Custom Data Identifier - Amazon Macie

Custom Data Identifier

The Custom Data Identifier resource provides access to the repository of custom data identifiers for your Amazon Macie account. A custom data identifier is a set of criteria that you define to detect sensitive data in a data source. The criteria consist of a regular expression (regex) that defines a text pattern to match and, optionally, character sequences and a proximity rule that refine the analysis of data. In addition to detection criteria, you can optionally define severity levels for the findings that a custom data identifier produces. Severity levels are based on the number of occurrences of text that match the custom data identifier's detection criteria. For more information, see Building custom data identifiers in the Amazon Macie User Guide.

You can use the Custom Data Identifier resource to retrieve detailed information about the detection criteria and other settings for a custom data identifier. You can also use this resource to delete a custom data identifier. To use this resource, you have to specify the unique identifier for the custom data identifier that your request applies to. To find this identifier, use the Custom Data Identifier List resource.

URI

/custom-data-identifiers/id

HTTP methods

DELETE

Operation ID: DeleteCustomDataIdentifier

Soft deletes a custom data identifier.

Path parameters
NameTypeRequiredDescription
idStringTrue

The unique identifier for the Amazon Macie resource that the request applies to.

Responses
Status codeResponse modelDescription
200Empty Schema

The request succeeded. The specified custom data identifier was deleted and there isn't any content to include in the body of the response (No Content).

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

GET

Operation ID: GetCustomDataIdentifier

Retrieves the criteria and other settings for a custom data identifier.

Path parameters
NameTypeRequiredDescription
idStringTrue

The unique identifier for the Amazon Macie resource that the request applies to.

Responses
Status codeResponse modelDescription
200GetCustomDataIdentifierResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Response bodies

{ }
{ "arn": "string", "createdAt": "string", "deleted": boolean, "description": "string", "id": "string", "ignoreWords": [ "string" ], "keywords": [ "string" ], "maximumMatchDistance": integer, "name": "string", "regex": "string", "severityLevels": [ { "occurrencesThreshold": integer, "severity": enum } ], "tags": { } }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

DataIdentifierSeverity

The severity of a finding, ranging from LOW, for least severe, to HIGH, for most severe. Valid values are:

  • LOW

  • MEDIUM

  • HIGH

Empty

The request succeeded and there isn't any content to include in the body of the response (No Content).

GetCustomDataIdentifierResponse

Provides information about the detection criteria and other settings for a custom data identifier.

PropertyTypeRequiredDescription
arn

string

False

The Amazon Resource Name (ARN) of the custom data identifier.

createdAt

string

Format: date-time

False

The date and time, in UTC and extended ISO 8601 format, when the custom data identifier was created.

deleted

boolean

False

Specifies whether the custom data identifier was deleted. If you delete a custom data identifier, Amazon Macie doesn't delete it permanently. Instead, it soft deletes the identifier.

description

string

False

The custom description of the custom data identifier.

id

string

False

The unique identifier for the custom data identifier.

ignoreWords

Array of type string

False

An array that lists specific character sequences (ignore words) to exclude from the results. If the text matched by the regular expression contains any string in this array, Amazon Macie ignores it. Ignore words are case sensitive.

keywords

Array of type string

False

An array that lists specific character sequences (keywords), one of which must precede and be within proximity (maximumMatchDistance) of the regular expression to match. Keywords aren't case sensitive.

maximumMatchDistance

integer

Format: int32

False

The maximum number of characters that can exist between the end of at least one complete character sequence specified by the keywords array and the end of the text that matches the regex pattern. If a complete keyword precedes all the text that matches the pattern and the keyword is within the specified distance, Amazon Macie includes the result. Otherwise, Macie excludes the result.

name

string

False

The custom name of the custom data identifier.

regex

string

False

The regular expression (regex) that defines the pattern to match.

severityLevels

Array of type SeverityLevel

False

Specifies the severity that's assigned to findings that the custom data identifier produces, based on the number of occurrences of text that match the custom data identifier's detection criteria. By default, Amazon Macie creates findings for S3 objects that contain at least one occurrence of text that matches the detection criteria, and Macie assigns the MEDIUM severity to those findings.

tags

TagMap

False

A map of key-value pairs that identifies the tags (keys and values) that are associated with the custom data identifier.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

SeverityLevel

Specifies a severity level for findings that a custom data identifier produces. A severity level determines which severity is assigned to the findings, based on the number of occurrences of text that match the custom data identifier's detection criteria.

PropertyTypeRequiredDescription
occurrencesThreshold

integer

Format: int64

True

The minimum number of occurrences of text that must match the custom data identifier's detection criteria in order to produce a finding with the specified severity (severity).

severity

DataIdentifierSeverity

True

The severity to assign to a finding: if the number of occurrences is greater than or equal to the specified threshold (occurrencesThreshold); and, if applicable, the number of occurrences is less than the threshold for the next consecutive severity level for the custom data identifier, moving from LOW to HIGH.

TagMap

A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

PropertyTypeRequiredDescription

*

string

False

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

DeleteCustomDataIdentifier

GetCustomDataIdentifier