GuardDuty S3 Malware

Demonstrates enabling GuardDuty S3 Malware Protection for an S3 bucket.

Options

If a threat is detected, send a notification.
If no threats are detected, move the file to another bucket or add the event to a queue.

Install

Follow instructions to install CDK and bootstrap your account.

Set email in cdk.json if you'd like to receive an email notification when a threat is found.

Run cdk deploy

Threats

Get an EICAR test file.
- Disable Malware Protection
- Download an EICAR test file
- Upload the file to the source bucket
- Re-enable Malware Protection
Verify a notification was emailed to you
Verify it is tagged with THREATS_FOUND

No Threats

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
bin		bin
lib		lib
src		src
.gitignore		.gitignore
.npmignore		.npmignore
README.md		README.md
cdk.json		cdk.json
jest.config.js		jest.config.js
package-lock.json		package-lock.json
package.json		package.json
policy.json		policy.json
tsconfig.json		tsconfig.json