Merge pull request #87 from aws-ia/malware-protection-fixes

prabirsekhri · web-flow · commit 996f7b1465be · 2025-11-23T19:47:15.000-05:00
Malware protection fixes
diff --git a/examples/sftp-malware-protection-guardduty/main.tf b/examples/sftp-malware-protection-guardduty/main.tf
@@ -118,7 +118,7 @@ module "s3_bucket_errors" {
 ####################################
 resource "aws_sns_topic" "malware_threats" {
   name              = "${random_pet.name.id}-malware-sns-topic"
-  kms_master_key_id = "alias/aws/sns"
+  kms_master_key_id = module.sftp-public-endpoint-service-managed-S3-resources.kms_key_arn
   tags = merge(var.tags, {
     Purpose = "SFTP Malware Threat Notifications"
   })
diff --git a/modules/transfer-malware-protection/main.tf b/modules/transfer-malware-protection/main.tf
@@ -131,6 +131,9 @@ resource "aws_cloudwatch_event_rule" "guardduty_scan_results" {
     source      = ["aws.guardduty"]
     detail-type = ["GuardDuty Malware Protection Object Scan Result"]
     detail = {
+      s3ObjectDetails = {
+        bucketName = [var.s3_ingest_bucket.bucket_name]
+      }
       scanResultDetails = {
         scanResultStatus = keys(var.routing_config)
       }
@@ -253,7 +256,7 @@ resource "aws_lambda_function" "file_transfer_function" {
   runtime                        = "python3.12"
   source_code_hash               = data.archive_file.lambda_zip.output_base64sha256
   timeout                        = 60
-  reserved_concurrent_executions = 10
+  reserved_concurrent_executions = -1
 
   environment {
     variables = {
