Raz-Dahan/bucket-virus-scanner

Serverless Virus Scanning Process using VirusTotal on GCP Cloud Functions

bucket-virus-scanner

This project is a serverless process using GCP Cloud Functions that scan files uploaded to a GCP bucket for viruses using VirusTotal. The scanning process will be triggered when a new file is uploaded to the specified GCP bucket and the dangerous files are deleted.

Prerequisites

• GCP Account and Project
• GCP Cloud Storage Bucket
• GCP Cloud Functions API enabled
• GCP Service Account with "Service Account User", "Secrets Manager Admin", "Storage Admin" and "Cloud Functions Admin" IAM roles
• VirusTotal API Key stored in GCP Secret Manager
• Optional - Terraform installed

Implementation

1. Implement a GCP Cloud Function that triggers on a new file upload to the specified GCP bucket (google.cloud.storage.object.v1.finalized)

2. Fetch the VirusTotal API Key securely from GCP Secret Manager within the Cloud Function as an Environment variable

Or

• Clone this git repository

  git clone https://github.com/Raz-Dahan/bucket-virus-scanner.git
  cd ./bucket-virus-scanner

• Change relevant variables in main.tf

• Deploy on GCP using Terraform

  cd ./terraform
  terraform init
  terraform plan

  And, if suitable for your requirements, proceed to

  terraform apply

Resources

• Python Client library for Google Cloud Storage
• Python client library for the VirusTotal API
• Google Cloud Platform Provider for Terraform
• Deploy Cloud Functions on GCP with Terraform - Medium article