sessions
Creates, updates, deletes or gets a session resource or lists sessions in a region
Overview
| Name | sessions |
| Type | Resource |
| Description | The AWS::Macie::Session resource specifies a new Amazon Macie session. A session is an object that represents the Amazon Macie service. A session is required for Amazon Macie to become operational. |
| Id | awscc.macie.sessions |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
aws_account_id | string | AWS account ID of customer |
status | string | A enumeration value that specifies the status of the Macie Session. |
finding_publishing_frequency | string | A enumeration value that specifies how frequently finding updates are published. |
service_role | string | Service role used by Macie |
automated_discovery_status | string | The status of automated sensitive data discovery for the Macie session. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
aws_account_id | string | AWS account ID of customer |
region | string | AWS region. |
For more information, see AWS::Macie::Session.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | sessions | INSERT | region |
delete_resource | sessions | DELETE | Identifier, region |
update_resource | sessions | UPDATE | Identifier, PatchDocument, region |
list_resources | sessions_list_only | SELECT | region |
get_resource | sessions | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual session.
SELECT
region,
aws_account_id,
status,
finding_publishing_frequency,
service_role,
automated_discovery_status
FROM awscc.macie.sessions
WHERE
region = 'us-east-1' AND
Identifier = '{{ aws_account_id }}';
Lists all sessions in a region.
SELECT
region,
aws_account_id
FROM awscc.macie.sessions_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new session resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.macie.sessions (
Status,
FindingPublishingFrequency,
region
)
SELECT
'{{ status }}',
'{{ finding_publishing_frequency }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.macie.sessions (
Status,
FindingPublishingFrequency,
region
)
SELECT
'{{ status }}',
'{{ finding_publishing_frequency }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: session
props:
- name: status
value: '{{ status }}'
- name: finding_publishing_frequency
value: '{{ finding_publishing_frequency }}'
UPDATE example
Use the following StackQL query and manifest file to update a session resource, using stack-deploy.
/*+ update */
UPDATE awscc.macie.sessions
SET PatchDocument = string('{{ {
"Status": status,
"FindingPublishingFrequency": finding_publishing_frequency
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ aws_account_id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.macie.sessions
WHERE
Identifier = '{{ aws_account_id }}' AND
region = 'us-east-1';
Permissions
To operate on the sessions resource, the following permissions are required:
- Create
- Read
- List
- Update
- Delete
macie2:GetMacieSession,
macie2:EnableMacie,
macie2:ListAutomatedDiscoveryAccounts
macie2:GetMacieSession,
macie2:ListAutomatedDiscoveryAccounts
macie2:GetMacieSession,
macie2:ListAutomatedDiscoveryAccounts
macie2:GetMacieSession,
macie2:UpdateMacieSession,
macie2:ListAutomatedDiscoveryAccounts
macie2:DisableMacie