Which AWS service gives users the ability to discover and protect sensitive data that is stored in Amazon S3 buckets?

Explanations:

Amazon Macie is a security service that uses machine learning and pattern matching to discover, classify, and protect sensitive data stored in Amazon S3 buckets. It helps identify personal identifiable information (PII) and provides visibility into data privacy and security.

Amazon Detective is a security service that helps analyze, investigate, and identify potential security issues in AWS environments, but it does not specifically focus on discovering or protecting sensitive data in S3.

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior within AWS accounts and workloads but does not provide the capability to discover or protect sensitive data in S3 buckets.

AWS IAM Access Analyzer helps identify permissions granted to resources and analyze the access policies for AWS resources, but it does not specialize in discovering or protecting sensitive data in Amazon S3.