Workflow - AWS Security Hub

Workflow

Provides information about the status of the investigation into a finding.

Contents

Status

The status of the investigation into the finding. The allowed values are the following.

  • NEW - The initial state of a finding, before it is reviewed.

    Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:

    • RecordState changes from ARCHIVED to ACTIVE.

    • ComplianceStatus changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.

  • NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.

  • SUPPRESSED - The finding will not be reviewed again and will not be acted upon.

  • RESOLVED - The finding was reviewed and remediated and is now considered resolved.

Type: String

Valid Values: NEW | NOTIFIED | RESOLVED | SUPPRESSED

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: