GuardDuty S3 Malware

Demonstrates enabling GuardDuty S3 Malware Protection for an S3 bucket.

Options

If a threat is detected, send a notification.
If no threats are detected, move the file to another bucket or add the event to a queue.

Install

Follow instructions to install CDK and bootstrap your account.

Deploy

Set email in cdk.json if you'd like to receive an email notification when a threat is found.

Run cdk deploy

Test

Threats

Get an EICAR test file.
- Disable Malware Protection
- Download an EICAR test file
- Upload the file to the source bucket
- Re-enable Malware Protection
Verify a notification was emailed to you
Verify it is tagged with THREATS_FOUND

No Threats

Upload a clean file to the source bucket
Verify it was moved to the destination bucket
Verify it is tagged with NO_THREATS_FOUND
Verify the Guard Duty event was added to the queue

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
bin		bin
lib		lib
src		src
.gitignore		.gitignore
.npmignore		.npmignore
README.md		README.md
cdk.json		cdk.json
jest.config.js		jest.config.js
package-lock.json		package-lock.json
package.json		package.json
policy.json		policy.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

GuardDuty S3 Malware

Install

Deploy

Test

About

Uh oh!

Releases

Packages

Uh oh!

Languages

alex-dees/guard-duty-s3-malware

Folders and files

Latest commit

History

Repository files navigation

GuardDuty S3 Malware

Install

Deploy

Test

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages