From d00a457ae01e329277c082c33c4ce77919ec53e2 Mon Sep 17 00:00:00 2001
From: skyuecx0630 <48788794+skyuecx0630@users.noreply.github.com>
Date: Wed, 7 Aug 2024 16:45:49 +0900
Subject: [PATCH] Fix KeyError if rotation attributes don't exist

---
 services/secrets_manager.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/services/secrets_manager.py b/services/secrets_manager.py
index aa52ccd..b78018c 100644
--- a/services/secrets_manager.py
+++ b/services/secrets_manager.py
@@ -13,7 +13,7 @@ def secretsmanager_rotation_enabled_check():
     secrets = client.list_secrets()["SecretList"]
 
     for secret in secrets:
-        if secret["RotationEnabled"] == True:
+        if secret.get("RotationEnabled") == True:
             compliant_resources.append(secret["ARN"])
         else:
             non_compliant_resources.append(secret["ARN"])
@@ -31,7 +31,11 @@ def secretsmanager_scheduled_rotation_success_check():
     secrets = client.list_secrets()["SecretList"]
 
     for secret in secrets:
-        if secret["RotationEnabled"] == True:
+        if secret.get("RotationEnabled") == True:
+            if 'LastRotatedDate' not in secret:
+                non_compliant_resources.append(secret["ARN"])
+                continue
+
             now = datetime.datetime.now(tz=tzlocal())
             rotation_period = datetime.timedelta(
                 days=secret["RotationRules"]["AutomaticallyAfterDays"] + 2
@@ -56,7 +60,11 @@ def secretsmanager_secret_periodic_rotation():
     secrets = client.list_secrets()["SecretList"]
 
     for secret in secrets:
-        if secret["RotationEnabled"] == True:
+        if secret.get("RotationEnabled") == True:
+            if 'LastRotatedDate' not in secret:
+                non_compliant_resources.append(secret["ARN"])
+                continue
+
             now = datetime.datetime.now(tz=tzlocal())
             elapsed_time_after_rotation = now - secret["LastRotatedDate"]