- Further reducing overall costs, enabling S3 data events in AWS CloudTrail no longer is a requirement.
- Security findings are now issued for all buckets. They include public buckets, unencrypted buckets, as well as buckets that have been shared with or replicated to AWS accounts outside of your Organization.
Macie was originally designed to scan Amazon S3 data. However, the AWS blog highlighted that Macie can be extended to non-S3 data by users temporarily storing data in S3 that Macie can access. AWS stated that “[A]nything that you can get into S3 permanently or temporarily, and in an object format supported Macie can be scanned to identify sensitive data.” This allows you to extend the coverage to data that is not in S3. You can pull data from custom applications, databases, or third-party services, place it temporarily in S3, and use Amazon Macie for sensitive data identification.