AWS Macie Account

This page shows how to write Terraform for Macie Account and write them securely.

aws_macie2_account (Terraform)

The Account in Macie can be configured in Terraform with the resource name aws_macie2_account. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub
resource "aws_macie2_account" "main" {
  finding_publishing_frequency = "FIFTEEN_MINUTES"
  status                       = "ENABLED"

resource "aws_macie2_classification_job" "sample" {
resource "aws_macie2_account" "PIIFinder" {}

resource "aws_macie2_classification_job" "ppi-finder-job" {
   job_type = "ONE_TIME"
   name     = "PPI Finder"
   s3_job_definition {
resource "aws_macie2_account" "macie" {
  status = "ENABLED"

resource "aws_macie2_classification_job" "job" {
  job_type          = "ONE_TIME"
resource "aws_macie2_account" "macie_account" {
  finding_publishing_frequency = "FIFTEEN_MINUTES"

resource "aws_macie2_custom_data_identifier" "stripe_identifier" {
  name                   = "Stripe secret"
resource "aws_macie2_account" "default" {
  provider = aws.admin
  count    = local.enabled ? 1 : 0

  finding_publishing_frequency = var.finding_publishing_frequency
  status                       = local.account_enabled ? "ENABLED" : "PAUSED"

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


The following arguments are supported:

  • finding_publishing_frequency - (Optional) Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values are FIFTEEN_MINUTES, ONE_HOUR or SIX_HOURS.
  • status - (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value to ENABLED. Valid values are ENABLED or PAUSED.

In addition to all arguments above, the following attributes are exported:

  • id - The unique identifier (ID) of the macie account.
  • service_role - The Amazon Resource Name (ARN) of the service-linked role that allows Macie to monitor and analyze data in AWS resources for the account.
  • created_at - The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.
  • updated_at - The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the Macie account.

Explanation in Terraform Registry

Provides a resource to manage an AWS Macie Account.

CloudFormation Example

CloudFormation code does not have the related resource.

Frequently asked questions

What is AWS Macie Account?

AWS Macie Account is a resource for Macie of Amazon Web Service. Settings can be wrote in Terraform.

Where can I find the example code for the AWS Macie Account?

For Terraform, the Jimon-s/terraform-example-macie, KanchiMoe/gfdgdf and ncentola-2w/aws-macie-sns source code examples are useful. See the Terraform Example section for further details.


Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.