Create a EventBridge rule for remediation

You have just created a custom data identifier. Now we need to create a EventBridge rule that will automatically remediate any findings created when we use the custom data identifier to find data that is incorrectly tagged and stored. For now we are just creating the EventBridge rule, we will shortly create the data discovery job.

Amazon EventBridge is a serverless event bus that makes it easy to connect applications together using data from your own applications, integrated Software-as-a-Service (SaaS) applications, and AWS services. See Amazon EventBridge for more information.

  1. Open the Amazon EventBridge console
  2. Click on the Create rule button

Create rule button

  1. Enter a Name and Description
Name Description
MacieWorkshop_Remediation_Rule Trigger Lambda function when Project Unicorn data is discovered

Name and Description

  1. Select Event Pattern
  2. Select Custom Pattern
  3. Copy and paste the event pattern below into the custom event pattern block
    {
    "source": [
        "aws.macie"
    ],
    "detail": {
        "type": [
        "SensitiveData:S3Object/CustomIdentifier"
        ]
    }
    }
  1. Click Save

Custom Event pattern

  1. Leave the Event bus settings as default
  2. Under Select targets select Lambda function as the target to invoke when the pattern is matched.
  3. Under the Function select MacieWorkshop-Env-Setup-RemediationLambdaFunction-<random>

Custom Event pattern

  1. Do not add any Tags
  2. Click Create