Findings - Reveal Sensitive Data Occurrences Configuration - Amazon Macie

Findings - Reveal Sensitive Data Occurrences Configuration

The Reveal Sensitive Data Occurrences Configuration resource for findings provides access to the status and configuration settings for retrieving sample occurrences of sensitive data that Amazon Macie reports in findings. The samples can help you verify the nature of sensitive data that Macie found, and tailor your investigation of an affected Amazon Simple Storage Service (Amazon S3) object or bucket. You can retrieve sensitive data samples for findings in all the AWS Regions where Macie is currently available except the Asia Pacific (Osaka) Region. For more information, see Investigating sensitive data with findings in the Amazon Macie User Guide.

When you retrieve sensitive data samples, you specify the unique identifier for a particular sensitive data finding. Macie then uses location data in the corresponding sensitive data discovery result for the finding to locate and extract sample occurrences of sensitive data from the affected S3 object. Macie encrypts the extracted data with an AWS Key Management Service (AWS KMS) key that you specify, temporarily stores the encrypted data in a cache, and returns the data in your results. Soon after extraction and encryption, Macie permanently deletes the data from the cache unless additional retention is temporarily required to resolve an operational issue.

You can use the Reveal Sensitive Data Occurrences Configuration resource to specify configuration settings for retrieving sample occurrences of sensitive data reported by findings. You can also use this resource to enable or disable the configuration. After you enable the configuration, use the Reveal Sensitive Data Occurrences resource to retrieve sensitive data samples for individual findings.

Before you enable the configuration, verify that you configured Macie to store your sensitive data discovery results in an S3 bucket. Otherwise, you won't be able to retrieve sensitive data samples for findings. To check your configuration, use the Export Configuration resource.

URI

/reveal-configuration

HTTP methods

GET

Operation ID: GetRevealConfiguration

Retrieves the status and configuration settings for retrieving occurrences of sensitive data reported by findings.

Responses
Status codeResponse modelDescription
200GetRevealConfigurationResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

PUT

Operation ID: UpdateRevealConfiguration

Updates the status and configuration settings for retrieving occurrences of sensitive data reported by findings.

Responses
Status codeResponse modelDescription
200UpdateRevealConfigurationResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request bodies

{ "configuration": { "kmsKeyId": "string", "status": enum } }

Response bodies

{ "configuration": { "kmsKeyId": "string", "status": enum } }
{ "configuration": { "kmsKeyId": "string", "status": enum } }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

GetRevealConfigurationResponse

Provides information about the configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account.

PropertyTypeRequiredDescription
configuration

RevealConfiguration

True

The current configuration settings and the status of the configuration for the account.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

RevealConfiguration

Specifies the configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account. When you enable the configuration for the first time, your request must specify an AWS Key Management Service (AWS KMS) key. Otherwise, an error occurs. Macie uses the specified key to encrypt the sensitive data that you retrieve.

PropertyTypeRequiredDescription
kmsKeyId

string

MinLength: 1

MaxLength: 2048

False

The Amazon Resource Name (ARN), ID, or alias of the AWS KMS key to use to encrypt sensitive data that's retrieved. The key must be an existing, customer managed, symmetric encryption key that's in the same AWS Region as the Amazon Macie account.

If this value specifies an alias, it must include the following prefix: alias/. If this value specifies a key that's owned by another AWS account, it must specify the ARN of the key or the ARN of the key's alias.

status

RevealStatus

True

The status of the configuration for the Amazon Macie account. In a request, valid values are: ENABLED, enable the configuration for the account; and, DISABLED, disable the configuration for the account. In a response, possible values are: ENABLED, the configuration is currently enabled for the account; and, DISABLED, the configuration is currently disabled for the account.

RevealStatus

The status of the configuration for retrieving occurrences of sensitive data reported by findings. Valid values are:

  • ENABLED

  • DISABLED

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

UpdateRevealConfigurationRequest

Specifies the configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account.

PropertyTypeRequiredDescription
configuration

RevealConfiguration

True

The new configuration settings and the status of the configuration for the account.

UpdateRevealConfigurationResponse

Provides information about updated configuration settings for retrieving occurrences of sensitive data reported by findings, and the status of the configuration for an Amazon Macie account.

PropertyTypeRequiredDescription
configuration

RevealConfiguration

True

The new configuration settings and the status of the configuration for the account.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetRevealConfiguration

UpdateRevealConfiguration