fix(query): updated "Vault Auditing Disabled" query to check for required log categories

[cx-andre-pereira]

Reason for Proposed Changes

• The "Vault Auditing Disabled" Terraform/azure query is not up to the standard of the related CIS_Microsoft_Azure_Foundations_Benchmark_v5.0.0 entry (6.1.1.4 Ensure that logging for Azure Key Vault is 'Enabled' (Automated)).

• Page 207 states :

1. Go to Key vaults.
2. For each Key vault, under Monitoring, go to Diagnostic settings.
3. Click Edit setting next to a diagnostic setting.
4. Ensure that a destination is configured.
5. Under Category groups, ensure that audit and allLogs are checked.

• Currently the query does not ensure that the category groups "audit" and "allLogs" are enabled given the "azurerm_monitor_diagnostic_setting" resource associated with the target "azurerm_key_vault".

Proposed Changes

• Implemented the query with the check for the necessary category groups.

NOTE: this query still does not ensure that a destination is configured.

I submit this contribution under the Apache-2.0 license.

[github-actions]

KICS version: v2.1.13

Category Results CRITICAL 0 HIGH 0 MEDIUM 0 LOW 0 INFO 0 TRACE 0 TOTAL 0	Metric Values Files scanned 1 Files parsed 1 Files failed to scan 0 Total executed queries 47 Queries failed to execute 0 Execution time 0