Data Sources - S3 Statistics - Amazon Macie

Data Sources - S3 Statistics

The S3 Data Source Statistics resource provides aggregated statistical data for all the Amazon Simple Storage Service (Amazon S3) buckets that you configured Amazon Macie to monitor and analyze. This includes data for key metrics such as the number of S3 buckets that Macie monitors and analyzes, the number of objects in those buckets, and the number of buckets that use each server-side encryption type.

You can use this resource to retrieve (query) aggregated data for key metrics that apply to all the S3 buckets that you configured Amazon Macie to monitor and analyze. To retrieve additional types of data for these buckets, use the S3 Data Sources resource.

URI

/datasources/s3/statistics

HTTP Methods

POST

Operation ID: GetBucketStatistics

Retrieves (queries) aggregated statistical data for all the S3 buckets that Amazon Macie monitors and analyzes.

Responses
Status Code Response Model Description
200 GetBucketStatisticsResponse

The request succeeded.

400 ValidationException

The request failed because it contains a syntax error.

402 ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403 AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404 ResourceNotFoundException

The request failed because the specified resource wasn't found.

409 ConflictException

The request failed because it conflicts with the current state of the specified resource.

429 ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500 InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request Bodies

Example POST

{ "accountId": "string" }

Response Bodies

Example GetBucketStatisticsResponse

{ "bucketCountByEffectivePermission": { "publiclyWritable": integer, "publiclyReadable": integer, "publiclyAccessible": integer }, "lastUpdated": "string", "objectCount": integer, "sizeInBytes": integer, "classifiableObjectCount": integer, "bucketCount": integer, "bucketCountByEncryptionType": { "kmsManaged": integer, "s3Managed": integer, "unencrypted": integer }, "unclassifiableObjectSizeInBytes": { "total": integer, "storageClass": integer, "fileType": integer }, "classifiableSizeInBytes": integer, "bucketCountBySharedAccessType": { "internal": integer, "external": integer, "notShared": integer }, "unclassifiableObjectCount": { "total": integer, "storageClass": integer, "fileType": integer }, "sizeInBytesCompressed": integer }

Example ValidationException

{ "message": "string" }

Example ServiceQuotaExceededException

{ "message": "string" }

Example AccessDeniedException

{ "message": "string" }

Example ResourceNotFoundException

{ "message": "string" }

Example ConflictException

{ "message": "string" }

Example ThrottlingException

{ "message": "string" }

Example InternalServerException

{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

BucketCountByEffectivePermission

Provides information about the number of S3 buckets that are publicly accessible based on a combination of permissions settings for each bucket.

Property Type Required Description
publiclyWritable

integer

Format: int64

False

The total number of buckets that allow the general public to have write access to the bucket.

publiclyReadable

integer

Format: int64

False

The total number of buckets that allow the general public to have read access to the bucket.

publiclyAccessible

integer

Format: int64

False

The total number of buckets that allow the general public to have read or write access to the bucket.

BucketCountByEncryptionType

Provides information about the number of S3 buckets that use certain types of server-side encryption or don't encrypt objects by default.

Property Type Required Description
kmsManaged

integer

Format: int64

False

The total number of buckets that use an AWS Key Management Service (AWS KMS) customer master key (CMK) to encrypt objects. These buckets use AWS KMS AWS-managed (AWS-KMS) encryption or AWS KMS customer-managed (SSE-KMS) encryption.

s3Managed

integer

Format: int64

False

The total number of buckets that use an Amazon S3-managed key to encrypt objects. These buckets use Amazon S3-managed (SSE-S3) encryption.

unencrypted

integer

Format: int64

False

The total number of buckets that don't encrypt objects by default. Default encryption is disabled for these buckets.

BucketCountBySharedAccessType

Provides information about the number of S3 buckets that are shared with other AWS accounts.

Property Type Required Description
internal

integer

Format: int64

False

The total number of buckets that are shared with an AWS account that's part of the same Amazon Macie organization.

external

integer

Format: int64

False

The total number of buckets that are shared with an AWS account that isn't part of the same Amazon Macie organization.

notShared

integer

Format: int64

False

The total number of buckets that aren't shared with any other AWS accounts.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

GetBucketStatisticsRequest

Specifies the account that owns the S3 buckets to retrieve aggregated statistical data for.

Property Type Required Description
accountId

string

False

The unique identifier for the AWS account.

GetBucketStatisticsResponse

Provides the results of a query that retrieved aggregated statistical data for the S3 buckets that are owned by an account.

Property Type Required Description
bucketCountByEffectivePermission

BucketCountByEffectivePermission

False

The total number of buckets that are publicly accessible based on a combination of permissions settings for each bucket.

lastUpdated

string

Format: date-time

False

The date and time, in UTC and extended ISO 8601 format, when Amazon Macie most recently retrieved data about the buckets from Amazon S3.

objectCount

integer

Format: int64

False

The total number of objects in the buckets.

sizeInBytes

integer

Format: int64

False

The total storage size, in bytes, of the buckets.

classifiableObjectCount

integer

Format: int64

False

The total number of objects that Amazon Macie can analyze in the buckets. These objects use a supported file or storage format and storage class.

bucketCount

integer

Format: int64

False

The total number of buckets.

bucketCountByEncryptionType

BucketCountByEncryptionType

False

The total number of buckets, grouped by server-side encryption type. This object also reports the total number of buckets that don't encrypt objects by default.

unclassifiableObjectSizeInBytes

ObjectLevelStatistics

False

The total storage size, in bytes, of all the objects that Amazon Macie can't analyze in the buckets. These objects use an unsupported file or storage format or storage class.

classifiableSizeInBytes

integer

Format: int64

False

The total storage size, in bytes, of all the objects that Amazon Macie can analyze in the buckets. These objects use a supported file or storage format and storage class.

bucketCountBySharedAccessType

BucketCountBySharedAccessType

False

The total number of buckets that are shared with another AWS account.

unclassifiableObjectCount

ObjectLevelStatistics

False

The total number of objects that Amazon Macie can't analyze in the buckets. These objects use an unsupported file or storage format or storage class.

sizeInBytesCompressed

integer

Format: int64

False

The total compressed storage size, in bytes, of the buckets.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ObjectLevelStatistics

Provides information about the total storage size (in bytes) or number of objects that Amazon Macie can't analyze in one or more S3 buckets. In a BucketMetadata object, this data is for a specific bucket. In a GetBucketStatisticsResponse object, this data is aggregated for all the buckets in the query results.

Property Type Required Description
total

integer

Format: int64

False

The total storage size (in bytes) or number of objects that Amazon Macie can't analyze because the objects use an unsupported file or storage format or storage class.

storageClass

integer

Format: int64

False

The total storage size (in bytes) or number of objects that Amazon Macie can't analyze because the objects use an unsupported storage class.

fileType

integer

Format: int64

False

The total storage size (in bytes) or number of objects that Amazon Macie can't analyze because the objects use an unsupported file or storage format.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

See Also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetBucketStatistics