AWS Macie
  • 28 Apr 2025
  • 2 Minutes to read
  • Dark
    Light

AWS Macie

  • Dark
    Light

Article summary

Amazon Macie is a fully managed data security and data privacy service. Macie uses machine learning and pattern matching to help you discover, monitor, and protect your sensitive data in Amazon S3. For more information on AWS Macie, click here.

Integration Method: API

Tables: Detection Finding (2004)

This integration supports the following events.

Event

Description

Findings

Get the finding details from different services.

Data Sources

Get details of the data sources.

This integration supports the following versions.

AWS Macie API version

2020-05-13

Note:

AWS Macie is a continuously updated SaaS service. As of this document preparation, the latest update to the sensitive data discovery was on March 03, 2025.

Prerequisites

  • To Configure AWS Macie, refer here.

  • Refer to this common procedure on how to create an IAM user, configure the AWS Access Key and AWS Secret Key, attach an IAM policy with required permissions.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate an AWS Access Key & Secret Key with the required IAM policies.

  2. Add the AWS Macie in the DataBee console with the below parameters.

    DataBee Parameter

    AWS Macie Parameter

    Access Key

    AWS Access Key

    Secret Key

    AWS Secret Key

    AWS Region

    AWS Region

    Service Name

    macie2

AWS Macie Configuration

  1. Start by creating an IAM user with the API credentials. This common step is documented at AWS Configuration Prerequisites.

  2. Once the IAM user has been created, Refer this document  GuardDuty Setup for further steps.

  3. Ensure AWS Access Key is attached to an IAM policy with following Actions allowed on the Macie resource. Refer here more info on the policy. 

Minimum Required IAM Policy

{
    "Version": "2012-10-17",
    "Statement":
    [
        {
            "Effect": "Allow",
            "Action":
            [
                "macie2:Describe*",
                "macie2:Get*",
                "macie2:List*",
                "macie2:BatchGetCustomDataIdentifiers",
                "macie2:SearchResources"
            ],
            "Resource": "*"
        }
    ]
}

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the AWS Macie and click it as shown below.
     A screenshot of a computer  AI-generated content may be incorrect.

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     A screenshot of a computer  AI-generated content may be incorrect.

  5. In the configuration page, confirm the following:

    • API Base URL: this is the base URL that DataBee will interact with. Replace <aws-region> with appropriate AWS region.

    • Authorization Method: AWS Signature.

    • Access Key: paste the AWS Client Access Key.

    • Secret Key: paste the AWS Client Secret Key.

    • AWS Region: type the AWS region . Refer endpoints for regions.

    • Session Token: can be left empty.

    • Service Name: macie2

    • Event Types: preselected for all the event types that integration pulls.

      A screenshot of a login form  AI-generated content may be incorrect.  

  6. Click Submit.

Troubleshooting Tips

  • Ensure the Access Key, Secret Key, Region are pasted correctly. Since you cannot view the Secret Key after the 1st time, re-create the AWS Access Key & AWS Secret Key, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • Ensure the AWS Macie scopes/permissions are correctly attached to the AWS Access Key.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence