AWS Macie

Updated on 28 Apr 2025
2 Minutes to read

Print
Share
Dark
Light

Article summary

Did you find this summary helpful?

Thank you for your feedback!

Amazon Macie is a fully managed data security and data privacy service. Macie uses machine learning and pattern matching to help you discover, monitor, and protect your sensitive data in Amazon S3. For more information on AWS Macie, click here.

Integration Method: API

Tables: Detection Finding (2004)

This integration supports the following events.

Event	Description
Findings	Get the finding details from different services.
Data Sources	Get details of the data sources.

This integration supports the following versions.

AWS Macie API version

2020-05-13

Note:
AWS Macie is a continuously updated SaaS service. As of this document preparation, the latest update to the sensitive data discovery was on March 03, 2025.

Prerequisites

To Configure AWS Macie, refer here.
Refer to this common procedure on how to create an IAM user, configure the AWS Access Key and AWS Secret Key, attach an IAM policy with required permissions.
The user should have access to the DataBee console.

Configuration Overview

Generate an AWS Access Key & Secret Key with the required IAM policies.
Add the AWS Macie in the DataBee console with the below parameters.
DataBee Parameter
AWS Macie Parameter
Access Key
AWS Access Key
Secret Key
AWS Secret Key
AWS Region
AWS Region
Service Name
macie2

DataBee Parameter	AWS Macie Parameter
Access Key	AWS Access Key
Secret Key	AWS Secret Key
AWS Region	AWS Region
Service Name	macie2

AWS Macie Configuration

Start by creating an IAM user with the API credentials. This common step is documented at AWS Configuration Prerequisites.
Once the IAM user has been created, Refer this document GuardDuty Setup for further steps.
Ensure AWS Access Key is attached to an IAM policy with following Actions allowed on the Macie resource. Refer here more info on the policy.

Minimum Required IAM Policy

{
    "Version": "2012-10-17",
    "Statement":
    [
        {
            "Effect": "Allow",
            "Action":
            [
                "macie2:Describe*",
                "macie2:Get*",
                "macie2:List*",
                "macie2:BatchGetCustomDataIdentifiers",
                "macie2:SearchResources"
            ],
            "Resource": "*"
        }
    ]
}

DataBee Configuration

Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the AWS Macie and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
- API Base URL: this is the base URL that DataBee will interact with. Replace <aws-region> with appropriate AWS region.
- Authorization Method: AWS Signature.
- Access Key: paste the AWS Client Access Key.
- Secret Key: paste the AWS Client Secret Key.
- AWS Region: type the AWS region . Refer endpoints for regions.
- Session Token: can be left empty.
- Service Name: macie2
- Event Types: preselected for all the event types that integration pulls.
Click Submit.

Troubleshooting Tips

Ensure the Access Key, Secret Key, Region are pasted correctly. Since you cannot view the Secret Key after the 1^st time, re-create the AWS Access Key & AWS Secret Key, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.
Ensure the AWS Macie scopes/permissions are correctly attached to the AWS Access Key.

Was this article helpful?

What's Next

AWS Security Hub

Table of contents

Prerequisites
Configuration Overview
AWS Macie Configuration
DataBee Configuration
Troubleshooting Tips