Skip to content

SkyhighSecurity/LambdaMalwareSorterS3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
lambda_handler.py
lambda_handler.py
 
 
license.md
license.md
 
 

Repository files navigation

LambdaMalwareSorterS3

AWS Lambda function which will scan and sort objects incoming an S3 bucket into "clean" and "dirty" buckets in near-realtime.

Prerequisites

At least one Skyhigh Secure Web Gateway (SWG) running in AWS

Scanner API deployed

You will need a working deployment of the APIScanner project which accepts REST API calls and scans objects against your Skyhigh Secure Web Gateway (SWG). See ScannerAPI.

At least three S3 buckets

  • A source bucket where the unscanned files land
  • A "clean" bucket to store files that are scanned with no malware found
  • A "dirty" bucket to quarantine files that are scanned with malware found

SNS/SQS Notifications set up for your source bucket

We've tested with the following model:

  • S3 bucket configured to send object create events to an SNS topic
  • An SQS queue is created and subscribed to the SNS topic
  • New SQS entries invoke the Lambda function

Usage

  1. Paste the function code into a Python Lambda function
  2. Modify the mwgscan_endpoint, clean_bucket_name, and dirty_bucket_name variables to match your deployment
  3. Ensure the function has read/write access to the S3 buckets
  4. Ensure you have a layer which includes the 'requests' library for Python
  5. Configure your SQS queue to invoke the function

About

AWS Lambda function which will sort objects incoming an S3 bucket

Resources

Readme

License

AGPL-3.0 license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages