Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/epomatti/aws-macie-dlp
AWS Macie job for DLP
https://github.com/epomatti/aws-macie-dlp
aws aws-macie aws-security dlp s3 security terraform
Last synced: about 1 month ago
JSON representation
AWS Macie job for DLP
- Host: GitHub
- URL: https://github.com/epomatti/aws-macie-dlp
- Owner: epomatti
- License: mit
- Created: 2022-08-14T20:11:39.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2023-10-01T00:55:32.000Z (about 1 year ago)
- Last Synced: 2023-10-01T01:35:48.354Z (about 1 year ago)
- Topics: aws, aws-macie, aws-security, dlp, s3, security, terraform
- Language: HCL
- Homepage:
- Size: 11.7 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# AWS Macie
Create the infrastructure:
```sh
terraform init
terraform apply -auto-approve
```
A file with vulnerabilities will be automatically uploaded to S3:
```
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Credit Card Number: 5555555555554444
Type: Mastercard
CVC: 761
```
Terraform will attempt to enable Macie. If you already have it enabled, comment the resource `aws_macie2_account` declaration from the code.
Create a Macie job. Replace the `accountId` and `buckets` values accordingly.
```sh
aws macie2 create-classification-job \
--job-type "ONE_TIME" \
--name "job1" \
--s3-job-definition '{"bucketDefinitions":[{"accountId":"000000000000", "buckets":[""]}]}'
```
Review the results on the console.
## Security Hub
Macie will automatically publish findings to Security Hub.
In Macie, you can edit the options this in the Console to publish sensitive data findings as well.
On Security Hub, create `Insight: 10. S3 buckets with sensitive data`.
