feat(aws): add check to ensure Codebuild Github projects are only use allowed Github orgs

[andoniaf]

Description

As described in this article, attacker can use Codebuild and Github Actions to gain persistence when compromising an AWS account.

Checking if Codebuild projects are configured against a list of allowed Github organizations can help detect this kind of attacks.

Checklist

• Are there new checks included in this PR? Yes / No
  • If so, do we need to update permissions for the provider? Please review this carefully.
• [ ] Review if the code is being covered by tests.
• [ ] Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• [ ] Review if backport is needed.
• [ ] Review if is needed to change the Readme.md
• [ ] Ensure new entries are added to CHANGELOG.md, if applicable.

API

• [ ] Verify if API specs need to be regenerated.
• [ ] Check if version updates are required (e.g., specs, Poetry, etc.).
• [ ] Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov[bot]]

Codecov Report

:x: Patch coverage is 94.44444% with 3 lines in your changes missing coverage. Please review. :white_check_mark: Project coverage is 88.21%. Comparing base (b868d39) to head (8d24dfa). :warning: Report is 473 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master    #7595       +/-   ##
===========================================
+ Coverage   75.41%   88.21%   +12.80%     
===========================================
  Files          72      896      +824     
  Lines        4612    27460    +22848     
===========================================
+ Hits         3478    24224    +20746     
- Misses       1134     3236     +2102     

Flag	Coverage Δ
prowler	88.21% <94.44%> (+12.80%)	:arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	88.21% <90.44%> (+12.80%)	:arrow_up:
api	∅ <ø> (∅)

:rocket: New features to boost your workflow:

• :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation

[github-actions[bot]]

You can check the documentation for this PR here -> Prowler Documentation