Update: I've written how to do this with lambda containers as well!
Let's create an environment that scans a file via an S3 event by utilizing Cla...
For further actions, you may consider blocking this person and/or reporting abuse
I googled this in a hackathon when I had no idea how I was gonna solve this problem, so big thanks ;)
BTW, I had to change freshclam.conf so DatabaseDirectory is
/home/build/var/lib/clamav
in order to get the Docker build to work./opt/var/lib/clamav
is still used in the Lambda function.Ah, good catch! Sorry, I've been inactive here in the midst of the holidays and switching jobs. Thanks for that, I'll update the code.
Hi @matt Morgan
I still see /home/build/opt/var/lib/clamav in DatabaseDirectory, should we change this to /home/build/var/lib/clamav ?
Awesome article!! Do you have anything around updating the virus definitions on a daily basis?
Easily updating them would potentially be expensive (because of the whole versioning shenanigans), because you'd have to redeploy the lambda layer each time. I'd recommend looking into an EC2 / Fargate solution for that and I have an article outlined that I need to actually write and push out. It's just very lengthy, and it's a lot of Terraform work to explain -- I'm working on splitting it up.
github.com/bluesentry/bucket-antiv...
Yup, for a Python solution, that looks cool. Still limited by Lambda storage, funfortunately.
Great post! It was extremely helpful. For me, the code didn’t work for a Lambda runtime of NodeJS 18 or higher (not terribly surprising given the age of this article). Do you happen to know how the Docker file or ClamAV binaries would need to change in order to work with those newer runtimes?
I'm with the same problem! hehe. In my case, the clamscan cant be executed inside of lambda (/bin/sh: clamscan: command not found). But I tried it on docker and works.
If you can resolve it, please share here!
Looks like it can't find the file. Might have to reconfigure the path to get things to play nicely -- this article is over two years old, and I have no idea what OS you're running.