{"slug":"iam-aws-macie2","cloud":"aws","service":"macie2","title":"Amazon Macie (IAM)","description":"Amazon Macie is a fully managed data security and data privacy service that uses machine learning to discover, monitor, and protect sensitive data in AWS.","category":"security","common_permissions":["macie2:ListFindings","macie2:GetFindings","macie2:GetFindingStatistics","macie2:DescribeBuckets","macie2:GetBucketStatistics","macie2:ListClassificationJobs","macie2:GetMacieSession","macie2:GetUsageTotals"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"macie2:ListFindings\",\n        \"macie2:GetFindings\",\n        \"macie2:GetFindingStatistics\",\n        \"macie2:DescribeBuckets\",\n        \"macie2:GetBucketStatistics\",\n        \"macie2:ListClassificationJobs\",\n        \"macie2:GetMacieSession\",\n        \"macie2:GetUsageTotals\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid macie2:* — grants full control including delete and modify operations.","Avoid macie2:DeleteMember — can remove accounts from Macie organization."],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/macie2/macie2.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:50:53.444Z","updated_at":"2026-06-14T04:50:53.444Z"}