Secrets rotation lambda is affected by CWE-117 and CWE-93

[Niffy]

When looking in AWS inspector it appears the lambda for secret rotation is vulnerable to the following log injection CWEs CWE-117 CWE-93

User-provided inputs must be sanitized before they are logged. An attacker can use unsanitized input to break a log's integrity, forge log entries, or bypass log monitors.

It marks the severity as high.

The finding occurs here https://github.com/aws-samples/aws-secrets-manager-rotation-lambdas/blob/master/SecretsManagerRDSPostgreSQLRotationSingleUser/lambda_function.py#L59

logger.error("Secret %s is not enabled for rotation" % arn)

Having this resolved would be great and means we have no vulnerabilities that are high on our account.