fix(queries): align queries cross different platforms

[roi-orca]

align queries cross different platforms

References:
#5460
#5446

Proposed Changes
align queries cross different platforms

Queries:

1. API Gateway without WAF
2. CloudTrail Log File Validation Disabled
3. CloudTrail Log Files Not Encrypted With CMK
4. DB Instance Publicly Accessible
5. Hardcoded AWS Access Key In Lambda
6. IAM Password Without Number
7. S3 Bucket Logging Disabled
8. SQL Analysis Services Port 2383 (TCP) Is Publicly Accessible
9. Stack Notifications Disabled
10. Azure Container Registry With No Locks
11. Public Storage Account
12. Redis Cache Allows Non SSL Connections
13. COS Node Image Not Used
14. Google Compute Subnetwork with Private Google Access Disabled
15. High Google KMS Crypto Key Rotation Period
16. High KMS Rotation Period
17. Serial Ports Are Enabled For VM Instances
18. SSH Access Is Not Restricted
19. Using Default Service Account
20. Cloudfront Logging Disabled
21. Cloudfront Without WAF
22. CodeBuild Not Encrypted
23. DB Security Group With Public Scope
24. ECS Service Admin Role is Present
25. User Data Contains Encoded Private Key
26. Authentication Without MFA
27. CA Certificate Identifier Is Outdated
28. ElasticSearch Without Slow Logs
29. Hardcoded AWS Access Key
30. SQS with SSE disabled
31. AKS Network Policy Misconfigured
32. CosmosDB Account IP Range Filter Not Set
33. Role Definition Allows Custom Role Creation
34. Unrestricted SQL Server Access

I submit this contribution under the Apache-2.0 license.

[rafaela-soares]

Hi, @roi-orca!

Thank you so much for continuing to improve the KICS queries metadata! 🚀

I suggest the following:

[rafaela-soares]

LGTM 🚀

I will only wait for our security team to confirm the severity and category alignment.

[roi-orca]

@rjegoncalves can you please review the changes?

[roi-orca]

@rafaela-soares any update on this?

[rafaela-soares]

@rafaela-soares any update on this?

Hello, @roi-orca! The PR is already being reviewed. Sorry for the delay. We will update you, as soon as possible 😊

[rafaela-soares]

Hello, @roi-orca!

Our security team took the opportunity to analyze the queries of your PR. Some suggestions are not related to what you changed, but they will improve the queries.

Please, take a look at the suggestion and let me know what you think about it 😊

Note that the suggestions apply to all platforms that have the query.

[roi-orca]

Hi @rafaela-soares,
Regarding the comments of This description could have more details about the impact
Do you mean how actually the issue should be resolved in the platform?

[rafaela-soares]

Hi @rafaela-soares, Regarding the comments of This description could have more details about the impact Do you mean how actually the issue should be resolved in the platform?

Hi, @roi-orca! We mean how the vulnerability can impact the environment or the user. For example, regarding the query DB Instance Publicly Accessible, the fact that the db is public will make the attack surface bigger and more susceptible to attacks.

[gabriel-cx]

Hello, @roi-orca!
Feel free to ping me if you need something from our side in order to close this PR! ⛵
If you prefer, we can close it in our side.

[cxMiguelSilva]

LGTM