The _scanFunction is not a public property on the `ServerlessClamscan` construct
whatsrupp opened this issue · 2 comments
this._scanFunction
is not a public variable on the ServerlessClamscan construct. This limits the ability to extend the stack. Has this been done for a reason?
I mainly need the ability to
- Export properties from scan function to other stacks
- Add new triggers for the scan lambda - primarily for reprocessing.
It would be a fairly quick change to add it as a new public variable in the ServerlessClamscan construct so that people can extend the scan lambda where necessary
Failing this, how is best to trigger scans on objects in buckets that existed before ServerlessClamscan was pointed at the old bucket?
I did not want users to have the ability to directly modify the lambda function when I initially designed the construct because I didn't think of the scenarios where this would be helpful, especially since the scanning lambda was designed specifically for s3 notifications and the construct did not initially allow for using imported buckets.
That being said, I think it's reasonable request to expose it.
Would you be willing to submit a PR for this?
I'm going to give it a go and use this approach to access the private property , and see if it works well - if it does, am happy to open a PR.
Other use cases could be where you have a bucket where you want to trigger other side effects other than just this lambda at the bucket create event (As you can only hook a single trigger into a bucket create event, you need to fan it out to SNS if you want to do that, which would mean the AV lambda would need to subscribe to that instead)
Although at that point, maybe that's where you realise that you should probably just write something more custom 🤷♂️