By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubNetwork FirewallAmazon MacieBilling and Cost ManagementS3 Bucket PoliciesCloudWatch Alarms and Event RulesLogging & Monitoring ConfigurationsAWS WAFBackups & DRAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM Policies

By Service Protected

Configuration Packages

Strategy Guides

Amazon Macie

A collection of AWS Security controls for Amazon Macie. Configuration items include templates to enable Amazon Macie in an AWS account as well as configuration to set up notifications on findings


Configuration to enable Amazon Macie in an AWS Account. Amazon Macie is used to discover, monitor, and help protect sensitive data in Amazon S3 Buckets.

CloudFormationAWS CLI
CloudWatch Events

A CloudWatch Event Rule that triggers on Amazon Macie findings. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.

CloudFormationTerraformAWS CLI
Service Control Policy

This SCP prevents users or roles in any affected account from disabling Amazon Macie, deleting member accounts or disassociating an account from a master Macie account.

CloudFormationTerraformAWS CLI