https://github.com/awslabs/cdk-serverless-clamscan
Science Score: 26.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Committers with academic emails
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (8.8%) to scientific vocabulary
Keywords from Contributors
Repository
Basic Info
- Host: GitHub
- Owner: awslabs
- License: apache-2.0
- Language: TypeScript
- Default Branch: main
- Size: 6.45 MB
Statistics
- Stars: 264
- Watchers: 4
- Forks: 76
- Open Issues: 29
- Releases: 1,000
Metadata Files
README.md
cdk-serverless-clamscan
An aws-cdk construct that uses ClamAV® to scan newly uploaded objects to Amazon S3 for viruses. The construct provides a flexible interface for a system to act based on the results of a ClamAV virus scan. Check out this blogpost for a guided walkthrough.

Pre-Requisites
Docker: The ClamAV Lambda functions utilizes a container image that is built locally using docker bundling
Examples
This project uses projen and thus all the constructs follow language specific standards and naming patterns. For more information on how to translate the following examples into your desired language read the CDK guide on Translating TypeScript AWS CDK code to other languages
Example 1. (Default destinations with rule target)
typescript
```typescript import { RuleTargetInput } from 'aws-cdk-lib/aws-events'; import { SnsTopic } from 'aws-cdk-lib/aws-events-targets'; import { Bucket } from 'aws-cdk-lib/aws-s3'; import { Topic } from 'aws-cdk-lib/aws-sns'; import { Stack, StackProps } from 'aws-cdk-lib'; import { Construct } from 'constructs'; import { ServerlessClamscan } from 'cdk-serverless-clamscan'; export class CdkTestStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const bucket_1 = new Bucket(this, 'rBucket1'); const bucket_2 = new Bucket(this, 'rBucket2'); const bucketList = [bucket_1, bucket_2]; const sc = new ServerlessClamscan(this, 'rClamscan', { buckets: bucketList, }); const bucket_3 = new Bucket(this, 'rBucket3'); sc.addSourceBucket(bucket_3); const infectedTopic = new Topic(this, 'rInfectedTopic'); sc.infectedRule?.addTarget( new SnsTopic(infectedTopic, { message: RuleTargetInput.fromEventPath( '$.detail.responsePayload.message', ), }), ); } } ```
python
```python from aws_cdk import ( Stack, aws_events as events, aws_events_targets as events_targets, aws_s3 as s3, aws_sns as sns ) from cdk_serverless_clamscan import ServerlessClamscan from constructs import Construct class CdkTestStack(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) bucket_1 = s3.Bucket(self, "rBucket1") bucket_2 = s3.Bucket(self, "rBucket2") bucketList = [ bucket_1, bucket_2 ] sc = ServerlessClamscan(self, "rClamScan", buckets=bucketList, ) bucket_3 = s3.Bucket(self, "rBucket3") sc.add_source_bucket(bucket_3) infected_topic = sns.Topic(self, "rInfectedTopic") if sc.infected_rule != None: sc.infected_rule.add_target( events_targets.SnsTopic( infected_topic, message=events.RuleTargetInput.from_event_path('$.detail.responsePayload.message'), ) ) ```
Example 2. (Bring your own destinations)
typescript
```typescript import { SqsDestination, EventBridgeDestination, } from 'aws-cdk-lib/aws-lambda-destinations'; import { Bucket } from 'aws-cdk-lib/aws-s3'; import { Queue } from 'aws-cdk-lib/aws-sqs'; import { Stack, StackProps } from 'aws-cdk-lib'; import { Construct } from 'constructs'; import { ServerlessClamscan } from 'cdk-serverless-clamscan'; export class CdkTestStack extends Stack { constructor(scope: Construct, id: string, props?: StackProps) { super(scope, id, props); const bucket_1 = new Bucket(this, 'rBucket1'); const bucket_2 = new Bucket(this, 'rBucket2'); const bucketList = [bucket_1, bucket_2]; const queue = new Queue(this, 'rQueue'); const sc = new ServerlessClamscan(this, 'default', { buckets: bucketList, onResult: new EventBridgeDestination(), onError: new SqsDestination(queue), }); const bucket_3 = new Bucket(this, 'rBucket3'); sc.addSourceBucket(bucket_3); } } ```
python
```python from aws_cdk import ( Stack, aws_lambda_destinations as lambda_destinations, aws_s3 as s3, aws_sqs as sqs ) from cdk_serverless_clamscan import ServerlessClamscan from constructs import Construct class CdkTestStack(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) bucket_1 = s3.Bucket(self, "rBucket1") bucket_2 = s3.Bucket(self, "rBucket2") bucketList = [ bucket_1, bucket_2 ] queue = sqs.Queue(self, "rQueue") sc = ServerlessClamscan(self, "rClamScan", buckets=bucketList, on_result=lambda_destinations.EventBridgeDestination(), on_error=lambda_destinations.SqsDestination(queue), ) bucket_3 = s3.Bucket(self, "rBucket3") sc.add_source_bucket(bucket_3) ```
Operation and Maintenance
When ClamAV publishes updates to the scanner you will see “Your ClamAV installation is OUTDATED” in your scan results. While the construct creates a system to keep the database definitions up to date, you must update the scanner to detect all the latest Viruses.
Update the docker images of the Lambda functions with the latest version of ClamAV by re-running cdk deploy.
Optionally Skip Files
In certain situations, you may have files which are already scanned and you wish to omit them from ClamAV scanning. In that case, simply tag the s3 object with "scan-status": "N/A" and the file will be automatically skipped.
Example 1. (Upload file to skip)
python/boto
```python boto3.client('s3').upload_file( Filename=file_path, Bucket=bucket_name, Key=object_key, ExtraArgs={'Tagging': 'scan-status=N/A'} ) ```
typscript/aws-sdk
```typescript const params = { Bucket: bucketName, Key: objectKey, Body: fileContent, Tagging: 'scan-status=N/A', }; const command = new PutObjectCommand(params); const response = await (new S3Client()).send(command); ```
API Reference
See API.md.
Contributing
See CONTRIBUTING for more information.
License
This project is licensed under the Apache-2.0 License.
Owner
- Name: Amazon Web Services - Labs
- Login: awslabs
- Kind: organization
- Location: Seattle, WA
- Website: http://amazon.com/aws/
- Repositories: 914
- Profile: https://github.com/awslabs
AWS Labs
Committers
Last synced: over 1 year ago
Top Committers
| Name | Commits | |
|---|---|---|
| Arun Donti | d****n@g****m | 1,146 |
| github-actions[bot] | 4****] | 4 |
| Vlad Marinescu | 5****u | 2 |
| Brandon | b****n | 2 |
| skim-vivlio | 9****o | 1 |
| dependabot[bot] | 4****] | 1 |
| Michele Sorcinelli | m****r | 1 |
| Louis Irwin | c****g@l****k | 1 |
| Karan Shah | 9****n | 1 |
| Joel Duckworth | 1****o | 1 |
| James Houston | 8****1 | 1 |
| Felix | f****r@g****m | 1 |
| Chad Nelson | c****n@g****m | 1 |
| Amazon GitHub Automation | 5****o | 1 |
Committer Domains (Top 20 + Academic)
Issues and Pull Requests
Last synced: 10 months ago
All Time
- Total issues: 51
- Total pull requests: 1,134
- Average time to close issues: about 2 months
- Average time to close pull requests: 1 day
- Total issue authors: 44
- Total pull request authors: 15
- Average comments per issue: 2.35
- Average comments per pull request: 0.04
- Merged pull requests: 1,097
- Bot issues: 0
- Bot pull requests: 10
Past Year
- Issues: 13
- Pull requests: 452
- Average time to close issues: 7 days
- Average time to close pull requests: about 18 hours
- Issue authors: 11
- Pull request authors: 9
- Average comments per issue: 0.08
- Average comments per pull request: 0.04
- Merged pull requests: 425
- Bot issues: 0
- Bot pull requests: 9
Top Authors
Issue Authors
- dontirun (5)
- namila-perera (2)
- bdmartin (2)
- whatsrupp (2)
- surecloud-Awalia (1)
- nirmana (1)
- james-wilson-sp (1)
- hemanth-m19 (1)
- Artotim (1)
- igibek (1)
- surecloud-meason (1)
- nio-p (1)
- surecloud-amiller (1)
- Tietew (1)
- Scalldog (1)
Pull Request Authors
- dontirun (1,099)
- bdmartin (7)
- mergify[bot] (5)
- dependabot[bot] (5)
- sathishudayagiri (2)
- vumdao (2)
- nemanja-kovacevic-thinkit (2)
- stevielb (2)
- scones (2)
- phanluanint (2)
- JNaeemGitonga (1)
- felix-iw (1)
- stephenrob (1)
- lirwin3007 (1)
- andrewf76 (1)
Top Labels
Issue Labels
Pull Request Labels
Packages
- Total packages: 5
-
Total downloads:
- npm 15,860 last-month
- pypi 12,059 last-month
- Total docker downloads: 144,774
-
Total dependent packages: 3
(may contain duplicates) -
Total dependent repositories: 14
(may contain duplicates) - Total versions: 4,267
- Total maintainers: 3
npmjs.org: cdk-serverless-clamscan
Serverless architecture to virus scan objects in Amazon S3.
- Homepage: https://github.com/awslabs/cdk-serverless-clamscan#readme
- License: Apache-2.0
-
Latest release: 2.13.13
published 10 months ago
Rankings
proxy.golang.org: github.com/awslabs/cdk-serverless-clamscan
- Documentation: https://pkg.go.dev/github.com/awslabs/cdk-serverless-clamscan#section-documentation
- License: apache-2.0
- Status: removed
-
Latest release: v2.6.61+incompatible
published over 2 years ago
Rankings
pypi.org: cdk-serverless-clamscan
Serverless architecture to virus scan objects in Amazon S3.
- Homepage: https://github.com/awslabs/cdk-serverless-clamscan
- Documentation: https://cdk-serverless-clamscan.readthedocs.io/
- License: Apache-2.0
-
Latest release: 2.13.12
published 10 months ago
Rankings
Maintainers (2)
pypi.org: monocdk-serverless-clamscan
Serverless architecture to virus scan objects in Amazon S3.
- Homepage: https://github.com/awslabs/cdk-serverless-clamscan
- Documentation: https://monocdk-serverless-clamscan.readthedocs.io/
- License: Apache-2.0
-
Latest release: 1.2.18
published about 4 years ago
Rankings
Maintainers (1)
npmjs.org: monocdk-serverless-clamscan
Serverless architecture to virus scan objects in Amazon S3.
- Homepage: https://github.com/awslabs/cdk-serverless-clamscan#readme
- License: Apache-2.0
- Status: deprecated
-
Latest release: 1.2.18
published about 4 years ago
Rankings
Dependencies
- 890 dependencies
- hmarr/auto-approve-action v2.2.1 composite
- actions/checkout v3 composite
- actions/download-artifact v3 composite
- actions/setup-node v3 composite
- actions/setup-python v4 composite
- actions/upload-artifact v3 composite
- amannn/action-semantic-pull-request v5.0.2 composite
- actions/checkout v3 composite
- actions/download-artifact v3 composite
- actions/setup-node v3 composite
- actions/setup-python v4 composite
- actions/upload-artifact v3 composite
- actions/checkout v3 composite
- actions/download-artifact v3 composite
- actions/setup-node v3 composite
- actions/upload-artifact v3 composite
- peter-evans/create-pull-request v4 composite
- public.ecr.aws/lambda/python 3.8 build
- public.ecr.aws/lambda/python 3.8 build
- @aws-cdk/assert ^2.11 development
- @types/jest ^27 development
- @types/node ^16 development
- @typescript-eslint/eslint-plugin ^6 development
- @typescript-eslint/parser ^6 development
- aws-cdk-lib 2.11.0 development
- cdk-nag ^2.15.18 development
- constructs 10.0.5 development
- eslint ^8 development
- eslint-import-resolver-node ^0.3.9 development
- eslint-import-resolver-typescript ^2.7.1 development
- eslint-plugin-import ^2.28.1 development
- jest ^27 development
- jest-junit ^15 development
- jsii 1.x development
- jsii-diff ^1.89.0 development
- jsii-docgen ^1.8.110 development
- jsii-pacmak ^1.89.0 development
- jsii-rosetta 1.x development
- npm-check-updates ^16 development
- projen ^0.73.30 development
- standard-version ^9 development
- ts-jest ^27 development
- typescript ^4.9.5 development