From 30a6548c42b52976d2dca2bb90d43a30294993ab Mon Sep 17 00:00:00 2001
From: Shailendra Singh <16292287+newloem@users.noreply.github.com>
Date: Sat, 25 Sep 2021 09:25:32 +0530
Subject: [PATCH] Update SecurityHub_CISPlaybooks_CloudFormation.yaml

Minor fix to update default security Group as per event.
---
 SecurityHub_CISPlaybooks_CloudFormation.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SecurityHub_CISPlaybooks_CloudFormation.yaml b/SecurityHub_CISPlaybooks_CloudFormation.yaml
index c7f8281..987ce9f 100644
--- a/SecurityHub_CISPlaybooks_CloudFormation.yaml
+++ b/SecurityHub_CISPlaybooks_CloudFormation.yaml
@@ -1607,7 +1607,7 @@ Resources:
               # import lambda env var
               lambdaFunctionName = os.environ['AWS_LAMBDA_FUNCTION_NAME']
               # parse details from sechub finding
-              myDefaultSecGroupId = str(event['detail']['findings'][0]['Resources'][0]['Details']['Other']['groupId'])
+              myDefaultSecGroupId = str(event['detail']['findings'][0]['Resources'][0]['Details']['AwsEc2SecurityGroup']['GroupId'])
               findingId = str(event['detail']['findings'][0]['Id'])
               try:
                   # sg ec2 resource object
@@ -1714,4 +1714,4 @@ Resources:
       SourceArn: 
         Fn::GetAtt: 
           - "CIS43RREventRule"
-          - "Arn"
\ No newline at end of file
+          - "Arn"