Fixed typo issues, removed commented line, change in severity

checks/check_extra92

@@ -19,8 +19,9 @@ CHECK_ASFF_RESOURCE_TYPE_extra92="AwsEFS"
 CHECK_ALTERNATE_check92="extra92"
 CHECK_SERVICENAME_extra92="EFS"
 
-# If an EFS has a policy principle as *, we consider it as public accessible even though client connects through a vpc peering or transit gateway. Also if EFS has a default policy(no user defined
-# policy), it's also a security risk, as default policy grants full access to any client that can connect to the file system using a file system mount target.
+# If an EFS has a policy principle as *, we consider it as public accessible even though client connects through a 
+# vpc peering or transit gateway. Also if EFS has a default policy(no user defined policy), it's also a security risk, 
+# as default policy grants full access to any client that can connect to the file system using a file system mount target.
 
 extra92(){
   for region in $REGIONS; do
@@ -30,7 +31,6 @@ extra92(){
       EFS_POLICY_STATEMENTS=$($AWSCLI efs $PROFILE_OPT describe-file-system-policy --region $region --file-system-id $efsId --output json --query Policy 2>&1)
       if [[ $EFS_POLICY_STATEMENTS == *PolicyNotFound* ]]; then
         textFail "$region :  EFS $efsId doesn't have any policy which means it grants full access to any client"
-        # textInfo "EFS policy does not exist for efs id $efsId"
       else
         EFS_POLICY_BAD_STATEMENTS=$(echo $EFS_POLICY_STATEMENTS | jq '. | fromjson' | jq '.Statement[] | select(.Effect=="Allow") | select(.Principal=="*" or .Principal.AWS=="*" or .Principal.CanonicalUser=="*")')
         if [[ $EFS_POLICY_BAD_STATEMENTS != "" ]]; then

checks/check_extra93

@@ -20,8 +20,8 @@ CHECK_ASFF_RESOURCE_TYPE_extra93="AwsCloudWatch"
 CHECK_ALTERNATE_check93="extra93"
 CHECK_SERVICENAME_extra93="CloudWatch"
 
-# When CloudWatch allows cross account sharing, a role with name CloudWatch-CrossAccountSharingRole get's created by aws itself. So we are validating role name existance for checking the 
-# cloudwatch security.
+# When CloudWatch allows cross account sharing, a role with name CloudWatch-CrossAccountSharingRole 
+# get's created by aws itself. So we are validating role name existance for checking the cloudwatch security.
 
 extra93(){
   

checks/check_extra94

@@ -12,15 +12,16 @@
 # specific language governing permissions and limitations under the License.
 
 CHECK_ID_extra94="9.4"
-CHECK_TITLE_extra94="[extra94] Check if lambda functions has policies which allow access to everyone having an aws account (Not Scored) (Not part of CIS benchmark) (Custom Check)"
+CHECK_TITLE_extra94="[extra94] Check if lambda functions have policies which allow access to everyone having an aws account (Not Scored) (Not part of CIS benchmark) (Custom Check)"
 CHECK_SCORED_extra94="NOT_SCORED"
 CHECK_TYPE_extra94="EXTRA"
 CHECK_SEVERITY_extra94="Critical"
-CHECK_ASFF_RESOURCE_TYPE_extra94="AwsCloudWatch"
+CHECK_ASFF_RESOURCE_TYPE_extra94="AwsLambda"
 CHECK_ALTERNATE_check94="extra94"
-CHECK_SERVICENAME_extra94="CloudWatch"
+CHECK_SERVICENAME_extra94="Lambda"
 
-# If a lambda function has a policy principle as *, It can be accessed by any aws account. We consider such functions as publicly accessible resource.
+# If a lambda function has a policy principle as *, It can be accessed by any aws account. 
+# We consider such functions as publicly accessible resource.
 
 extra94(){
   for region in $REGIONS; do

checks/check_extra95

@@ -16,9 +16,9 @@ CHECK_TITLE_extra95="[extra95] Check if there is any unassigned elastic ip's (No
 CHECK_SCORED_extra95="NOT_SCORED"
 CHECK_TYPE_extra95="EXTRA"
 CHECK_SEVERITY_extra95="Critical"
-CHECK_ASFF_RESOURCE_TYPE_extra95="AwsCloudWatch"
+CHECK_ASFF_RESOURCE_TYPE_extra95="AwsElasticIPs"
 CHECK_ALTERNATE_check95="extra95"
-CHECK_SERVICENAME_extra95="CloudWatch"
+CHECK_SERVICENAME_extra95="ElasticIPs"
 
 # If there is any elasting ip which is not assigned to any instance or network interface, we will list that out.