I'm looking to understand whether calls from Athena made to sensitive data in S3 identified by Macie would be included in the behavior analytics performed by Macie? For example, if someone gets query results using Athena in a way that would trigger an anomaly alert from Macie, would that level of visibility be available?
Asked
Active
Viewed 56 times
1 Answers
0
Macie works by analyzing CloudTrail events, and treats the S3 operations made by Athena on behalf of an IAM user the same as any other S3 operations made by that user – so yes, queries run through Athena should trigger the same anomaly alerts as direct S3 usage.
Theo
- 131,503
- 21
- 160
- 205