WorkflowUpdate
Used to update information about the investigation into the finding.
Contents
- Status
-
The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to
SUPPRESSED
orRESOLVED
does not prevent a new finding for the same issue.The allowed values are the following.
-
NEW
- The initial state of a finding, before it is reviewed.Security Hub also resets
WorkFlowStatus
fromNOTIFIED
orRESOLVED
toNEW
in the following cases:-
The record state changes from
ARCHIVED
toACTIVE
. -
The compliance status changes from
PASSED
to eitherWARNING
,FAILED
, orNOT_AVAILABLE
.
-
-
NOTIFIED
- Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner. -
RESOLVED
- The finding was reviewed and remediated and is now considered resolved. -
SUPPRESSED
- Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.
Type: String
Valid Values:
NEW | NOTIFIED | RESOLVED | SUPPRESSED
Required: No
-
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: