Classes
  • Public
  • Internal
  • Sensitive (PII / customer content)
Examples
  • Users.email (Aurora): Sensitive → retain for account lifetime
  • Device tokens (Aurora/S3): Sensitive → retain while active, delete on revoke
  • Client IP in logs (CloudWatch): Sensitive → 30–90 days
  • Message content (S3, customer‑controlled): Sensitive → 30–90 days by default
Controls
  • Amazon Macie on S3 (automated discovery + targeted jobs)
  • Quarterly review of this table