FSS-Full-Scan is a CDK project to deploy all the required resources to trigger a full scan on a S3 bucket leveraging an existing Trend Micro File Storage Security deployment.
Just want to run it? The latest version of the CloudFormation template is always available here.
Make sure to deploy FSS to desired bucket before deploying this stack.
BucketNameName of the bucketScannerQueueArnARN of the ScannerQueue queue. Something like arn:aws:sqs:us-east-1:123456789012:All-in-one-TM-FileStorageSecurity-ScannerStack-IT1V5O-ScannerQueue-1IOQHTGGGZYFLScannerQueueUrlURL of the ScannerQueue queue. Something like https://sqs.us-east-1.amazonaws.com/123456789012/All-in-one-TM-FileStorageSecurity-ScannerStack-IT1V5O-ScannerQueue-1IOQHTGGGZYFLScanResultTopicArnARN of ScanResultTopic topic. Something like arn:aws:sns:us-east-1:123456789012:All-in-one-TM-FileStorageSecurity-StorageStack-1E00QCLBZW7M4-ScanResultTopic-1W7RZ7PBZZUJO
After deployment, trigger the new Lambda function BucketFullScan with any payload, empty or otherwise, using whatever method you feel most comfortable with. The scan will be queued right after that.
Open the Lambda function BucketFullScan in Lambda's dashboard. Click in "Test" an then in "New Test". You should see a window like the one below:
Leave it as it, add any event name, such as "Full Scan" and press save. Click in "Test" again and wait for execution. All files should be queued for scan now.
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
npm run buildcompile typescript to jsnpm run watchwatch for changes and compilenpm run testperform the jest unit testsnpm run cloudformationcompiles typescript to js and generates CloudFormation templatecdk deploydeploy this stack to your default AWS account/regioncdk diffcompare deployed stack with current statecdk synthemits the synthesized CloudFormation template