update: automatically switch status from new to notified#

terraform-aws-modules · Nov 15, 2024 · eb26ec4 · eb26ec4
1 parent 47efa94
commit eb26ec4
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/functions/notify_slack.py b/functions/notify_slack.py
@@ -139,7 +139,8 @@ def format_aws_security_hub(message: Dict[str, Any], region: str) -> Dict[str, A
     # Switch Status From New To Notified To Prevent Repeated Messages
     try:
         compliance_status = finding["Compliance"].get("Status", "UNKNOWN")
-        if compliance_status == "FAILED":
+        workflow_status = finding["Workflow"].get("Status", "UNKNOWN")
+        if compliance_status == "FAILED" and workflow_status == "NEW":
            notified = SECURITY_HUB_CLIENT.batch_update_findings(
                FindingIdentifiers=[{
                   'Id': finding.get('Id'),