fix: Flipped condition on secrets manager policy (#13862)

jon-s58 · web-flow · commit c604b707c5ac · 2023-09-15T00:11:02.000Z
for issue #13773
diff --git a/plugins/source/aws/policies/queries/secretsmanager/remove_unused_secrets_manager_secrets.sql b/plugins/source/aws/policies/queries/secretsmanager/remove_unused_secrets_manager_secrets.sql
@@ -7,7 +7,7 @@ select
     account_id,
     arn as resource_id,
     case when
-        (last_accessed_date is null and created_date > now() - INTERVAL '90 days')
-        or (last_accessed_date is not null and last_accessed_date > now() - INTERVAL '90 days')
+        (last_accessed_date is null and created_date < now() - INTERVAL '90 days')
+        or (last_accessed_date is not null and last_accessed_date < now() - INTERVAL '90 days')
     then 'fail' else 'pass' end as status
 from aws_secretsmanager_secrets
diff --git a/website/tables/aws/aws_secretsmanager_secrets.md b/website/tables/aws/aws_secretsmanager_secrets.md
@@ -53,11 +53,11 @@ SELECT
   CASE
   WHEN (
     last_accessed_date IS NULL
-    AND created_date > now() - '90 days'::INTERVAL
+    AND created_date < now() - '90 days'::INTERVAL
   )
   OR (
       last_accessed_date IS NOT NULL
-      AND last_accessed_date > now() - '90 days'::INTERVAL
+      AND last_accessed_date < now() - '90 days'::INTERVAL
     )
   THEN 'fail'
   ELSE 'pass'

Original file line number	Diff line number	Diff line change
`@@ -53,11 +53,11 @@ SELECT`
`53`	`53`	`CASE`
`54`	`54`	`WHEN (`
`55`	`55`	`last_accessed_date IS NULL`
`56`		`- AND created_date > now() - '90 days'::INTERVAL`
	`56`	`+ AND created_date < now() - '90 days'::INTERVAL`
`57`	`57`	`)`
`58`	`58`	`OR (`
`59`	`59`	`last_accessed_date IS NOT NULL`
`60`		`- AND last_accessed_date > now() - '90 days'::INTERVAL`
	`60`	`+ AND last_accessed_date < now() - '90 days'::INTERVAL`
`61`	`61`	`)`
`62`	`62`	`THEN 'fail'`
`63`	`63`	`ELSE 'pass'`