AWS Macie Organization ADMin Account

This page shows how to write Terraform and CloudFormation for Macie Organization ADMin Account and write them securely.

aws_macie2_organization_admin_account (Terraform)

The Organization ADMin Account in Macie can be configured in Terraform with the resource name aws_macie2_organization_admin_account. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following arguments are supported:

  • admin_account_id - (Required) The AWS account ID for the account to designate as the delegated Amazon Macie administrator account for the organization.

In addition to all arguments above, the following attributes are exported:

  • id - The unique identifier (ID) of the macie organization admin account.

Explanation in Terraform Registry

Provides a resource to manage an Amazon Macie Organization Admin Account.

AWS::Macie::CustomDataIdentifier (CloudFormation)

The CustomDataIdentifier in Macie can be configured in CloudFormation with the resource name AWS::Macie::CustomDataIdentifier. The following sections describe 8 examples of how to use the resource and its parameters.

Example Usage from GitHub

macie.yml#L28
  # Type: AWS::Macie::CustomDataIdentifier
  # DependsOn: "Session"
  # Properties:
  #     Description: # String
  #     IgnoreWords:
  #         - # String
macie_demo.yml#L21
    Type: "AWS::Macie::CustomDataIdentifier"
    Properties:
      Description: "Patient ID CDI (e.g., 034e9e3b-2def-4559-bb2a-7850888ae060)"
      Keywords:
        - "PATIENT"
      Name: "Patient ID"
macie_demo.yml#L21
    Type: "AWS::Macie::CustomDataIdentifier"
    Properties:
      Description: "Patient ID CDI (e.g., 034e9e3b-2def-4559-bb2a-7850888ae060)"
      Keywords:
        - "PATIENT"
      Name: "Patient ID"
product.template-eu-west-1.yaml#L12
    Type: AWS::Macie::CustomDataIdentifier
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html
    Properties:
      Name: !Ref 'Name'
      Regex: !Ref 'Regex'
Outputs:
product.template-ap-east-1.yaml#L12
    Type: AWS::Macie::CustomDataIdentifier
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html
    Properties:
      Name: !Ref 'Name'
      Regex: !Ref 'Regex'
Outputs:
MacieCustomDataIdentifierSpecification.json#L3
    "AWS::Macie::CustomDataIdentifier": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html",
      "Properties": {
        "Name": {
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-macie-customdataidentifier.html#cfn-macie-customdataidentifier-name",
          "UpdateType": "Immutable",
awsResouceIconMatches.json#L2218
        "resourceType": "AWS::Macie::CustomDataIdentifier",
        "filePath": null
      }
    ]
  },
  {
template.json#L2103
    "AWS::Macie::CustomDataIdentifier": {
      "Type": "AWS::Macie::CustomDataIdentifier",
      "Properties": {}
    },
    "AWS::ECS::TaskSet": {
      "Type": "AWS::ECS::TaskSet",

Parameters

Explanation in CloudFormation Registry

The AWS::Macie::CustomDataIdentifier resource is a set of criteria that you define to detect sensitive data in one or more data sources. Each identifier specifies a regular expression (regex) that defines a text pattern to match in the data. It can also specify character sequences, such as words and phrases, and a proximity rule that refine the analysis of a data source. By using custom data identifiers, you can tailor your analysis to meet your organization's specific needs and supplement the built-in, managed data identifiers that Amazon Macie provides.

A Session must exist for the account before you can create a CustomDataIdentifier. Use a DependsOn attribute to ensure that the Session is created before the other resources. For example, "DependsOn: Session".

Frequently asked questions

What is AWS Macie Organization ADMin Account?

AWS Macie Organization ADMin Account is a resource for Macie of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Macie Organization ADMin Account?

For CloudFormation, the comp9447-team4/soar, taakmara/macie-demo and garystafford/macie-demo source code examples are useful. See the CloudFormation Example section for further details.