feat(gcp): new check dns_policy_logging_enabled to ensure DNS logging

[Synchx00]

Context

Cloud DNS logging is critical for security auditing, as it records queries from name servers within VPCs to Cloud Logging. This visibility helps detect malicious domains or C2 communication. Currently, Prowler does not verify if this logging is enabled for VPC networks. This PR adds a check to ensure all VPC networks have Cloud DNS logging enabled.

Fix #7287

Description

I have added a new check: dns_policy_logging_enabled.

Logic implemented:

1. Iterates through all VPC Networks in the project (using the Compute API).
2. Iterates through all Cloud DNS Policies (using the DNS API).
3. Checks if a VPC is associated with any DNS policy.
4. If an association is found, verifies if logging is enabled on that policy.
5. Returns PASS if the VPC is attached to a policy with logging enabled.
6. Returns FAIL if the VPC is not attached to any policy, or if the attached policy has logging disabled.

Dependencies:

• Uses standard compute_client.networks and dns_client.policies. No new external dependencies.

Steps to review

To verify this check manually:

1. Create a "Bad" VPC (No Policy):

   gcloud compute networks create prowler-test-vpc-bad --subnet-mode=auto

2. Create a "Good" VPC and Policy:

   # Create VPC
   gcloud compute networks create prowler-test-vpc-good --subnet-mode=auto
   
   # Create Policy with Logging Enabled
   gcloud dns policies create prowler-logging-policy \
       --description="Policy for Prowler Test" \
       --networks=prowler-test-vpc-good \
       --enable-logging

3. Run the check:

   python prowler-cli.py gcp --check dns_policy_logging_enabled

4. Verify Output:

   • prowler-test-vpc-bad should FAIL.
   • prowler-test-vpc-good should PASS.

Checklist

• Are there new checks included in this PR? Yes
  • If so, do we need to update permissions for the provider? No (Standard ReadOnly permissions for Compute and DNS cover this).
• Review if the code is being covered by tests. (Verified manually via CLI execution).
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

UI

• All issue/task requirements work as expected on the UI
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.