From 53b9e92ae9c4bd81c297f695e681a6025fc382c5 Mon Sep 17 00:00:00 2001
From: Riya <karmakri@amazon.com>
Date: Fri, 3 Nov 2023 17:12:08 +0530
Subject: [PATCH] Add compliant and noncompliant examples of
 cloudformation/checkov-custom-redshift-maintenance@v1.0

---
 .../compliant.yaml                            | 24 +++++++++++++++++++
 .../non-compliant.yaml                        | 23 ++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/compliant.yaml
 create mode 100644 src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/non-compliant.yaml

diff --git a/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/compliant.yaml b/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/compliant.yaml
new file mode 100644
index 0000000..b226b94
--- /dev/null
+++ b/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/compliant.yaml
@@ -0,0 +1,24 @@
+#  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  SPDX-License-Identifier: Apache-2.0
+
+# {fact rule=checkov-custom-redshift-maintenance@v1.0 defects=0}
+Resources:
+  TestCluster:
+    Type: AWS::Redshift::Cluster
+    Properties:
+      ClusterType: multi-node
+      DBName: dev
+      MasterUsername:
+      MasterUserPassword:
+      NodeType:
+      NumberOfNodes: 2
+      # Compliant: Amazon Redshift clusters have the specified maintenance settings.
+      PreferredMaintenanceWindow: Mon:09:30-Mon:10:00
+      AllowVersionUpgrade: true
+      AutomatedSnapshotRetentionPeriod: 2
+      PubliclyAccessible: false
+      LoggingProperties:
+        BucketName: "your_bucket"
+      ClusterSubnetGroupName: "subnet-ebd9cead"
+      Encrypted: true
+# {/fact}
diff --git a/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/non-compliant.yaml b/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/non-compliant.yaml
new file mode 100644
index 0000000..1608312
--- /dev/null
+++ b/src/IaC/detectors/cloudformation/checkov-custom-redshift-maintenance/non-compliant.yaml
@@ -0,0 +1,23 @@
+#  Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#  SPDX-License-Identifier: Apache-2.0
+
+# {fact rule=checkov-custom-redshift-maintenance@v1.0 defects=1}
+Resources:
+  TestCluster:
+    Type: AWS::Redshift::Cluster
+    Properties:
+      ClusterType: multi-node
+      DBName: dev
+      MasterUsername:
+      MasterUserPassword:
+      NodeType:
+      NumberOfNodes: 2
+      # Noncompliant: Amazon Redshift clusters don't have the specified maintenance settings.
+      AllowVersionUpgrade: true
+      AutomatedSnapshotRetentionPeriod: 2
+      PubliclyAccessible: false
+      LoggingProperties:
+        BucketName: "your_bucket"
+      ClusterSubnetGroupName: "subnet-ebd9cead"
+      Encrypted: true
+# {/fact}