AWS Macie Member
This page shows how to write Terraform and CloudFormation for Macie Member and write them securely.
aws_macie2_member (Terraform)
The Member in Macie can be configured in Terraform with the resource name aws_macie2_member. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are supported:
account_id- (Required) The AWS account ID for the account.email- (Required) The email address for the account.tags- (Optional) A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.status- (Optional) Specifies the status for the account. To enable Amazon Macie and start all Macie activities for the account, set this value toENABLED. Valid values areENABLEDorPAUSED.invite- (Optional) Send an invitation to a memberinvitation_message- (Optional) A custom message to include in the invitation. Amazon Macie adds this message to the standard content that it sends for an invitation.invitation_disable_email_notification- (Optional) Specifies whether to send an email notification to the root user of each account that the invitation will be sent to. This notification is in addition to an alert that the root user receives in AWS Personal Health Dashboard. To send an email notification to the root user of each account, set this value totrue.
In addition to all arguments above, the following attributes are exported:
id- The unique identifier (ID) of the macie Member.arn- The Amazon Resource Name (ARN) of the account.relationship_status- The current status of the relationship between the account and the administrator account.administrator_account_id- The AWS account ID for the administrator account.invited_at- The date and time, in UTC and extended RFC 3339 format, when an Amazon Macie membership invitation was last sent to the account. This value is null if a Macie invitation hasn't been sent to the account.updated_at- The date and time, in UTC and extended RFC 3339 format, of the most recent change to the status of the relationship between the account and the administrator account.
Explanation in Terraform Registry
Provides a resource to manage an Amazon Macie Member.
AWS::Macie::CustomDataIdentifier (CloudFormation)
The CustomDataIdentifier in Macie can be configured in CloudFormation with the resource name AWS::Macie::CustomDataIdentifier. The following sections describe 8 examples of how to use the resource and its parameters.
Example Usage from GitHub
# Type: AWS::Macie::CustomDataIdentifier
# DependsOn: "Session"
# Properties:
# Description: # String
# IgnoreWords:
# - # String
Type: "AWS::Macie::CustomDataIdentifier"
Properties:
Description: "Patient ID CDI (e.g., 034e9e3b-2def-4559-bb2a-7850888ae060)"
Keywords:
- "PATIENT"
Name: "Patient ID"
Type: "AWS::Macie::CustomDataIdentifier"
Properties:
Description: "Patient ID CDI (e.g., 034e9e3b-2def-4559-bb2a-7850888ae060)"
Keywords:
- "PATIENT"
Name: "Patient ID"
Type: AWS::Macie::CustomDataIdentifier
Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html
Properties:
Name: !Ref 'Name'
Regex: !Ref 'Regex'
Outputs:
Type: AWS::Macie::CustomDataIdentifier
Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html
Properties:
Name: !Ref 'Name'
Regex: !Ref 'Regex'
Outputs:
"AWS::Macie::CustomDataIdentifier": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html",
"Properties": {
"Name": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html#cfn-macie-customdataidentifier-name",
"UpdateType": "Immutable",
"resourceType": "AWS::Macie::CustomDataIdentifier",
"filePath": null
}
]
},
{
"AWS::Macie::CustomDataIdentifier": {
"Type": "AWS::Macie::CustomDataIdentifier",
"Properties": {}
},
"AWS::ECS::TaskSet": {
"Type": "AWS::ECS::TaskSet",
Parameters
-
Namerequired - String -
Descriptionoptional - String -
Regexrequired - String -
MaximumMatchDistanceoptional - Integer -
Keywordsoptional - List -
IgnoreWordsoptional - List
Explanation in CloudFormation Registry
The
AWS::Macie::CustomDataIdentifierresource is a set of criteria that you define to detect sensitive data in one or more data sources. Each identifier specifies a regular expression (regex) that defines a text pattern to match in the data. It can also specify character sequences, such as words and phrases, and a proximity rule that refine the analysis of a data source. By using custom data identifiers, you can tailor your analysis to meet your organization's specific needs and supplement the built-in, managed data identifiers that Amazon Macie provides.A
Sessionmust exist for the account before you can create aCustomDataIdentifier. Use a DependsOn attribute to ensure that theSessionis created before the other resources. For example,"DependsOn: Session".
Frequently asked questions
What is AWS Macie Member?
AWS Macie Member is a resource for Macie of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Macie Member?
For CloudFormation, the comp9447-team4/soar, taakmara/macie-demo and garystafford/macie-demo source code examples are useful. See the CloudFormation Example section for further details.
