Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add S3 scan object Terraform module to Vault file storage #224

Closed
patheard opened this issue Jun 29, 2022 · 0 comments
Closed

Add S3 scan object Terraform module to Vault file storage #224

patheard opened this issue Jun 29, 2022 · 0 comments
Assignees
@patheard
Labels
development ISTS

Comments

@patheard
Copy link
Member

patheard commented Jun 29, 2022
edited
Loading

Summary

Add the S3 scan object Terraform module to the forms-${var.env}-vault-file-storage bucket to enable ClamAV file scanning on all newly created S3 objects.

The module behaves as follows:

  1. When an S3 object is created in the bucket, it triggers a scan using Scan Files ClamAV endpoint.
  2. This marks the S3 object scanning status as in_progress using object tags.
  3. Once Scan Files has completed the scan, it publishes the scan verdict to an SNS topic, which causes the lambda to update the S3 object tag with the scan verdict.

Related
@patheard patheard self-assigned this Jun 29, 2022
This was referenced Jun 29, 2022
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
This was referenced Jul 6, 2022
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
This was referenced Jul 11, 2022
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@patheard patheard

Labels
development ISTS
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@patheard