Add management of SecurityHub findings Workflow Status #5
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…on change of compliance of AWS Config Rules
added 3 commits
March 24, 2022 15:00
…of BatchUpdateFindings upon failures (asynchronuous handling of BatchImportFindings may lead to concurrency issues)
|
I would like to use the code in this PR. But since this is in "draft" status I am afraid it has not been properly tested yet? @fchsrp |
Author
|
The need for that code should have been removed by the native integration of AWS Config into Security Hub. See also https://aws.amazon.com/about-aws/whats-new/2022/06/aws-security-hub-config-managed-custom-rule-evaluation-results/.
From: Jacco Kulman ***@***.***>
Reply to: aws-samples/aws-securityhub-config-integration ***@***.***>
Date: Thursday, 14 July 2022 at 05:18
To: aws-samples/aws-securityhub-config-integration ***@***.***>
Cc: "Fuchs, Raphael" ***@***.***>, Author ***@***.***>
Subject: Re: [aws-samples/aws-securityhub-config-integration] Add management of SecurityHub findings Workflow Status (PR #5)
I would like to use the code in this PR. But since this is in "draft" status I am afraid it has not been properly tested yet?
—
Reply to this email directly, view it on GitHub<#5 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AYLQXL6XJTB76Z4SZSC6R4TVT6IFHANCNFSM5RLRMTFA>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request adds management of SecurityHub Findings Workflow on change of compliance of AWS Config Rules. The WorklowStatus of a SecurityHub Finding related to an AWS Config Rule is defined according to the compliance of the AWS Config Rule as follows:
The ComplianceStatus NOT_AVAILABLE of SecurityHub findings is not used (to match AWS Config NOT_APPLICABLE status) as it forces a transition of the WorkflowStatus to NEW automatically. Instead, the ComplianceStatus is set to PASSED when AWS Config reports NOT_APPLICABLE (which is set when the resource evaluated has been deleted).