batchUpdateFindingsV2 method

Future<BatchUpdateFindingsV2Response> batchUpdateFindingsV2({
  1. String? comment,
  2. List<OcsfFindingIdentifier>? findingIdentifiers,
  3. List<String>? metadataUids,
  4. int? severityId,
  5. int? statusId,
})

Updates information about a customer's investigation into a finding. Delegated administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their own account.

BatchUpdateFindings and BatchUpdateFindingsV2 both use securityhub:BatchUpdateFindings in the Action element of an IAM policy statement. You must have permission to perform the securityhub:BatchUpdateFindings action. You can configure IAM policies to restrict access to specific finding fields or field values by using the securityhub:OCSFSyntaxPath/ condition key, where is one of the following supported fields: SeverityId, StatusId, or Comment.

To prevent a user from updating a specific field, use a Null condition with securityhub:OCSFSyntaxPath/ set to "false". To prevent a user from setting a field to a specific value, use a StringEquals condition with securityhub:OCSFSyntaxPath/ set to the disallowed value or list of values.

Updates from BatchUpdateFindingsV2 don't affect the value of finding_info.modified_time, finding_info.modified_time_dt, time, or time_dt for a finding.

May throw AccessDeniedException. May throw ConflictException. May throw InternalServerException. May throw ThrottlingException. May throw ValidationException.

Parameter comment : The updated value for a user provided comment about the finding. Minimum character length 1. Maximum character length 512.

Parameter findingIdentifiers : Provides information to identify a specific V2 finding.

Parameter metadataUids : The list of finding metadata.uid to indicate findings to update. Finding metadata.uid is a globally unique identifier associated with the finding. Customers cannot use MetadataUids together with FindingIdentifiers.

Parameter severityId : The updated value for the normalized severity identifier. The severity ID is an integer with the allowed enum values [0, 1, 2, 3, 4, 5, 6, 99]. When customer provides the updated severity ID, the string sibling severity will automatically be updated in the finding.

Parameter statusId : The updated value for the normalized status identifier. The status ID is an integer with the allowed enum values [0, 1, 2, 3, 4, 5, 99]. When customer provides the updated status ID, the string sibling status will automatically be updated in the finding.

Implementation

Future<BatchUpdateFindingsV2Response> batchUpdateFindingsV2({
  String? comment,
  List<OcsfFindingIdentifier>? findingIdentifiers,
  List<String>? metadataUids,
  int? severityId,
  int? statusId,
}) async {
  final $payload = <String, dynamic>{
    if (comment != null) 'Comment': comment,
    if (findingIdentifiers != null) 'FindingIdentifiers': findingIdentifiers,
    if (metadataUids != null) 'MetadataUids': metadataUids,
    if (severityId != null) 'SeverityId': severityId,
    if (statusId != null) 'StatusId': statusId,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'PATCH',
    requestUri: '/findingsv2/batchupdatev2',
    exceptionFnMap: _exceptionFns,
  );
  return BatchUpdateFindingsV2Response.fromJson(response);
}