Findings - Reveal Sensitive Data Occurrences Availability - Amazon Macie

Findings - Reveal Sensitive Data Occurrences Availability

The Reveal Sensitive Data Occurrences Availability resource for findings provides an environment for determining whether you can retrieve sample occurrences of sensitive data that Amazon Macie reported in a finding. You can retrieve sensitive data samples for a finding if:

  • The finding includes one or more occurrences objects that indicate the location of specific occurrences of sensitive data in the affected S3 object,

  • The ClassificationDetails.detailedResultsLocation field of the finding specifies the location of a valid sensitive data discovery result for the finding, and

  • The value for the mimeType field of the finding is application/avro, application/gzip, application/json, application/parquet, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet, application/zip, text/csv, or text/plain.

You can retrieve sensitive data samples for findings in all the AWS Regions where Macie is currently available except the Asia Pacific (Osaka) Region. For additional requirements, see Investigating sensitive data with findings in the Amazon Macie User Guide.

You can use the Reveal Sensitive Data Occurrences Availability resource to determine whether you can retrieve sample occurrences of sensitive data for a particular finding. To use this resource, you have to specify the unique identifier for the finding that your request applies to. To find this identifier, you can use the Finding List resource. If samples are available for a finding, use the Reveal Sensitive Data Occurrences resource to retrieve the samples.

URI

/findings/findingId/reveal/availability

HTTP methods

GET

Operation ID: GetSensitiveDataOccurrencesAvailability

Checks whether occurrences of sensitive data can be retrieved for a finding.

Path parameters
NameTypeRequiredDescription
findingIdStringTrue

The unique identifier for the finding.

Responses
Status codeResponse modelDescription
200GetSensitiveDataOccurrencesAvailabilityResponse

The request succeeded.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Response bodies

{ "reasons": [ enum ], "code": enum }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

AvailabilityCode

Specifies whether occurrences of sensitive data can be retrieved for a finding. Possible values are:

  • AVAILABLE

  • UNAVAILABLE

GetSensitiveDataOccurrencesAvailabilityResponse

Provides information about whether occurrences of sensitive data can be retrieved for a finding and, if not, why the data can't be retrieved.

PropertyTypeRequiredDescription
code

AvailabilityCode

True

Specifies whether occurrences of sensitive data can be retrieved for the finding. Possible values are: AVAILABLE, the sensitive data can be retrieved; and, UNAVAILABLE, the sensitive data can't be retrieved. If this value is UNAVAILABLE, the reasons array indicates why the data can't be retrieved.

reasons

Array of type UnavailabilityReasonCode

True

Specifies why occurrences of sensitive data can't be retrieved for the finding. Possible values are:

  • INVALID_CLASSIFICATION_RESULT - Amazon Macie can't verify the location of the sensitive data to retrieve. There isn't a corresponding sensitive data discovery result for the finding. Or the sensitive data discovery result specified by the ClassificationDetails.detailedResultsLocation field of the finding isn't available, is malformed or corrupted, or uses an unsupported storage format.

  • OBJECT_EXCEEDS_SIZE_QUOTA - The storage size of the affected S3 object exceeds the size quota for retrieving occurrences of sensitive data.

  • OBJECT_UNAVAILABLE - The affected S3 object isn't available. The object might have been renamed, moved, or deleted. Or the object was changed after Macie created the finding.

  • UNSUPPORTED_FINDING_TYPE - The specified finding isn't a sensitive data finding.

  • UNSUPPORTED_OBJECT_TYPE - The affected S3 object uses a file or storage format that Macie doesn't support for retrieving occurrences of sensitive data.

This value is null if sensitive data can be retrieved for the finding.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

UnavailabilityReasonCode

Specifies why occurrences of sensitive data can't be retrieved for a finding. Possible values are:

  • OBJECT_EXCEEDS_SIZE_QUOTA

  • UNSUPPORTED_OBJECT_TYPE

  • UNSUPPORTED_FINDING_TYPE

  • INVALID_CLASSIFICATION_RESULT

  • OBJECT_UNAVAILABLE

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetSensitiveDataOccurrencesAvailability