AWS Macie Account
This page shows how to write Terraform for Macie Account and write them securely.
aws_macie2_account (Terraform)
The Account in Macie can be configured in Terraform with the resource name aws_macie2_account
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_macie2_account" "main" {
finding_publishing_frequency = "FIFTEEN_MINUTES"
status = "ENABLED"
}
resource "aws_macie2_classification_job" "sample" {
resource "aws_macie2_account" "PIIFinder" {}
resource "aws_macie2_classification_job" "ppi-finder-job" {
job_type = "ONE_TIME"
name = "PPI Finder"
s3_job_definition {
resource "aws_macie2_account" "macie" {
status = "ENABLED"
}
resource "aws_macie2_classification_job" "job" {
job_type = "ONE_TIME"
resource "aws_macie2_account" "macie_account" {
finding_publishing_frequency = "FIFTEEN_MINUTES"
}
resource "aws_macie2_custom_data_identifier" "stripe_identifier" {
name = "Stripe secret"
resource "aws_macie2_account" "default" {
provider = aws.admin
count = local.enabled ? 1 : 0
finding_publishing_frequency = var.finding_publishing_frequency
status = local.account_enabled ? "ENABLED" : "PAUSED"
Parameters
The following arguments are supported:
finding_publishing_frequency
- (Optional) Specifies how often to publish updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly called Amazon CloudWatch Events). Valid values areFIFTEEN_MINUTES
,ONE_HOUR
orSIX_HOURS
.status
- (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value toENABLED
. Valid values areENABLED
orPAUSED
.
In addition to all arguments above, the following attributes are exported:
id
- The unique identifier (ID) of the macie account.service_role
- The Amazon Resource Name (ARN) of the service-linked role that allows Macie to monitor and analyze data in AWS resources for the account.created_at
- The date and time, in UTC and extended RFC 3339 format, when the Amazon Macie account was created.updated_at
- The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the Macie account.
Explanation in Terraform Registry
Provides a resource to manage an AWS Macie Account.
CloudFormation Example
CloudFormation code does not have the related resource.
Frequently asked questions
What is AWS Macie Account?
AWS Macie Account is a resource for Macie of Amazon Web Service. Settings can be wrote in Terraform.
Where can I find the example code for the AWS Macie Account?
For Terraform, the Jimon-s/terraform-example-macie, KanchiMoe/gfdgdf and ncentola-2w/aws-macie-sns source code examples are useful. See the Terraform Example section for further details.