S3 virus and malware alerting powered by VirusScan for Amazon S3

Michael Wittig – 12 Feb 2021

Allowing users to upload files to S3 is risky. You have to ensure that malicious files like a virus or malware are not distributed to other users. Therefore, we recommend an antivirus solution such as VirusScan for Amazon S3.

S3 virus and malware alerting

As soon as a virus is detected, your team is notified in Slack or Microsoft Teams by marbot. Let’s get started.

Installation

  1. Install VirusScan for Amazon S3.
  2. Install marbot (Slack or Microsoft Teams).
  3. Invite marbot to one of your channels.
  4. Send @marbot What is my endpoint id? to the channel.
  5. Copy the returned URL (e.g., https://api.marbot.io/v1/endpoint/YOUR_ENDPOINT_ID).
  6. Visit the Amazon SNS Console.
  7. Ensure that you are in the correct region.
  8. Navigate to Topics.
  9. Search for the FindingsTopic and click on the found topic.
  10. Click on the Create Subscription button.
  11. Set Protocol to HTTPS.
  12. Set Endpoint to the URL returned by marbot.
  13. Set Subscription filter policy to:

    {"status": ["infected", "no"]}
  14. Click on the Create subscription button to save.
    VirusScan for Amazon S3 Setup

That’s it. New findings are reported to Slack or Microsoft Teams like this:

VirusScan for Amazon S3 Alert

Michael Wittig

Michael Wittig

Consultant focusing on Amazon Web Services (AWS). Entrepreneur building marbot.io. Author of Amazon Web Services in Action, Rapid Docker on AWS, and cloudonaut.io.

You can contact me via Email, Twitter, and LinkedIn.

Published on

marbot teaser

Chatbot for AWS Monitoring

Configure monitoring for Amazon Web Services: CloudWatch, EC2, RDS, EB, Lambda, and more. Receive and manage alerts via Slack. Solve incidents as a team.

Slack
Add to Slack
Microsoft Teams
Add to Teams