fix(aws): not show findings when AccessDenieds

[sergargar]

Description

Don't add findings when Prowler does not know the status of the resource because of an AccessDenied.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov]

Codecov Report

Attention: Patch coverage is 86.92033% with 110 lines in your changes are missing coverage. Please review.

Project coverage is 86.37%. Comparing base (6fd7135) to head (fbf8d75).
Report is 39 commits behind head on master.

Files	Patch %	Lines
prowler/providers/aws/services/iam/iam_service.py	58.06%	26 Missing ⚠️
...ders/aws/services/cloudwatch/cloudwatch_service.py	51.61%	15 Missing ⚠️
...cy/iam_role_cross_account_readonlyaccess_policy.py	66.66%	11 Missing ⚠️
...ders/aws/services/cloudtrail/cloudtrail_service.py	53.33%	7 Missing ⚠️
...ces/resourceexplorer2/resourceexplorer2_service.py	22.22%	7 Missing ⚠️
...er/providers/aws/services/backup/backup_service.py	25.00%	6 Missing ⚠️
.../aws/services/ssmincidents/ssmincidents_service.py	0.00%	6 Missing ⚠️
.../providers/aws/services/account/account_service.py	44.44%	5 Missing ⚠️
prowler/lib/outputs/summary_table.py	0.00%	4 Missing ⚠️
...in_logs/cloudwatch_log_group_no_secrets_in_logs.py	89.47%	4 Missing ⚠️
... and 9 more

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3803      +/-   ##
==========================================
+ Coverage   85.61%   86.37%   +0.75%     
==========================================
  Files         731      746      +15     
  Lines       22659    23228     +569     
==========================================
+ Hits        19400    20063     +663     
+ Misses       3259     3165      -94     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sergargar]

We need to cover the case when there is a region denied and other accessible.
This happens to Backup, CloudWatch, CloudTrail, ResourceExplorer2 and SSMIncidents.

EDIT: DONE

[jfagoagas]

That's a great work and improvement @sergargar 👏

Please, document the criteria followed in the services and how this needs to be done in the checks, include all in the developer guide since it's an important change.

It'd be super helpful to complete tests cases and cover this, you can use mock_object.side_effect = ClientError(error_response, operation_name) to raise exceptions like if boto3 does that.

Thanks!

[sergargar]

@jfagoagas re-review it whenever you get a chance, please! Only the tests and docs are pending.

[github-actions]

You can check the documentation for this PR here -> SaaS Documentation

[sergargar]

Pending testing for CloudTrail, CloudWatch and IAM.

[github-actions]

You can check the documentation for this PR here -> SaaS Documentation

[sergargar]

Pending testing for CloudTrail and CloudWatch.

[github-actions]

You can check the documentation for this PR here -> SaaS Documentation

[sergargar]

Pending testing for CloudWatch.

[github-actions]

You can check the documentation for this PR here -> SaaS Documentation