Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Looking for ideas, How can I create a secure SFTP server with scanning?

0

Suppose I want to make a safe, easy, and accessible way to transfer files into a VPC. Ideally a user just goes to a site in a browser and uploads the file, then can log into the VPC's network and download it.

But there's a few gotchas:

  • All uploaded files must be scanned for viruses/malware (e.x. ClamAV Lambda checks the files). Infected files must be quarantined/inaccessible.

  • Users need to be able to authenticate with an Identity provider like Okta.

  • Users should only be able to see files that they have permissions to.

I wanted to use AWS managed SFTP (such as https://github.com/awslabs/web-client-for-aws-transfer-family/tree/open-source), but I can't figure out how I would implement scanning into the pipeline. I could instead use S3 buckets directly with some application interface, but that would take a lot of heavy lifting on my end to build said application (unless there's already something for this).

Any suggestions?

Themen
SpeicherMigration und Modernisierung
Tags
Amazon Simple Storage ServiceAWS Transfer for SFTPSpeicher
Sprache
English
Brandon-Ellis-AI
gefragt vor 2 Jahren404 Aufrufe
1 Antwort
1

I suggest the workflow feature of AWS Transfer may help meet your requirements to add a scanning lambda and control the user permissions. This blog post is a good guide for some of the capabilities. There was an enhancement to workflows announced yesterday.

I have also worked with customers with very complex requirements where we used step functions

AWS
EXPERTE
Peter_G
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt