Skip to content
Gallery
14. Security in the Cloud
AWS Directory Service
Identity Providers and Federation
Encryption Primer
AWS Key Management Service
AWS Certificate Manager
AWS Security Hub
AWS Web Application Firewall (WAF)
AWS Shield and Shield Advanced
Amazon Inspector
Amazon Macie
Amazon GuardDuty
AWS Audit Manager
More
Share
Explore

icon picker
Amazon Macie

Amazon Macie is a data security service that discovers sensitive data by using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks.
To help you manage the security posture of your organization's Amazon Simple Storage Service (Amazon S3) data estate, Macie provides you with an inventory of your S3 general purpose buckets, and automatically evaluates and monitors the buckets for security and access control. If Macie detects a potential issue with the security or privacy of your data, such as a bucket that becomes publicly accessible, Macie generates a finding for you to review and remediate as necessary.
Macie also automates discovery and reporting of sensitive data to provide you with a better understanding of the data that your organization stores in Amazon S3. To detect sensitive data, you can use built-in criteria and techniques that Macie provides, custom criteria that you define, or a combination of the two. If Macie detects sensitive data in an S3 object, Macie generates a finding to notify you of the sensitive data that it found.
In addition to findings, Macie provides statistics and information that offer insight into the security posture of your Amazon S3 data and where sensitive data might reside in your data estate. The statistics and information can guide your decisions to perform deeper investigations of specific S3 buckets and objects. You can review and analyze findings, statistics, and other information by using the Amazon Macie console or the Amazon Macie API. You can also leverage Macie integration with Amazon EventBridge and AWS Security Hub to monitor, process, and remediate findings by using other services, applications, and systems.
image.png

Macie enables security compliance and preventive security as follows:
Identify a variety of data types, including PII, Protected Health Information (PHI), regulatory documents, API keys, and secret keys
Identify changes to policy and access control lists
Continuously monitor the security posture of Amazon S3
Generate security findings that you can view using the Macie console, AWS Security Hub, or Amazon EventBridge
Manage multiple AWS accounts using AWS Organizations



Loading
docs.aws.amazon.com
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.