AWS Transfer Family provides a secure SFTP server for file uploads, ensuring safe data transfer over public channels
GuardDuty Malware Protection automatically scans files uploaded to Amazon S3 for malware, reducing the risk of harmful files entering the system
The solution uses AWS Step Functions to automate workflows, including file uploads, malware scanning, and result notifications
Partial uploads trigger error-handling workflows, ensuring incomplete files are flagged and appropriate actions are taken
Files are classified as clean or infected after scanning. Clean files are moved to a "Clean" S3 bucket, while infected files are quarantined for further analysis
Amazon Simple Notification Service (SNS) sends alerts for successful uploads, clean scans, or harmful file detections to notify users and administrators
Amazon EventBridge triggers Lambda functions based on GuardDuty scan results, enabling real-time processing and response
An S3 Lifecycle policy ensures files in the "Processing" bucket are automatically deleted after one day to prevent unnecessary storage costs
The solution can be deployed using Terraform, which automates the creation of resources like S3 buckets, Lambda functions, and SFTP servers
By integrating AWS Transfer Family and GuardDuty, the solution reduces the attack surface and ensures files are safe for further processing in the system