DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Antivirus for S3 Buckets

Antivirus for S3 Buckets

Are you looking for a solution to ensure that your S3 buckets are virus free? Look no further.

Michael Wittig user avatar by
Michael Wittig
·
May. 03, 16 · Tutorial
Like (4)
Save
Tweet
Share
13.24K Views

Join the DZone community and get the full member experience.

Join For Free

Many of our AWS consultancy clients ask me:

"How can we make sure that the files that we store on S3 are virus free?"

As always, our clients are looking for simple and cheap solutions. That's why I developed S3 VirusScan. Every file that is added to an S3 bucket is automatically scanned.

Features

  • Uses ClamAV to scan newly added files on S3 buckets
  • Updates ClamAV database every 3 hours automatically
  • Scales EC2 instance workers to distribute workload
  • Publishes a message to SNS in case of a finding
  • Can optionally delete compromised files automatically
  • Logs to CloudWatch Logs

How Does It Work

A picture is worth a thousand words:

Architecture

  1. S3 VirusScan uses an SQS queue to decouple scan jobs from the ClamAV workers. Each S3 bucket can fire events to that SQS queue in case of new objects. This feature of S3 is called S3 Event Notifications.
  2. The SQS queue is consumed by a fleet of EC2 instances running in an Auto Scaling Group. If the number of outstanding scan jobs reaches a threshold a new ClamAV worker is automatically added. If the queue is mostly empty, workers are removed.
  3. The ClamAV workers run a simple Ruby script that executes the clamscan command. In the background, the virus database is updated every three hours.
  4. If clamscan finds a virus the file is directly deleted (you can configure that) and an SNS notification is published.

Installation & Configuration

Read more about S3 VirusScan and learn how to install and configure our solution in minutes.

Read on

  • Learn more about AWS with our book Amazon Web Services in Action
  • Avoid Sharing Key Pairs for EC2
  • Event Driven Security Automation on AWS
  • Monitor your AWS account to detect suspicious behavior in real time
  • Your single AWS account is a serious risk

Feedback

Anything missing? Looking forward to your feedback! @hellomichibye or michael@widdix.de.

AWS Amazon Web Services

Published at DZone with permission of Michael Wittig. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • What Should You Know About Graph Database’s Scalability?
  • Kotlin Is More Fun Than Java And This Is a Big Deal
  • Java Development Trends 2023
  • How Do the Docker Client and Docker Servers Work?

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: