Amazon web services(AWS) launches new service for data security named Macie. Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Macie provides you with dashboards and alerts that give visibility into how your data is being accessed or moved. Macie continuously monitors data access activity for anomalies, and generates detailed alerts when it detects risk of unauthorized access or inadvertent data leaks.
Currently Macie supports data on S3 buckets only and other AWS data stores coming soon. And currently available only on 2 regions, US East (Northern Virginia) and US West (Oregon).
To enable Macie on your AWS account follows these steps:
Step 1 : First Enable Macie
- Choose available regions between US East (Northern Virginia) and US West (Oregon).
- Create the IAM roles that provide Macie with access to your AWS account. AWS provides Cloudformation templates for both the regions.
For US East (Virginia): Macie CloudFormation template for a master account
For US West (Oregon): Macie CloudFormation template for a master account
- Enable AWS CloudTrail in your account. If CloudTrail is not enabled, you must navigate to the AWS CloudTrail console and enable AWS CloudTrail
- Grant Macie the required permissions to access your CloudTrail data by checking the checkbox in the Permissions section.
- Click on Enable Macie.