https://github.com/awslabs/cdk-serverless-clamscan

https://github.com/awslabs/cdk-serverless-clamscan

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (8.8%) to scientific vocabulary

Keywords from Contributors

autograder interpretability mcp-server mcp-client control standardization generalization hack sequences meshing
Last synced: 10 months ago · JSON representation

Repository

Basic Info
  • Host: GitHub
  • Owner: awslabs
  • License: apache-2.0
  • Language: TypeScript
  • Default Branch: main
  • Size: 6.45 MB
Statistics
  • Stars: 264
  • Watchers: 4
  • Forks: 76
  • Open Issues: 29
  • Releases: 1,000
Created over 5 years ago · Last pushed 10 months ago
Metadata Files
Readme Contributing License Code of conduct Notice

README.md

cdk-serverless-clamscan

npm version PyPI version

An aws-cdk construct that uses ClamAV® to scan newly uploaded objects to Amazon S3 for viruses. The construct provides a flexible interface for a system to act based on the results of a ClamAV virus scan. Check out this blogpost for a guided walkthrough.

Overview

Pre-Requisites

Docker: The ClamAV Lambda functions utilizes a container image that is built locally using docker bundling

Examples

This project uses projen and thus all the constructs follow language specific standards and naming patterns. For more information on how to translate the following examples into your desired language read the CDK guide on Translating TypeScript AWS CDK code to other languages

Example 1. (Default destinations with rule target)

typescript

```typescript import { RuleTargetInput } from 'aws-cdk-lib/aws-events'; import { SnsTopic } from 'aws-cdk-lib/aws-events-targets'; import { Bucket } from 'aws-cdk-lib/aws-s3'; import { Topic } from 'aws-cdk-lib/aws-sns'; import { Stack, StackProps } from 'aws-cdk-lib'; import { Construct } from 'constructs'; import { ServerlessClamscan } from 'cdk-serverless-clamscan'; export class CdkTestStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const bucket_1 = new Bucket(this, 'rBucket1'); const bucket_2 = new Bucket(this, 'rBucket2'); const bucketList = [bucket_1, bucket_2]; const sc = new ServerlessClamscan(this, 'rClamscan', { buckets: bucketList, }); const bucket_3 = new Bucket(this, 'rBucket3'); sc.addSourceBucket(bucket_3); const infectedTopic = new Topic(this, 'rInfectedTopic'); sc.infectedRule?.addTarget( new SnsTopic(infectedTopic, { message: RuleTargetInput.fromEventPath( '$.detail.responsePayload.message', ), }), ); } } ```

python

```python from aws_cdk import ( Stack, aws_events as events, aws_events_targets as events_targets, aws_s3 as s3, aws_sns as sns ) from cdk_serverless_clamscan import ServerlessClamscan from constructs import Construct class CdkTestStack(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) bucket_1 = s3.Bucket(self, "rBucket1") bucket_2 = s3.Bucket(self, "rBucket2") bucketList = [ bucket_1, bucket_2 ] sc = ServerlessClamscan(self, "rClamScan", buckets=bucketList, ) bucket_3 = s3.Bucket(self, "rBucket3") sc.add_source_bucket(bucket_3) infected_topic = sns.Topic(self, "rInfectedTopic") if sc.infected_rule != None: sc.infected_rule.add_target( events_targets.SnsTopic( infected_topic, message=events.RuleTargetInput.from_event_path('$.detail.responsePayload.message'), ) ) ```

Example 2. (Bring your own destinations)

typescript

```typescript import { SqsDestination, EventBridgeDestination, } from 'aws-cdk-lib/aws-lambda-destinations'; import { Bucket } from 'aws-cdk-lib/aws-s3'; import { Queue } from 'aws-cdk-lib/aws-sqs'; import { Stack, StackProps } from 'aws-cdk-lib'; import { Construct } from 'constructs'; import { ServerlessClamscan } from 'cdk-serverless-clamscan'; export class CdkTestStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const bucket_1 = new Bucket(this, 'rBucket1'); const bucket_2 = new Bucket(this, 'rBucket2'); const bucketList = [bucket_1, bucket_2]; const queue = new Queue(this, 'rQueue'); const sc = new ServerlessClamscan(this, 'default', { buckets: bucketList, onResult: new EventBridgeDestination(), onError: new SqsDestination(queue), }); const bucket_3 = new Bucket(this, 'rBucket3'); sc.addSourceBucket(bucket_3); } } ```

python

```python from aws_cdk import ( Stack, aws_lambda_destinations as lambda_destinations, aws_s3 as s3, aws_sqs as sqs ) from cdk_serverless_clamscan import ServerlessClamscan from constructs import Construct class CdkTestStack(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) bucket_1 = s3.Bucket(self, "rBucket1") bucket_2 = s3.Bucket(self, "rBucket2") bucketList = [ bucket_1, bucket_2 ] queue = sqs.Queue(self, "rQueue") sc = ServerlessClamscan(self, "rClamScan", buckets=bucketList, on_result=lambda_destinations.EventBridgeDestination(), on_error=lambda_destinations.SqsDestination(queue), ) bucket_3 = s3.Bucket(self, "rBucket3") sc.add_source_bucket(bucket_3) ```

Operation and Maintenance

When ClamAV publishes updates to the scanner you will see “Your ClamAV installation is OUTDATED” in your scan results. While the construct creates a system to keep the database definitions up to date, you must update the scanner to detect all the latest Viruses.

Update the docker images of the Lambda functions with the latest version of ClamAV by re-running cdk deploy.

Optionally Skip Files

In certain situations, you may have files which are already scanned and you wish to omit them from ClamAV scanning. In that case, simply tag the s3 object with "scan-status": "N/A" and the file will be automatically skipped.

Example 1. (Upload file to skip)

python/boto

```python boto3.client('s3').upload_file( Filename=file_path, Bucket=bucket_name, Key=object_key, ExtraArgs={'Tagging': 'scan-status=N/A'} ) ```

typscript/aws-sdk

```typescript const params = { Bucket: bucketName, Key: objectKey, Body: fileContent, Tagging: 'scan-status=N/A', }; const command = new PutObjectCommand(params); const response = await (new S3Client()).send(command); ```

API Reference

See API.md.

Contributing

See CONTRIBUTING for more information.

License

This project is licensed under the Apache-2.0 License.

Owner

  • Name: Amazon Web Services - Labs
  • Login: awslabs
  • Kind: organization
  • Location: Seattle, WA

AWS Labs

Committers

Last synced: over 1 year ago

All Time
  • Total Commits: 1,164
  • Total Committers: 14
  • Avg Commits per committer: 83.143
  • Development Distribution Score (DDS): 0.015
Past Year
  • Commits: 268
  • Committers: 2
  • Avg Commits per committer: 134.0
  • Development Distribution Score (DDS): 0.007
Top Committers
Name Email Commits
Arun Donti d****n@g****m 1,146
github-actions[bot] 4****] 4
Vlad Marinescu 5****u 2
Brandon b****n 2
skim-vivlio 9****o 1
dependabot[bot] 4****] 1
Michele Sorcinelli m****r 1
Louis Irwin c****g@l****k 1
Karan Shah 9****n 1
Joel Duckworth 1****o 1
James Houston 8****1 1
Felix f****r@g****m 1
Chad Nelson c****n@g****m 1
Amazon GitHub Automation 5****o 1
Committer Domains (Top 20 + Academic)

Issues and Pull Requests

Last synced: 10 months ago

All Time
  • Total issues: 51
  • Total pull requests: 1,134
  • Average time to close issues: about 2 months
  • Average time to close pull requests: 1 day
  • Total issue authors: 44
  • Total pull request authors: 15
  • Average comments per issue: 2.35
  • Average comments per pull request: 0.04
  • Merged pull requests: 1,097
  • Bot issues: 0
  • Bot pull requests: 10
Past Year
  • Issues: 13
  • Pull requests: 452
  • Average time to close issues: 7 days
  • Average time to close pull requests: about 18 hours
  • Issue authors: 11
  • Pull request authors: 9
  • Average comments per issue: 0.08
  • Average comments per pull request: 0.04
  • Merged pull requests: 425
  • Bot issues: 0
  • Bot pull requests: 9
Top Authors
Issue Authors
  • dontirun (5)
  • namila-perera (2)
  • bdmartin (2)
  • whatsrupp (2)
  • surecloud-Awalia (1)
  • nirmana (1)
  • james-wilson-sp (1)
  • hemanth-m19 (1)
  • Artotim (1)
  • igibek (1)
  • surecloud-meason (1)
  • nio-p (1)
  • surecloud-amiller (1)
  • Tietew (1)
  • Scalldog (1)
Pull Request Authors
  • dontirun (1,099)
  • bdmartin (7)
  • mergify[bot] (5)
  • dependabot[bot] (5)
  • sathishudayagiri (2)
  • vumdao (2)
  • nemanja-kovacevic-thinkit (2)
  • stevielb (2)
  • scones (2)
  • phanluanint (2)
  • JNaeemGitonga (1)
  • felix-iw (1)
  • stephenrob (1)
  • lirwin3007 (1)
  • andrewf76 (1)
Top Labels
Issue Labels
auto-approve (5) guidance (2) enhancement (1) good first issue (1) bug (1) investigating (1) waiting for response (1)
Pull Request Labels
auto-approve (1,098) dependencies (4) javascript (3) auto-merge (2)

Packages

  • Total packages: 5
  • Total downloads:
    • npm 15,860 last-month
    • pypi 12,059 last-month
  • Total docker downloads: 144,774
  • Total dependent packages: 3
    (may contain duplicates)
  • Total dependent repositories: 14
    (may contain duplicates)
  • Total versions: 4,267
  • Total maintainers: 3
npmjs.org: cdk-serverless-clamscan

Serverless architecture to virus scan objects in Amazon S3.

  • Versions: 1,416
  • Dependent Packages: 2
  • Dependent Repositories: 12
  • Downloads: 15,592 Last month
  • Docker Downloads: 144,774
Rankings
Docker downloads count: 0.6%
Downloads: 1.6%
Dependent repos count: 3.5%
Average: 3.8%
Forks count: 3.9%
Stargazers count: 4.3%
Dependent packages count: 8.7%
Maintainers (2)
Last synced: 10 months ago
proxy.golang.org: github.com/awslabs/cdk-serverless-clamscan
  • Versions: 958
  • Dependent Packages: 0
  • Dependent Repositories: 0
Rankings
Dependent repos count: 1.6%
Average: 4.1%
Dependent packages count: 6.5%
Last synced: over 2 years ago
pypi.org: cdk-serverless-clamscan

Serverless architecture to virus scan objects in Amazon S3.

  • Versions: 1,387
  • Dependent Packages: 0
  • Dependent Repositories: 1
  • Downloads: 11,753 Last month
Rankings
Downloads: 2.8%
Stargazers count: 5.3%
Forks count: 5.6%
Average: 9.1%
Dependent packages count: 10.1%
Dependent repos count: 21.6%
Maintainers (2)
Last synced: 10 months ago
pypi.org: monocdk-serverless-clamscan

Serverless architecture to virus scan objects in Amazon S3.

  • Versions: 253
  • Dependent Packages: 0
  • Dependent Repositories: 1
  • Downloads: 306 Last month
Rankings
Stargazers count: 5.3%
Forks count: 5.6%
Downloads: 8.0%
Dependent packages count: 10.0%
Average: 10.1%
Dependent repos count: 21.8%
Maintainers (1)
Last synced: 10 months ago
npmjs.org: monocdk-serverless-clamscan

Serverless architecture to virus scan objects in Amazon S3.

  • Versions: 253
  • Dependent Packages: 1
  • Dependent Repositories: 0
  • Downloads: 268 Last month
Rankings
Forks count: 4.9%
Stargazers count: 5.7%
Downloads: 6.8%
Average: 11.8%
Dependent packages count: 16.2%
Dependent repos count: 25.3%
Maintainers (2)
Last synced: 10 months ago

Dependencies

yarn.lock npm
  • 890 dependencies
.github/workflows/auto-approve.yml actions
  • hmarr/auto-approve-action v2.2.1 composite
.github/workflows/build.yml actions
  • actions/checkout v3 composite
  • actions/download-artifact v3 composite
  • actions/setup-node v3 composite
  • actions/setup-python v4 composite
  • actions/upload-artifact v3 composite
.github/workflows/pull-request-lint.yml actions
  • amannn/action-semantic-pull-request v5.0.2 composite
.github/workflows/release.yml actions
  • actions/checkout v3 composite
  • actions/download-artifact v3 composite
  • actions/setup-node v3 composite
  • actions/setup-python v4 composite
  • actions/upload-artifact v3 composite
.github/workflows/upgrade-main.yml actions
  • actions/checkout v3 composite
  • actions/download-artifact v3 composite
  • actions/setup-node v3 composite
  • actions/upload-artifact v3 composite
  • peter-evans/create-pull-request v4 composite
assets/lambda/code/download_defs/Dockerfile docker
  • public.ecr.aws/lambda/python 3.8 build
assets/lambda/code/scan/Dockerfile docker
  • public.ecr.aws/lambda/python 3.8 build
package.json npm
  • @aws-cdk/assert ^2.11 development
  • @types/jest ^27 development
  • @types/node ^16 development
  • @typescript-eslint/eslint-plugin ^6 development
  • @typescript-eslint/parser ^6 development
  • aws-cdk-lib 2.11.0 development
  • cdk-nag ^2.15.18 development
  • constructs 10.0.5 development
  • eslint ^8 development
  • eslint-import-resolver-node ^0.3.9 development
  • eslint-import-resolver-typescript ^2.7.1 development
  • eslint-plugin-import ^2.28.1 development
  • jest ^27 development
  • jest-junit ^15 development
  • jsii 1.x development
  • jsii-diff ^1.89.0 development
  • jsii-docgen ^1.8.110 development
  • jsii-pacmak ^1.89.0 development
  • jsii-rosetta 1.x development
  • npm-check-updates ^16 development
  • projen ^0.73.30 development
  • standard-version ^9 development
  • ts-jest ^27 development
  • typescript ^4.9.5 development
pyproject.toml pypi