Replies: 1 comment
-
|
One of the ideas behind the construct is to ensure there are no operations performed on objects unless they have been scanned. Using an S3 Bucket, a bucket policy, and tagging strategy helps make sure that is the case Is there a specific reason to perform operations on the object before it has been scanned? Another option is to add EventNotifications based on object tagging events this.myBucket.addEventNotification(
EventType.OBJECT_TAGGING,
new SnsDestination(contentFileCreatedTopic)
); |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Currently this solution is based on S3 Events. (OBJECT_CREATED?)
Which makes sense of course. But for my use case there is a problem.
Hi, I have a S3 bucket where I already have an OBJECT_CREATED event attached.
Because I have to do some other stuff after a file was created.
But this will lead to an error when creating the clamscan stack, because there can only be one OBJECT_CREATED destination per bucket.
My solution: Replicate source bucket and let virus checking be done on the cloned bucket.
I guess we are limited by AWS here regarding the "only one" event destination, right?
Idea: Does it make sense to be able to specify other event sources to the clamscan stack?
e.g. have it start scanning a file by listening to sqs, sns or event bus? Where the payload can contain the source bucket arn and key for example.
Beta Was this translation helpful? Give feedback.
All reactions