Amazon Macie Configuration
Amazon Macie was launched in the summer of 2017, much to the delight of cloud security engineers. Amazon Macie is a powerful security and compliance service that provides an automatic method to detect, identify, and classify data within your AWS account. Macie currently supports Amazon S3 storage, however additional support for other storage systems will be developed and added over time. Backed by machine learning, Macie can actively review your data as different actions are taken within your AWS account. Machine learning spots access patterns and analyzes user behaviour using CloudTrail event data to alert against any unusual or irregular activity. Any findings are presented within a dashboard which can trigger alerts allowing you to quickly resolve any potential threat of exposure or compromise to your data.
This course will dive into all elements of the service, discussing its many different features and customizable elements allowing you to gain the maximum potential of its ability.
By the end of this course you will be able to:
- Provide an understanding and awareness of what Amazon Macie is and what it’s used for
- Provide an explanation of each configurable component of the service to allow you to gain maximum benefit from Macie’s capabilities
- Understand how the service can provide a customizable approach to maintaining compliance
- Understand how through automation and machine learning Amazon Mazie detects and categorizes S3 content to detect potential security threats and exposures
The content of this course is centered around security and compliance. As a result, this course is beneficial to those who are in the roles or their equivalent of:
- Cloud Security Architects
- Compliance Managers
- Cloud Administrators
- Cloud Support & Operations
As a prerequisite of this course you should have an understanding and awareness of:
- Amazon S3
- AWS CloudTrail
Hello, and welcome to this course, which has been designed to give you an overview in the introduction to the Amazon Macie service. I will explain what the service is and does, and how you can use it within your own environment to enhance your security level, especially when it comes to identifying the potential exposure of sensitive data, such as PII, or secret keys stored on Amazon S3. This is critical when it comes to maintaining your specific compliance programs, such as GDPR.
Before we start, I would like to introduce myself. My name is Stuart Scott. I'm one of the trainers here at Cloud Academy, specializing in AWS, Amazon Web Services. Feel free to connect with me with any questions using the details shown on screen, alternatively, you can always get in touch with us here at Cloud Academy by sending an email to firstname.lastname@example.org, where one of our Cloud experts will reply to your question.
The content of this course is centered around security and compliance. As a result, this course is beneficial to those who are in the roles of, or similar to, Cloud security architects, compliance managers, Cloud administrators, and Cloud support and operation engineers.
This course is made up of the following lectures to explain the service and how it operates:
- What is Amazon Macie? Within this lecture you will understand exactly what the service is and the benefits that it provides.
- Enabling and associating Macie with S3. There are specific requirements that must be configured before you enable this service. This lecture looks at those requirements and how to fulfill them. In addition to this, I'll also show you how to associate your Amazon S3 buckets with Amazon Macie.
- Alerts. In this lecture, I focus on the different types of alerts that Amazon Macie generates to allow you to resolve and rectify any issues identified.
- Dashboard. Here I look at the different metrics that are available to help you understand the data that Amazon Macie has captured, monitored, and identified.
- Users. This lecture looks at how Amazon Macie categorizes users and how to gain statistics on individuals for further analysis.
- Research. In this lecture explain how you can perform deeper analysis of the data recorded by Macie using queries.
- Classifying and protecting data. A key component of Amazon Macie is the classification of your data and this lecture looks at how that process works.
- Multiple AWS accounts with Amazon Macie. This lecture is a demonstration on how to configure one AWS account as a master, and one as a member account with an Amazon Macie to consolidate and manage your results centrally.
- And finally, the course summary. This lecture will highlight the key points taken from each of the previous lectures.
The objectives of this course are, to provide an understanding and awareness of what Amazon Macie is, and what it's used for. Also, to provide an explanation of each configured component of the service, to allow you to gain maximum benefit from Macie's capabilities. You'll understand how the service can provide a customizable approach to maintaining compliance. You'll also understand how through automation and machine learning, Amazon Macie detects and categorizes S3 content to detect potential security threats and exposures.
As a prerequisite of this course, you should have an understanding and awareness of the following, Amazon S3, and AWS CloudTrail, including how to setup a trail in CloudTrail.
Throughout this course, I will reference a number of different URL links, which will help and direct you to related information on specific topics. To make these links easily accessible to you, I have included them at the top of the transcript, within the lecture that they are referenced.
Feedback on our courses here at Cloud Academy are valuable to both us as trainers and any students looking to take the same course in the future. If you have any feedback, positive or negative, it would be greatly appreciated if you could contact email@example.com.
That brings me to the end of this lecture. Coming up next, I start off by answering the question, what is Amazon Macie?
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.