From 8b41887b9d73aebc5e06ba46048d635a23a51545 Mon Sep 17 00:00:00 2001
From: Saurabh Chakraborthy <saurchak@amazon.com>
Date: Sat, 18 Nov 2023 20:24:00 +0530
Subject: [PATCH] Add compliant and non-compliant examples for
 api-logging-disabled-cdk

---
 .../api_logging_disabled_cdk_compliant.py     | 20 +++++++++++++++++++
 .../api_logging_disabled_cdk_noncompliant.py  | 16 +++++++++++++++
 2 files changed, 36 insertions(+)
 create mode 100644 src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_compliant.py
 create mode 100644 src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_noncompliant.py

diff --git a/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_compliant.py b/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_compliant.py
new file mode 100644
index 0000000..355821f
--- /dev/null
+++ b/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_compliant.py
@@ -0,0 +1,20 @@
+#  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  SPDX-License-Identifier: Apache-2.0
+
+# {fact rule=api-logging-disabled@v1.0 defects=0}
+import aws_cdk as cdk
+from aws_cdk import aws_apigatewayv2
+
+
+class APILoggingDisabled(cdk.Stack):
+
+    def api_logging_disabled_compliant(self):
+        # Compliant: logging present
+        aws_apigatewayv2.CfnStage(self, 'rStage',
+                                  access_log_settings=aws_apigatewayv2
+                                  .CfnStage.access_log_settingsProperty(
+                                      destination_arn='foo',
+                                      format='$context.requestId'),
+                                  api_id='bar',
+                                  stage_name='baz')
+# {/fact}
diff --git a/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_noncompliant.py b/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_noncompliant.py
new file mode 100644
index 0000000..ddc6e13
--- /dev/null
+++ b/src/python/detectors/api_logging_disabled_cdk/api_logging_disabled_cdk_noncompliant.py
@@ -0,0 +1,16 @@
+#  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  SPDX-License-Identifier: Apache-2.0
+
+# {fact rule=api-logging-disabled-cdk@v1.0 defects=1}
+import aws_cdk as cdk
+from aws_cdk import aws_apigatewayv2
+
+
+class APILoggingDisabled(cdk.Stack):
+
+    def api_logging_disabled_noncompliant(self):
+        # Noncompliant: logging disabled
+        aws_apigatewayv2.CfnStage(self, 'rHttpApiDefaultStage',
+                                  api_id='foo', stage_name='$default',
+                                  auto_deploy=True)
+# {/fact}