Update rule metadata (#1254)

Author: nils-werner-sonarsource

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S4423.html

@@ -70,7 +70,7 @@ <h2>Compliant Solution</h2>
         CfnDomain(self, "example",
             version=EngineVersion.OPENSEARCH_1_3
             domain_endpoint_options=CfnDomain.DomainEndpointOptionsProperty(
-                tls_security_policy="Policy-Min-TLS-1-2-2019-07" # Compliant
+                tls_security_policy="Policy-Min-TLS-1-2-2019-07"
             )
         )
 </pre>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6270.html

@@ -20,7 +20,7 @@ <h2>Sensitive Code Example</h2>
   effect=Effect.ALLOW,
   actions=["s3:*"],
   resources=[bucket.arn_for_objects("*")],
-  principals=[AnyPrincipal()] # Noncompliant
+  principals=[AnyPrincipal()] # Sensitive
 ))
 </pre>
 <h2>Compliant Solution</h2>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6302.html

@@ -20,7 +20,7 @@ <h2>Sensitive Code Example</h2>
 
 PolicyStatement(
     effect=Effect.ALLOW,
-    actions=["*"], # Noncompliant
+    actions=["*"], # Sensitive
     resources=["arn:aws:iam:::user/*"]
 )
 </pre>

python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6333.html

@@ -10,6 +10,18 @@ <h2>Ask Yourself Whether</h2>
 <h2>Recommended Secure Coding Practices</h2>
 <p>It’s recommended to restrict API access to authorized entities, unless the API offers a non-sensitive service designed to be public.</p>
 <h2>Sensitive Code Example</h2>
+<p>For <a href="https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_apigateway/Resource.html">aws_cdk.aws_apigateway.Resource</a>:</p>
+<pre>
+from aws_cdk import (
+    aws_apigateway as apigateway
+)
+
+resource = api.root.add_resource("example")
+resource.add_method(
+    "GET",
+    authorization_type=apigateway.AuthorizationType.NONE  # Sensitive
+)
+</pre>
 <p>For <a href="https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_apigatewayv2.CfnRoute.html">aws_cdk.aws_apigatewayv2.CfnRoute</a>:</p>
 <pre>
 from aws_cdk import (
@@ -25,6 +37,27 @@ <h2>Sensitive Code Example</h2>
 )
 </pre>
 <h2>Compliant Solution</h2>
+<p>For <a href="https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_apigateway/Resource.html">aws_cdk.aws_apigateway.Resource</a>:</p>
+<pre>
+from aws_cdk import (
+    aws_apigateway as apigateway
+)
+
+opts = apigateway.MethodOptions(
+    authorization_type=apigateway.AuthorizationType.IAM
+)
+resource = api.root.add_resource(
+    "example",
+    default_method_options=opts
+)
+resource.add_method(
+    "POST",
+    authorization_type=apigateway.AuthorizationType.IAM
+)
+resource.add_method(  # authorization_type is inherited from the Resource's configured default_method_options
+    "POST"
+)
+</pre>
 <p>For <a href="https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_apigatewayv2.CfnRoute.html">aws_cdk.aws_apigatewayv2.CfnRoute</a>:</p>
 <pre>
 from aws_cdk import (

sonarpedia.json

@@ -3,7 +3,7 @@
   "languages": [
     "PY"
   ],
-  "latest-update": "2022-09-30T06:54:04.510718Z",
+  "latest-update": "2022-10-14T12:58:57.615105Z",
   "options": {
     "no-language-in-filenames": true,
     "preserve-filenames": true