A collection of AWS Security controls for Amazon Macie. Configuration items include templates to enable Amazon Macie in an AWS account as well as configuration to set up notifications on findings

Macie
Enable Amazon Macie

Configuration to enable Amazon Macie in an AWS Account. Amazon Macie is used to discover, monitor, and help protect sensitive data in Amazon S3 Buckets.

CloudFormationAWS CLI
Amazon Macie Allow List with Regular Expression

This template creates an AWS Macie Allow List resource that uses a regular expression to specify a text pattern to ignore. The allow list is designed to ignore specific email addresses for the example.com domain. It has a name, description, and tags for identification.

CloudFormationTerraform
Amazon Macie Allow List with Predefined Text

This template creates an AWS Macie Allow List resource that specifies a list of predefined text to ignore. The allow list is designed to ignore specific phone numbers for a company named Example Corp. The list is stored in an Amazon S3 object and the object is stored in an S3 bucket. It has a name, description, and tags for identification.

CloudFormationTerraform
Amazon Macie Custom Data Identifier

This template creates a custom data identifier for Amazon Macie. The custom data identifier detects six-digit character sequences that are in proximity of certain keywords. It excludes matches that are specified in the IgnoreWords array.

CloudFormationTerraform
Amazon Macie Findings Filter

This template creates an AWS Macie Findings Filter resource. The findings filter suppresses (automatically archives) findings for AWS resources that are owned by a specific account.

CloudFormationTerraform
Amazon Macie Session

This template creates an AWS Macie session. It enables Macie for the account and configures it to publish updated policy findings every hour.

CloudFormationTerraform