feat(aws): add check rds_instance_extended_support

[kagahd]

Context

This feature request offers a new AWS check rds_instance_extended_support.
It checks whether Amazon RDS DB instances are enrolled in Amazon RDS Extended Support. If the instance reports EngineLifecycleSupport as open-source-rds-extended-support, it is enrolled and the check fails. Otherwise, the check passes.

Description

DB instances enrolled in RDS Extended Support can incur additional charges after the end of standard support for the running database major version. Remaining on older major versions can also delay necessary upgrades, increasing operational and security risk.
The check is covered by unit-tests.

Checklist

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? Yes
  • If so, do we need to update permissions for the provider? No

UI

• All issue/task requirements work as expected on the UI
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• All issue/task requirements work as expected on the API
• Endpoint response output (if applicable)
• EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
• Performance test results (if applicable)
• Any other relevant evidence of the implementation (if applicable)
• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 8.67%. Comparing base (91e3c01) to head (4259a32).

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #9865       +/-   ##
==========================================
- Coverage   92.07%   8.67%   -83.40%     
==========================================
  Files         180     832      +652     
  Lines       24833   23496     -1337     
==========================================
- Hits        22864    2039    -20825     
- Misses       1969   21457    +19488     

Flag	Coverage Δ
api	?
prowler-py3.10-aws	8.60% <100.00%> (?)
prowler-py3.11-aws	8.60% <100.00%> (?)
prowler-py3.12-aws	8.67% <100.00%> (?)
prowler-py3.9-aws	8.63% <100.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	8.67% <100.00%> (∅)
api	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[kagahd]

codecov/patch is green (“all modified lines are covered”), so this PR itself does not reduce test coverage.

The large drop in codecov/project (92% → ~9%, +600 files) strongly suggests a Codecov upload/configuration issue, not missing tests in this PR.

In particular, the API workflow generates coverage.xml in the repo root, but the Codecov upload does not explicitly reference the file. This can result in incomplete or missing project coverage data.

I believe the project coverage regression should be fixed in the CI/Codecov setup rather than in this PR.

[danibarranqueroo]

Thanks for this great contribution! Please review this requested changes.

[danibarranqueroo]

Suggested change

	"CheckTitle": "RDS instances are not enrolled in RDS Extended Support",
	"CheckTitle": "RDS instance is not enrolled in RDS Extended Support",

[danibarranqueroo]

Suggested change

	"Description": "Checks whether Amazon RDS DB instances are enrolled in Amazon RDS Extended Support. If the instance reports `EngineLifecycleSupport` as `open-source-rds-extended-support`, it is enrolled and the check fails. Otherwise, the check passes.",
	"Description": "**RDS DB instances** are evaluated for enrollment in Amazon RDS Extended Support. The check fails if `EngineLifecycleSupportis` set to `open-source-rds-extended-support`, indicating the instance will incur additional charges after standard support ends.",

[danibarranqueroo]

Suggested change

	"RelatedUrl": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html",
	"RelatedUrl": "",

[danibarranqueroo]

Suggested change

	"Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support-charges.html"
	"Url": "https://hub.prowler.com/check/rds_instance_extended_support"

[danibarranqueroo]

Please, move it to the current UNRELEASED version and follow the same style as other new checks in the Added section

[danibarranqueroo]

Please, remove this changes. Don't worry about codecov since it's not a blocker for merging PRs, I'll talk with the team about this to see if there is a problem with the current settings.

[danibarranqueroo]

I've tested the check and it works as expected 🚀