Merge pull request bluesentry#20 from jfurmankiewiczupgrade/sns-scan-…

…start Add functionality to post to SNS upon start of scan
cbechtloff-bf · Mar 16, 2018 · 94393d7 · 94393d7
2 parents e58dc77 + baa0e51
commit 94393d7
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -190,6 +190,8 @@ the table below for reference.
 | AV_DEFINITION_S3_BUCKET | Bucket containing antivirus definition files |  | Yes |
 | AV_DEFINITION_S3_PREFIX | Prefix for antivirus definition files | clamav_defs | No |
 | AV_DEFINITION_PATH | Path containing files at runtime | /tmp/clamav_defs | No |
+| AV_SCAN_START_SNS_ARN | SNS topic ARN to publish notification about start of scan | | No |
+| AV_SCAN_START_METADATA | The tag/metada indicating the start of the scan | av-scan-start | No |
 | AV_STATUS_CLEAN | The value assigned to clean items inside of tags/metadata | CLEAN | No |
 | AV_STATUS_INFECTED | The value assigned to clean items inside of tags/metadata | INFECTED | No |
 | AV_STATUS_METADATA | The tag/metadata name representing file's AV status | av-status | No |

diff --git a/common.py b/common.py
@@ -19,6 +19,8 @@
 AV_DEFINITION_S3_BUCKET = os.getenv("AV_DEFINITION_S3_BUCKET")
 AV_DEFINITION_S3_PREFIX = os.getenv("AV_DEFINITION_S3_PREFIX", "clamav_defs")
 AV_DEFINITION_PATH = os.getenv("AV_DEFINITION_PATH", "/tmp/clamav_defs")
+AV_SCAN_START_SNS_ARN = os.getenv("AV_SCAN_START_SNS_ARN")
+AV_SCAN_START_METADATA = os.getenv("AV_SCAN_START_METADATA", "av-scan-start")
 AV_STATUS_CLEAN = os.getenv("AV_STATUS_CLEAN", "CLEAN")
 AV_STATUS_INFECTED = os.getenv("AV_STATUS_INFECTED", "INFECTED")
 AV_STATUS_METADATA = os.getenv("AV_STATUS_METADATA", "av-status")

diff --git a/scan.py b/scan.py
@@ -72,6 +72,21 @@ def set_av_tags(s3_object, result):
         Tagging={"TagSet": new_tags}
     )
 
+def sns_start_scan(s3_object):
+    if AV_SCAN_START_SNS_ARN is None:
+        return
+    message = {
+        "bucket": s3_object.bucket_name,
+        "key": s3_object.key,
+        AV_SCAN_START_METADATA: True,
+        AV_TIMESTAMP_METADATA: datetime.utcnow().strftime("%Y/%m/%d %H:%M:%S UTC")
+    }
+    sns_client = boto3.client("sns")
+    sns_client.publish(
+        TargetArn=AV_SCAN_START_SNS_ARN,
+        Message=json.dumps({'default': json.dumps(message)}),
+        MessageStructure="json"
+    )
 
 def sns_scan_results(s3_object, result):
     if AV_STATUS_SNS_ARN is None:
@@ -95,6 +110,7 @@ def lambda_handler(event, context):
     print("Script starting at %s\n" %
           (start_time.strftime("%Y/%m/%d %H:%M:%S UTC")))
     s3_object = event_object(event)
+    sns_start_scan(s3_object)
     file_path = download_s3_object(s3_object, "/tmp")
     clamav.update_defs_from_s3(AV_DEFINITION_S3_BUCKET, AV_DEFINITION_S3_PREFIX)
     scan_result = clamav.scan_file(file_path)