FindingLink in Remediation Notification does not take you to the Finding, it takes you to the Control

[thesuavehog]

trafficstars

Describe the bug

The Remediation Notification contains a field FindingLink. I would infer by the name of the field that it is supposed to be a link to the finding. It is actually a link to the Control in Security Hub.

Example Value: https://us-east-1.console.aws.amazon.com/securityhub/home?region=us-east-1#/controls/CloudWatch.2

Example link to the actual finding: https://console.aws.amazon.com/securityhub/home?region=us-east-1#/findings?search=Id%3D%255Coperator%255C%253AEQUALS%255C%253Aarn%253Aaws%253Asecurityhub%253Aus-east-1%253A344040822677%253Asecurity-control%252FCloudWatch.2%252Ffinding%252Fcd7ccdc2-df3d-43f1-9624-cd97c4f5fdc7

To Reproduce

Run any ASR remediation from Security Hub and view the SNS messages send for status updates about the remediation (QUEUED, SUCCESS, etc.)

Expected behavior

I expect a link directly to the finding that was remediated not to the Control. This is possible because the finding ID is part of the data that is received by the send_notification python script.

Please complete the following information about the solution:

• [ x ] Version: v2.2.1

To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "(SO0111) AWS Security Hub Automated Response & Remediation Administrator Stack, v1.4.0". You can also find the version from releases

• [ x ] Region: all
• [ x ] Was the solution modified from the version published on this repository?
  • yes, but not the calculation or generation of this link
• [ x ] If the answer to the previous question was yes, are the changes available on GitHub?
  • no
• [ x ] Have you checked your service quotas for the services this solution uses?
• [ x ] Were there any errors in the CloudWatch Logs? Troubleshooting
  • no