Top / Amazon Web Service / AWS Macie / Account

AWS Macie Account

This page shows how to write Terraform for Macie Account and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_macie2_account (Terraform)

The Account in Macie can be configured in Terraform with the resource name aws_macie2_account. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

macie.tf#L1
resource "aws_macie2_account" "main" {
  finding_publishing_frequency = "FIFTEEN_MINUTES"
  status                       = "ENABLED"
}

resource "aws_macie2_classification_job" "sample" {
test.tf#L6
resource "aws_macie2_account" "PIIFinder" {}

resource "aws_macie2_classification_job" "ppi-finder-job" {
   job_type = "ONE_TIME"
   name     = "PPI Finder"
   s3_job_definition {
main.tf#L10
resource "aws_macie2_account" "macie" {
  status = "ENABLED"
}

resource "aws_macie2_classification_job" "job" {
  job_type          = "ONE_TIME"
macie.tf#L1
resource "aws_macie2_account" "macie_account" {
  finding_publishing_frequency = "FIFTEEN_MINUTES"
}

resource "aws_macie2_custom_data_identifier" "stripe_identifier" {
  name                   = "Stripe secret"
main.tf#L12
resource "aws_macie2_account" "default" {
  provider = aws.admin
  count    = local.enabled ? 1 : 0

  finding_publishing_frequency = var.finding_publishing_frequency
  status                       = local.account_enabled ? "ENABLED" : "PAUSED"

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following arguments are supported:

  • finding_publishing_frequency - (Optional) Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are FIFTEEN_MINUTES, ONE_HOUR or SIX_HOURS.
  • status - (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to ENABLED. Valid values are ENABLED or PAUSED.

In addition to all arguments above, the following attributes are exported:

  • id - The unique identifier (ID) of the macie account.
  • service_role - The Amazon Resource Name (ARN) of the service-linked role that allows Macie to monitor and analyze data in AWS resources for the account.
  • created_at - The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.
  • updated_at - The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the Macie account.

>> from Terraform Registry

Explanation in Terraform Registry

Provides a resource to manage an AWS Macie Account.

>> from Terraform Registry

CloudFormation Example

CloudFormation code does not have the related resource.

The Other Related AWS Macie Resources

Frequently asked questions

What is AWS Macie Account?

AWS Macie Account is a resource for Macie of Amazon Web Service. Settings can be wrote in Terraform.

Where can I find the example code for the AWS Macie Account?

For Terraform, the Jimon-s/terraform-example-macie, KanchiMoe/gfdgdf and ncentola-2w/aws-macie-sns source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents