Amazon Macie

Receive Amazon Macie sensitive data discovery findings via EventBridge.

InboundCloud Platforms

Start Free Trial

Quick Setup

Copy Webhook URL

Go to your Alert24 dashboard and copy the webhook URL for Amazon Macie.

Configure Amazon Macie

Add the webhook URL in your Amazon Macie settings.

Auto-Detected

Alert24 auto-detects Amazon Macie payloads and maps them to incidents.

Step-by-Step Setup Instructions

Amazon Macie Webhook Setup

1.In EventBridge, create a rule with source aws.macie and detail-type Macie Finding

2.Set the target to an SNS topic

3.Add an HTTPS subscription to the SNS topic using the webhook URL above

4.Confirm the subscription when you receive the confirmation request

5.Macie automatically discovers sensitive data in S3 — findings will arrive as they are detected

Example Webhook Payload

This is a sample payload that Amazon Macie sends to Alert24 when an alert fires.

{
  "version": "0",
  "source": "aws.macie",
  "detail-type": "Macie Finding",
  "detail": {
    "schemaVersion": "1.0",
    "accountId": "123456789012",
    "region": "us-east-1",
    "type": "SensitiveData:S3Object/Personal",
    "description": "S3 object contains personal information including email addresses and phone numbers.",
    "severity": {
      "score": 8,
      "description": "High"
    },
    "resourcesAffected": {
      "s3Bucket": {
        "name": "my-data-bucket",
        "arn": "arn:aws:s3:::my-data-bucket"
      },
      "s3Object": {
        "key": "uploads/user-export.csv"
      }
    }
  }
}

How Alert24 Maps Amazon Macie Data

Status Field

detail.severity.description

Message Field

detail.description

Auto-Create Incidents

Yes

Auto-Resolve Incidents

Status Mapping

Alert24 Status	Amazon Macie Values
operational	`Low`
degraded	`Medium`
down	`High`

Connect Amazon Macie to Alert24 in minutes

Free plan includes 5 monitors, 1 status page, and incident management. No credit card required.

Start Free Trial See Pricing

More Cloud Platforms Integrations

AWS CloudWatch

Inbound

Receive CloudWatch alarm notifications via SNS webhook.

Azure Monitor

Inbound

Receive Azure Monitor alerts and log Activity Log changes to correlate infrastructure changes with incidents.

Azure Service Health

Inbound

Receive Azure Service Health incident, maintenance, and advisory notifications.

Azure Resource Health

Inbound

Receive Azure Resource Health notifications for individual resource availability.

Google Cloud Monitoring

Inbound

Receive Google Cloud Monitoring (formerly Stackdriver) alerts.

Google Cloud SCC

Inbound

Receive Google Cloud Security Command Center threat and vulnerability findings via Pub/Sub.