GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → trussworks → terraform-aws-s3-anti-virus

trussworks / terraform-aws-s3-anti-virus

Licence: BSD-3-Clause license
Creates and configures Anti-Virus Scanning of S3 Buckets.

Programming Languages

HCL
1544 projects

Labels

awsterraformaws-s3anti-virusterraform-modules

Projects that are alternatives of or similar to terraform-aws-s3-anti-virus

terraform-aws-logs
Creates and configures an S3 bucket for storing AWS logs.
Stars: ✭ 69 (+122.58%)
Mutual labels:  aws-s3, terraform-modules
terraform-aws-iam-system-user
Terraform Module to Provision a Basic IAM System User Suitable for CI/CD Systems (E.g. TravisCI, CircleCI)
Stars: ✭ 71 (+129.03%)
Mutual labels:  terraform-modules
s3cli
Command line tool for S3
Stars: ✭ 21 (-32.26%)
Mutual labels:  aws-s3
MCAntiMalware
Anti-Malware for minecraft
Stars: ✭ 182 (+487.1%)
Mutual labels:  anti-virus
node-storage
📬 A unified file storage library for storage in cloud or on premise
Stars: ✭ 29 (-6.45%)
Mutual labels:  aws-s3
terraform-aws-enforce-mfa
A terraform module to enforce MFA for AWS groups and users
Stars: ✭ 24 (-22.58%)
Mutual labels:  terraform-modules
JustEvadeBro
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
Stars: ✭ 63 (+103.23%)
Mutual labels:  anti-virus
terraform-digitalocean-kubernetes
A terraform module for managing and creating a Kubernetes cluster on digital ocean
Stars: ✭ 11 (-64.52%)
Mutual labels:  terraform-modules
terraform-aws-lambda-function
A Terraform module for deploying and managing Lambda functions on Amazon Web Services (AWS). https://aws.amazon.com/lambda/
Stars: ✭ 37 (+19.35%)
Mutual labels:  terraform-modules
s3tree
🌲 Access S3 like a tree.
Stars: ✭ 26 (-16.13%)
Mutual labels:  aws-s3
django-s3file
A lightweight file upload input for Django and Amazon S3
Stars: ✭ 66 (+112.9%)
Mutual labels:  aws-s3
black-postoffice
[무신사 신입] 익명으로 편하게 고민, 일상을 공유하는 소셜 네트워크 서비스입니다.
Stars: ✭ 31 (+0%)
Mutual labels:  aws-s3
moments v2 backend
backend for a sharing app using SpringBoot, Redis, MySQL, and AWS S3.
Stars: ✭ 54 (+74.19%)
Mutual labels:  aws-s3
db-sharding
Oracle Sharded database deployment automation and tools for use in client applications.
Stars: ✭ 30 (-3.23%)
Mutual labels:  terraform-modules
terraform-aws-minikube
Terraform module for single node Kubernetes instance bootstrapped using kubeadm
Stars: ✭ 58 (+87.1%)
Mutual labels:  terraform-modules
mlflow-tracking-server
MLFLow Tracking Server based on Docker and AWS S3
Stars: ✭ 59 (+90.32%)
Mutual labels:  aws-s3
gitavscan
Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.
Stars: ✭ 23 (-25.81%)
Mutual labels:  anti-virus
BlobHelper
BlobHelper is a common, consistent storage interface for Microsoft Azure, Amazon S3, Komodo, Kvpbase, and local filesystem written in C#.
Stars: ✭ 23 (-25.81%)
Mutual labels:  aws-s3
terraform-aws-pritunl-vpn-server
Pritunl VPN Server for your public/private like VPC on AWS
Stars: ✭ 40 (+29.03%)
Mutual labels:  terraform-modules
tug
Private Composer registry for private PHP packages on AWS Serverless
Stars: ✭ 33 (+6.45%)
Mutual labels:  aws-s3
View All Similar Projects ➔

terraform-aws-s3-anti-virus

Creates an AWS Lambda function to do anti-virus scanning of objects in AWS S3 using bucket-antivirus-function

The source repository hasn't been updated in a long time, so we've forked the repo to our account and made changes.

git clone [email protected]:trussworks/bucket-antivirus-function.git
cd bucket-antivirus-function
git checkout v2.2.0

With that repo checked out you must run the make command and then copy the resulting zip file to AWS S3 with:

VERSION=2.2.0
aws s3 cp bucket-antivirus-function/build/lambda.zip "s3://lambda-builds-us-west-2/anti-virus/${VERSION}/anti-virus.zip"

NOTE: It is a good idea to make VERSION match the git tag you are deploying.

Creates the following resources for anti-virus updates:

  • IAM role for Lambda function to update Anti-Virus databases in S3
  • CloudWatch Event to trigger function on a schedule.
  • AWS Lambda function to download Anti-Virus databases files to S3

Creates the following resources for anti-virus scanning:

  • IAM role for Lambda function to scan files in S3
  • S3 Event to trigger function on object creation
  • AWS Lambda function to scan S3 object and send alert to slack if any objects are infected and quarantined.

Terraform Versions

Terraform 0.13 and newer. Pin module version to ~> 3.X. Submit pull-requests to main branch.

Terraform 0.12. Pin module version to ~> 2.X. Submit pull-requests to terraform012 branch.

Usage

module "s3_anti_virus" {
  source = "trussworks/s3-anti-virus/aws"
  version = "2.1.2"

  name_scan   = "s3-anti-virus-scan"
  name_update = "s3-anti-virus-updates"

  lambda_s3_bucket = "lambda-builds-us-west-2"
  lambda_package_key   = "lambda.zip"

  av_update_minutes = "180"
  av_scan_buckets   = ["bucket-name"]

  av_definition_s3_bucket   = "av-update-bucket-name"
  av_definition_s3_prefix   = "anti-virus"

  tags = {
    "Environment" = "my-environment"
    "Purpose"     = "s3-anti-virus"
    "Terraform"   = "true"
  }
}

Requirements

Name Version
terraform >= 0.13.0
aws >= 3.0

Providers

Name Version
aws >= 3.0

Modules

No modules.

Resources

Name Type
aws_cloudwatch_event_rule.main_update resource
aws_cloudwatch_event_target.main_update resource
aws_cloudwatch_log_group.main_scan resource
aws_cloudwatch_log_group.main_update resource
aws_iam_role.main_scan resource
aws_iam_role.main_update resource
aws_iam_role_policy.main_scan resource
aws_iam_role_policy.main_update resource
aws_lambda_function.main_scan resource
aws_lambda_function.main_update resource
aws_lambda_permission.main_scan resource
aws_lambda_permission.main_update resource
aws_s3_bucket_notification.main_scan resource
aws_caller_identity.current data source
aws_iam_policy_document.assume_role_scan data source
aws_iam_policy_document.assume_role_update data source
aws_iam_policy_document.main_scan data source
aws_iam_policy_document.main_update data source
aws_partition.current data source
aws_region.current data source
aws_s3_bucket.main_scan data source

Inputs

Name Description Type Default Required
av_definition_s3_bucket Bucket containing antivirus database files. string n/a yes
av_definition_s3_prefix Prefix for antivirus database files. string "clamav_defs" no
av_delete_infected_files Set it True in order to delete infected values. string "False" no
av_scan_buckets A list of S3 bucket names to scan for viruses. list(string) n/a yes
av_scan_start_sns_arn SNS topic ARN to publish notification about start of scan (optional). string "" no
av_status_sns_arn SNS topic ARN to publish scan results (optional). string "" no
av_status_sns_publish_clean Publish AV_STATUS_CLEAN results to AV_STATUS_SNS_ARN. string "True" no
av_status_sns_publish_infected Publish AV_STATUS_INFECTED results to AV_STATUS_SNS_ARN. string "True" no
av_update_minutes How often to download updated Anti-Virus databases. string 180 no
cloudwatch_kms_arn The arn of the kms key used for encrypting the cloudwatch log groups created by this module. string "" no
cloudwatch_logs_retention_days Number of days to keep logs in AWS CloudWatch. string 90 no
lambda_package The name of the lambda package. Used for a directory tree and zip file. string "anti-virus" no
lambda_package_key The object key for the lambda distribution. If given, the value is used as the key in lieu of the value constructed using lambda_package and lambda_version. string null no
lambda_s3_bucket The name of the S3 bucket used to store the Lambda builds. string n/a yes
lambda_version The version the Lambda function to deploy. any n/a yes
memory_size Lambda memory allocation, in MB string 2048 no
name_scan Name for resources associated with anti-virus scanning string "s3-anti-virus-scan" no
name_update Name for resources associated with anti-virus updating string "s3-anti-virus-updates" no
permissions_boundary ARN of the boundary policy to attach to IAM roles. string null no
tags A map of tags to add to all resources. map(string) {} no
timeout_seconds Lambda timeout, in seconds string 300 no

Outputs

Name Description
scan_aws_cloudwatch_log_group_arn ARN for the Anti-Virus Scanning Cloudwatch LogGroup.
scan_aws_cloudwatch_log_group_name The Anti-Virus Scanning Cloudwatch LogGroup name.
scan_lambda_function_arn ARN for the Anti-Virus Scanning lambda function.
scan_lambda_function_iam_role_arn Name of the Anti-Virus Scanning lambda role.
scan_lambda_function_iam_role_name Name of the Anti-Virus Scanning lambda role.
scan_lambda_function_name The Anti-Virus Scanning lambda function name.
scan_lambda_function_version Current version of the Anti-Virus Scanning lambda function.
update_aws_cloudwatch_log_group_arn ARN for the Anti-Virus Definitions Cloudwatch LogGroup.
update_aws_cloudwatch_log_group_name The Anti-Virus Definitions Cloudwatch LogGroup name.
update_lambda_function_arn ARN for the Anti-Virus Definitions lambda function.
update_lambda_function_iam_role_arn ARN of the Anti-Virus Definitions lambda role.
update_lambda_function_iam_role_name Name of the Anti-Virus Definitions lambda role.
update_lambda_function_name The Anti-Virus Definitions lambda function name.
update_lambda_function_version Current version of the Anti-Virus Definitions lambda function.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].