Skip to content
Switch branches/tags
Go to file


Failed to load latest commit information.

Truework S3 Antivirus

Link to the Truework blog post for more details


Building the Lambda function


The resulting file will be at


Environment variables available

You can customize some of the variable used throughout the program to your needs.

Mandatory variables:

CLAMAV_BUCKET_NAME - Bucket where the definitions are stored
PATH_TO_AV_DEFINITIONS - Folder where the definitions are stored.


STATUS_CLEAN_FILE - Value used to indicate that the file scanned was clean (default: CLEAN)
STATUS_INFECTED_FILE - Value used to indicate that the file scanned was infected (default: INFECTED)
STATUS_SKIPPED_FILE - Value used to indicate that the file could not be scanned.(default: SKIPPED)
STATUS_ERROR_PROCESSING_FILE - Value used to indicate that there was an error scanning the file (default: ERROR)
VIRUS_SCAN_STATUS_KEY - Key used to store the result of the virus scan (default: virusScanStatus)
VIRUS_SCAN_TIMESTAMP_KEY - Key used to store  (default: virusScanTimestamp)
MAX_FILE_SIZE - Value used to control the max size of a file that can be downloaded and scanned without error. (default: 300MB)

Additional information for Lambda configuration

clamscan and freshclam require sufficent resources - 1024MB is recommended for both.

S3 trigger should be configured via the lambda configuration and not via S3 events.

Set up and utilize invokable lambda endpoint

  1. Build the lambda zip. See "Building the lambda function".

  2. In AWS create a lambda function using the which can act upon S3 buckets of your choice.

  • This is done in the same fashion as in the attached blog post for the Downloader and Scanner.
  1. Set the Handler to

Invoking the lambda Endpoint

Example Json Data Needed For api.lambdaHandleEvent

  "s3Key": "{OBJECT KEY}",
  "s3Bucket": "{BUCKET NAME}"

Example of Invoke the lambda event from AWS SDK


Gems needed:

  • aws-sdk-core - required to use aws-sdk
  • aws-sdk-lambda - required to invoke the lambda
# Configure AWS and create Lambda Client
Aws.config.update(region: REGION)
lambda_client ={ Args to access required. })

# Build Invoke Payload and JSONify
req_payload = {:s3Bucket => bucket, :s3Key => key}
payload = JSON.generate(req_payload)

# Invoke Lambda as Event (Fire and Forget)
resp = lambda_client.invoke({function_name: {lambdaName},
        invocation_type: 'Event',
        log_type: 'None',
        payload: payload


License & Acknowledgements

The code is released under the Apache License 2.0, please find the details here:

Thanks for the Upside travel team who provided a good blueprint in Python.


Lambda Function to scan incoming S3 uploads by Truework




No releases published


No packages published