kms/kms_cmk_rotation_enabled/kms_cmk_rotation_enabled.py

@@ -9,7 +9,11 @@ class kms_cmk_rotation_enabled(Check):
             report = Check_Report_AWS(self.metadata())
             report.region = key.region
             # Only check enabled CMKs keys
-            if key.manager == "CUSTOMER" and key.state == "Enabled":
+            if (
+                key.manager == "CUSTOMER"
+                and key.state == "Enabled"
+                and "SYMMETRIC" in key.spec
+            ):
                 if key.rotation_enabled:
                     report.status = "PASS"
                     report.status_extended = (

prowler/providers/aws/services/kms/kms_service.py

@@ -58,6 +58,7 @@ class KMS:
                 key.state = response["KeyMetadata"]["KeyState"]
                 key.origin = response["KeyMetadata"]["Origin"]
                 key.manager = response["KeyMetadata"]["KeyManager"]
+                key.spec = response["KeyMetadata"]["CustomerMasterKeySpec"]
         except Exception as error:
             logger.error(
                 f"{regional_client.region} -- {error.__class__.__name__}:{error.__traceback__.tb_lineno} -- {error}"
@@ -102,6 +103,7 @@ class Key:
     manager: str
     rotation_enabled: bool
     policy: dict
+    spec: str
     region: str
 
     def __init__(