Expand the data collected on AWS secrets manager secrets

- Add last access date
- Add owning service
- Add the lambda function for rotation
- Add a sub-resource for rotation rules

Signed-off-by: Tim Smith <tsmith84@gmail.com>

Author: tas50

providers/aws/resources/aws.lr

@@ -1691,6 +1691,8 @@ aws.secretsmanager.secret @defaults("arn name") {
   description string
   // KMS key used for encryption of the secret
   kmsKey() aws.kms.key
+  // Last date the secret was accessed
+  lastAccessedDate time
   // Last date the secret was changed
   lastChangedDate time
   // Last date the secret was automatically rotated
@@ -1699,14 +1701,30 @@ aws.secretsmanager.secret @defaults("arn name") {
   name string
   // Date of the next secret rotation
   nextRotationDate time
+  // AWS service that created this secret (e.g., RDS, Redshift)
+  owningService string
   // Primary region of the secret
   primaryRegion string
   // Whether rotation is enabled for the secret
   rotationEnabled bool
+  // Lambda function used for automatic rotation
+  rotationLambda() aws.lambda.function
+  // Rotation schedule configuration
+  rotationRules() aws.secretsmanager.secret.rotationRules
   // Tags for the secret
   tags map[string]string
 }
 
+// AWS Secrets Manager secret rotation rules configuration
+private aws.secretsmanager.secret.rotationRules {
+  // Number of days between automatic scheduled rotations
+  automaticallyAfterDays int
+  // Length of the rotation window in hours (e.g., "3h")
+  duration string
+  // Cron or rate expression defining the rotation schedule (e.g., "rate(12 hours)")
+  scheduleExpression string
+}
+
 
 // Amazon Elastic Container Service (ECS)
 aws.ecs  @defaults("clusters containers containerInstances") {

providers/aws/resources/aws.lr.go

@@ -3715,21 +3715,39 @@ resources:
         min_mondoo_version: 9.0.0
       kmsKey:
         min_mondoo_version: 9.0.0
+      lastAccessedDate:
+        min_mondoo_version: 9.0.0
       lastChangedDate:
         min_mondoo_version: 9.0.0
       lastRotatedDate:
         min_mondoo_version: 9.0.0
       name: {}
       nextRotationDate:
         min_mondoo_version: 9.0.0
+      owningService:
+        min_mondoo_version: 9.0.0
       primaryRegion:
         min_mondoo_version: 9.0.0
       rotationEnabled: {}
+      rotationLambda:
+        min_mondoo_version: 9.0.0
+      rotationRules:
+        min_mondoo_version: 9.0.0
       tags: {}
     min_mondoo_version: 5.15.0
     platform:
       name:
       - aws
+  aws.secretsmanager.secret.rotationRules:
+    fields:
+      automaticallyAfterDays: {}
+      duration: {}
+      scheduleExpression: {}
+    is_private: true
+    min_mondoo_version: 9.0.0
+    platform:
+      name:
+      - aws
   aws.securityhub:
     fields:
       hubs: {}