Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Resilience in Macie

PDF
RSS
Focus mode
Resilience in Macie - Amazon Macie

The AWS global infrastructure is built around AWS Regions and Availability Zones. Regions provide multiple physically separated and isolated Availability Zones, which are connected through low-latency, high-throughput, and highly redundant networking. With Availability Zones, you can design and operate applications and databases that automatically fail over between zones without interruption. Availability Zones are more highly available, fault tolerant, and scalable than traditional single or multiple data center infrastructures. For more information about AWS Regions and Availability Zones, see AWS Global Infrastructure.

In addition to the AWS global infrastructure, Amazon Macie offers several features to help support your data resiliency and backup needs. For example, when you run a sensitive data discovery job or Macie performs automated sensitive data discovery, Macie automatically creates an analysis record for each Amazon Simple Storage Service (Amazon S3) object that's included in the scope of the analysis. These records, referred to as a sensitive data discovery results, log details about the analysis that Macie performs on individual S3 objects. This includes objects that Macie doesn't detect sensitive data in, and objects that Macie can't analyze due to errors or issues. Macie stores these results in an S3 bucket that you specify. For more information, see Storing and retaining sensitive data discovery results.

Macie also publishes policy and sensitive data findings to Amazon EventBridge as events. This includes new findings and updates to existing policy findings. (It doesn't include findings that you archive automatically using suppression rules.) By using EventBridge, you can send findings data to your preferred storage platform and store the data for as long as you like. Depending on publication settings that you choose, Macie can also publish policy and sensitive data findings to AWS Security Hub. For more information, see Monitoring and processing Macie findings.

You also have the option of using Macie API operations to retrieve findings and other types of data programmatically. You can then process and send the data to your preferred storage platform, or another service, application, or system. For information about API operations that you might use to do this, see the Amazon Macie API Reference.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.