- 28 Apr 2025
- 2 Minutes to read
- Print
- DarkLight
AWS Macie
- Updated on 28 Apr 2025
- 2 Minutes to read
- Print
- DarkLight
Amazon Macie is a fully managed data security and data privacy service. Macie uses machine learning and pattern matching to help you discover, monitor, and protect your sensitive data in Amazon S3. For more information on AWS Macie, click here.
Integration Method: API
Tables: Detection Finding (2004)
This integration supports the following events.
Event | Description |
---|---|
Findings | Get the finding details from different services. |
Data Sources | Get details of the data sources. |
This integration supports the following versions.
AWS Macie API version | 2020-05-13 |
Note:
AWS Macie is a continuously updated SaaS service. As of this document preparation, the latest update to the sensitive data discovery was on March 03, 2025.
Prerequisites
To Configure AWS Macie, refer here.
Refer to this common procedure on how to create an IAM user, configure the AWS Access Key and AWS Secret Key, attach an IAM policy with required permissions.
The user should have access to the DataBee console.
Configuration Overview
Generate an AWS Access Key & Secret Key with the required IAM policies.
Add the AWS Macie in the DataBee console with the below parameters.
DataBee Parameter
AWS Macie Parameter
Access Key
AWS Access Key
Secret Key
AWS Secret Key
AWS Region
AWS Region
Service Name
macie2
AWS Macie Configuration
Start by creating an IAM user with the API credentials. This common step is documented at AWS Configuration Prerequisites.
Once the IAM user has been created, Refer this document GuardDuty Setup for further steps.
Ensure AWS Access Key is attached to an IAM policy with following Actions allowed on the Macie resource. Refer here more info on the policy.
Minimum Required IAM Policy
{
"Version": "2012-10-17",
"Statement":
[
{
"Effect": "Allow",
"Action":
[
"macie2:Describe*",
"macie2:Get*",
"macie2:List*",
"macie2:BatchGetCustomDataIdentifiers",
"macie2:SearchResources"
],
"Resource": "*"
}
]
}
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the AWS Macie and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
API Base URL: this is the base URL that DataBee will interact with. Replace <aws-region> with appropriate AWS region.
Authorization Method: AWS Signature.
Access Key: paste the AWS Client Access Key.
Secret Key: paste the AWS Client Secret Key.
AWS Region: type the AWS region . Refer endpoints for regions.
Session Token: can be left empty.
Service Name: macie2
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
Ensure the Access Key, Secret Key, Region are pasted correctly. Since you cannot view the Secret Key after the 1st time, re-create the AWS Access Key & AWS Secret Key, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.
Ensure the AWS Macie scopes/permissions are correctly attached to the AWS Access Key.