Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Amazon Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides dashboards and alerts that give visibility into how this data is being accessed or moved.
Questions tagged [amazon-macie]
10 questions
3
votes
1 answer
putClassificationExportConfiguration error with Amazon Macie creating a bucket for discoveries retention
We just started using Amazon Macie and we're having an issue when creating the bucket to keep findings for longer than 90 days.
The error we get is:
putClassificationExportConfiguration: The operation can't be performed because you're not authorized…
Arehandoro
- 267
- 1
- 2
- 11
2
votes
3 answers
Is Macie supported in AWS CloudFormation?
From the user guide, I don't see Macie in the list of supported CloudFormation resources. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html Does this mean that you cannot create Macie resources…
Chang Lee
- 31
- 1
2
votes
1 answer
Assume a role before generating presgined s3 url
In our django application, we allow users to upload files directly to S3.
We do this using generate_presigned_post.
All works great, but we now get Suspicious Access alerts in Macie because it sees that EC2 credentials are being used externally.
The…
maafk
- 6,176
- 5
- 35
- 58
1
vote
1 answer
AWS Cloudtrail Insights vs AWS Macie vs AWS GuardDuty
My understanding of all three is that they look for patterns in events and logs to determine if there is a potential security flaw. Another question touches upon this but somewhat unsatisfactory. What I got from that reply was:
... GuardDuty is…
Frankster
- 653
- 7
- 26
1
vote
1 answer
AWS Macie & Terraform - Select all S3 buckets in account
I am enabling AWS Macie 2 using terraform and I am defining a default classification job as following:
resource "aws_macie2_account" "member" {}
resource "aws_macie2_classification_job" "member" {
job_type = "ONE_TIME"
name = "S3 PHI…
Dimi
- 309
- 5
- 25
1
vote
0 answers
AWS Macie - list of query fields
In the AWS Macie documentation, it shows an example of adding a basic alert.
The example query to add is s3_world_readability:"true"
Where do we find a list of valid fields that we can query on?
The docs refer to Constructing Queries in Macie, but…
maafk
- 6,176
- 5
- 35
- 58
0
votes
1 answer
Amazon Macie to read database data
I am doing some POC in Amazon Macie. I got from the documentation that it identifies PII data like credit card. Even I ran an example where I put some valid credit card numbers in CSV and put into S3 bucket and was identified by Macie.
I want to…
Anand
- 20,708
- 48
- 131
- 198
0
votes
1 answer
Types of PII for queries into AWS macie
I tried to make a query for classifying my documents using macie. But i don't know how i can find documents with driver licenses or National Identifications number...
In the examples that it use aws, appear pii_type: "mail" for email or pii_types:…
user8079405
0
votes
1 answer
Are calls to sensitive data in S3 from AWS Athena tracked in behavior analytics in AWS Macie?
I'm looking to understand whether calls from Athena made to sensitive data in S3 identified by Macie would be included in the behavior analytics performed by Macie? For example, if someone gets query results using Athena in a way that would trigger…
James Smith
- 21
- 5
0
votes
1 answer
Scanning S3 buckets for auditing purposes
What is the best way to scan data in S3 (for auditing purposes, possibly)? I was asked to do some research on this and utilizing AWS Athena was my first idea I could think of. But if you can provide more knowledge/ideas, I'd appreciate it.
Thanks!
Infravision
- 129
- 1
- 6