- Newest
- Most votes
- Most comments
Yes, it does, included but not limited to AWS Glue, Amazon Macie, AWS Lambda, AWS Step Functions, Amazon S3 Object Lambda and AWS Config and CloudTrail
https://aws.amazon.com/solutions/guidance/data-anonymization-on-aws/
Hey,
Hope you're keeping well.
AWS doesn’t have a single turnkey “log anonymization” service, but you can build this using native services depending on where your logs reside and how you process them. For S3-based logs, many customers use Amazon Macie to detect PII, then AWS Glue or Lambda to transform and anonymize before storage or downstream processing. CloudWatch Logs can be streamed via Kinesis Data Firehose to a Lambda function that applies masking or pseudonymization before writing to S3. AWS provides a [Data Anonymization on AWS](https://aws.amazon.
Thanks and regards,
Taz
Thank you for your answer,
I've taken a look over the documents, and while they speak about anonymisation, I did not understood which is the anonymisation service itself, where PII are transformed into anonymous data. The first link are only talking about detecting PII and anonymising them, without specifying a service, while the second link is talking about a service for pseudoanonymization. Could you please be more specific about the exact service where the anonymisation transformation is done ? Does Macie do the anonymisation ? Or the presented architecture consider that the anonymisation process should be done by clients, in Lambda functions ?
I've taken a look at Macie's PIIs to detect. They are mainly person centric PIIs, while this question was about logs. I haven't noticed the IP in the PIIs. Should I add the IP as custom personal data identifier ? If yes, could you please provide more documentation about how IPs from logs should be added in Macie ?
Thank you,