Setup Guide

Get started with bucketAV in 15 minutes. Follow this Setup Guide to:

  • Subscribe to and install bucketAV.
  • Scan your Amazon S3 buckets when new files arrive (optional).
  • Scan your Amazon S3 buckets periodically (optional).
  • Configure a weekly report (optional).

Do you have any questions? Please read the documentation and frequently asked questions, or email us.

The video shows how to install bucketAV powered by ClamAV®. However, setting up bucketAV powered by Sophos® works the same.

Create an EC2 key pair

bucketAV requires an EC2 Key Pair. To create a key pair:

  1. Go to the EC2 Management Console and navigate to Key Pairs.
  2. Click on Create key pair.
  3. Set a Name (e.g., bucketav).
  4. Select the Private key file format that fits your SSH client (.ppk for PuTTY; otherwise, .pem).
  5. Click on Create key pair. Step 1

Subscribe to bucketAV in AWS Marketplace

bucketAV comes in two variants: bucketAV powered by Sophos® and bucketAV powered by ClamAV®. the following table compares the two variants. Pick the variant, that fits your needs and click on the Go to AWS Marketplace button.

bucketAV powered by Sophos®bucketAV powered by ClamAV®
Commercial antivirus engineOpen-source antivirus engine
High performanceMedium performance
Maximum file size 5 TBMaximum file size 4.2 GB
Priority support via emailStandard support via email
$0.20 per scanned GB$0.05 per vCPU hour
Contact hello@bucketav.com to ask for a free trial.14-day free tial starts automatically

Go to AWS Marketplace

Go to AWS Marketplace

The free trial covers the software costs for running one EC2 instance. Please note that the free trial does not cover the AWS infrastructure costs like EC2, S3, SQS, SNS, and more.

After you selected the bucketAV variant, that fits your need by clicking one of the Go to AWS Marketplace links, proceed with the following steps.

  1. Click on Continue to Subscribe. Step 1
  2. Click on Accept Terms. Step 2
  3. The subscription is now Pending. Step 3
  4. Wait until the subscription is active and click on Continue to Configuration. Step 4
  5. We provide three Delivery Methods:
    Delivery MethodDescriptionArchitecture
    Dedicated public VPC
    (recommended)
    The recommended and cost-efficient option where the network setup is included.Open diagram
    Dedicated private VPCThe EC2 instances run in private subnets (additional traffic charges apply). We recommend this option only if your internal security guidelines require it.Open diagram
    Existing VPCDeploy bucketAV into an existing VPC. Deploying bucketAV into an existing VPC increases the setup effort and the complexity. Read the Existing VPC Network Guide to prepare your VPC configuration.Open diagram
  6. The Region you select must match the region of your S3 buckets. If you use S3 buckets in multiple regions, repeat the setup for each region.
  7. Click on Continue to Launch. Step 5
  8. Choose the Action Launch CloudFormation and click on Launch. Step 6
  9. You are redirected to CloudFormation.

Install bucketAV

bucketAV is managed and configured via CloudFormation.

  1. Click on Next. Step 7
  2. Set a Stack name (e.g., bucketav).
  3. Under Required Parameters, set the KeyName configuration parameter to an EC2 Key Pair.
  4. Review the rest of the configuration parameters and go with the defaults (recommended). Step 8
  5. Scroll to the bottom of the page and click on Next. Step 9
  6. Scroll to the bottom of the page and click on Next. Step 10
  7. Scroll to the bottom of the page, enable I acknowledge that AWS CloudFormation might create IAM resources, and click on Create. Step 11
  8. The stack status is CREATE_IN_PROGRESS. Reload the table from time to time and … Step 12
  9. … wait until the CloudFormation stack status switches to CREATE_COMPLETE. Step 13

bucketAV is now up and running.

Update bucketAV regularly to keep the product secure.

Receive a monthly digest of security updates, new capabilities, and best practices.

Continue to connect your S3 buckets.

Configure your S3 buckets for real-time scanning

  1. In the AWS S3 Management Console, click on the bucket you want to connect to bucketAV. Make sure the bucket’s region matches the bucketAV region. Step 1
  2. Click on the Properties tab. Step 2
  3. Scroll down to the Event notifications box and click on Create event notification. Step 3
  4. Set the Event Name (e.g., bucketav).
  5. Select the All objects create events event type.
  6. Select the destination SQS Queue and choose the SQS Queue with ScanQueue in the name.

Don’t select the queue with DeadLetterQueue in the name!

  1. Click on Save changes. Step 4

From now on, each file uploaded to your S3 bucket will be scanned for trojans, viruses, and malware.

Follow these steps to test your configuration:

  1. Upload a file.
  2. Click on the uploaded file. Step 6
  3. Scroll down to the Tags box. Within a few seconds, the bucketav tag is added with the scan result (reload the page if needed). Step 7
  4. To simulate an infected file, we recommend using the EICAR test file.

Continue to configure scheduled bucket scans.

Scan buckets at regular intervals

If you want to scan all files in a bucket on a schedule, install the Scan bucket at regular intervals Add-On.

Continue to configure reporting and open the dashboard.

Reporting & Visibility

Install the Reporting Add-On to receive a daily/weekly/monthly email report.

Check out the dashboard for complete visibility into bucketAV.

Do you have any questions?

Check out the frequently asked questions, or send us an email.

Stay up-to-date

Monthly digest of security updates, new capabilities, and best practices.