Posted On: Jun 28, 2018
Today, HAQM Macie is introducing support for using AWS Identity and Access Management (IAM) service-linked roles to setup HAQM Macie with the delegated permissions needed to access resources in other services on your behalf. Service-linked roles also help you meet monitoring and auditing requirements because all actions performed on your behalf by HAQM Macie will appear in your AWS CloudTrail logs.
The HAQM Macie service-linked role called AWSServiceRoleForHAQMMacie is predefined by Macie and includes all the permissions required by Macie to access other AWS services and resources. Unlike a regular IAM role, you cannot delete the service-linked role if it is still in use by HAQM Macie. This protects you from the inadvertent revocation of permissions required by the service leaving your AWS resources in an inconsistent state. For more information, see Using Service-Linked Roles for HAQM Macie.
HAQM Macie is a security service that automatically discovers, classifies, and protects sensitive data in AWS. The service continuously monitors data access activity for anomalies and alerts when private data are made publicly accessible. HAQM Macie is currently available in US East (N. Virginia) and US West (Oregon). Learn more about HAQM Macie.