AWS Systems Manager OpsCenter integration
This feature is only available for bucketAV for Amazon S3!
AWS Systems Manager OpsCenter provides a central location where operations engineers and IT professionals can view, investigate, and resolve operational work items related to AWS resources.
By integrating bucketAV’s malware scan results into AWS Systems Manager OpsCenter, operations teams can work on infected files in a central location to quickly identify and respond to malware incidents. This helps organizations to reduce the risk of data breaches and to comply with various security and privacy regulations.
Setup
Install Add-On (requires a running bucketAV installation)
- Set the Stack name to
bucketav-ops-center. - Set the BucketAVStackName parameter to the stack name of bucketAV (if you followed the docs, the name is
bucketav). - Select I acknowledge that AWS CloudFormation might create IAM resources.
- Click on the Create stack button to save.
Run Lambda in a VPC
By default, the add-on deploys Lambda functions with access to the Internet. In case you want to deploy the Lambda functions into a VPC, configure the LambdaVpc and LambdaSubnets parameters.
The add-on requires access to the following endpoints (replace REGION with the AWS region like eu-west-1):
https://ssm.REGION.amazonaws.com
Ensure that the subnets configured in the LambdaSubnets parameter have access to these endpoints via a NAT Gateway or VPC Endpoints.
CloudFormation snippet
# [...]
Resources:
# [...]
OpsCenter:
Type: 'AWS::CloudFormation::Stack'
Properties:
Parameters:
BucketAVStackName: 'bucketav' # if you followed the docs, the name is bucketav
TemplateURL: 'https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.10.0/bucketav-add-on-ops-center.yaml'
Terraform snippet
resource "aws_cloudformation_stack" "bucketav_add_on_ops_center" {
name = "bucketav-ops-center"
template_url = "https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.10.0/bucketav-add-on-ops-center.yaml"
capabilities = ["CAPABILITY_IAM"]
parameters = {
BucketAVStackName = "bucketav" # if you followed the docs, the name is bucketav
}
}
Update
- To update this Add-On to version v2.10.0, go to the AWS CloudFormation Management Console.
- Double-check the region at the top right.
- Search for
bucketav-ops-center, otherwise search for the name you specified. - Select the stack and click on Update.
- Select Replace current template and set the Amazon S3 URL to
https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.10.0/bucketav-add-on-ops-center.yamlCopy - Click on Next.
- Scroll to the bottom of the page and click on Next.
- Scroll to the bottom of the page and click on Next.
- Scroll to the bottom of the page, enable I acknowledge that AWS CloudFormation might create IAM resources, and click on Update stack.
- While the update runs, the stack status is UPDATE_IN_PROGRES. Reload the table from time to time and …
- … wait until the CloudFormation stack status switches to UPDATE_COMPLETE.
Architecture
The following AWS services are used:
- SNS Subscription to connect to the Findings Topic.
- Lambda Function to report to Security Hub.
- CloudWatch Alarms to monitor the used AWS services.
- CloudWatch Logs to store logs.
Release Notes
Subscribe to our Atom feed or newsletter to stay up-to-date! We also publish a machine-readable JSON file.
v2.10.0
Changes:
- Optionally run Lambda functions in a VPC
Release date:2025-04-15
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.10.0/bucketav-add-on-ops-center.yaml
v2.9.0
Changes:
- Update Lambda Node.js runtime to version 22
Release date:2025-02-28
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.9.0/bucketav-add-on-ops-center.yaml
v2.8.0
Changes:
- Reserved Concurrent Execution for Lambda functions
Release date:2024-11-19
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.8.0/bucketav-add-on-ops-center.yaml
v2.7.0
Changes:
- Add CloudFormation output LambdaDeadLetterQueueName
Release date:2024-09-24
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.7.0/bucketav-add-on-ops-center.yaml
v2.6.0
Changes:
- Add parameter to ignore client-side encrypted files
- Improve description
Release date:2024-08-11
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.6.0/bucketav-add-on-ops-center.yaml
v2.5.0
Changes:
- Add Lambda DLQs for async invoked functions
- Bug fixes
Release date:2024-07-09
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.5.0/bucketav-add-on-ops-center.yaml
v2.4.0
Changes:
- Update Lambda runtime to Node.js 20
Release date:2024-02-14
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.4.0/bucketav-add-on-ops-center.yaml
v2.3.0
Changes:
- Add Service Discovery
Release date:2023-12-07
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.3.0/bucketav-add-on-ops-center.yaml
v2.2.0
Changes:
- Update Lambda runtime to Node.js 18
- Performance improvements
Release date:2023-08-30
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.2.0/bucketav-add-on-ops-center.yaml
v2.1.0
Changes:
- Update Lambda runtime to Node.js 16
Release date:2022-06-08
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.1.0/bucketav-add-on-ops-center.yaml
v2.0.1
Changes:
- Improve Lambda config
Release date:2021-12-22
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.0.1/bucketav-add-on-ops-center.yaml
v2.0.0
Changes:
- Initial release
Release date:2021-07-30
Template: https://bucketav-add-ons.s3.eu-west-1.amazonaws.com/ops-center/v2.0.0/bucketav-add-on-ops-center.yaml