Event-Based Real-Time Cloud Functions Examples

Before configuring any specific cloud provider, make sure the following environment variables are securely configured and accessible to your cloud function:

APIENDPOINT - the full URL of your MDSS real-time webhook endpoint (for example, http(s)://{mdss_base_url}/api/webhook/realtime).

APIKEY - the API key required for authentication with the MDSS webhook endpoint.

STORAGECLIENTID - the unique identifier for the specific Storage Client configuration within MDSS that corresponds to the monitored storage bucket/container.

Refer to the MDSS Event-based handling documentation for detailed information on obtaining and using these variables.

Amazon S3 Lambda Function Setup

This setup uses AWS Lambda to react to S3 object creation events.

Setup steps:

  1. Create an AWS Lambda Function:

    1. Follow the official AWS documentation to create a new Lambda function: https://aws.amazon.com/getting-started/hands-on/run-serverless-code/ and choose Python as the runtime.
  2. Configure the S3 Trigger:

    1. In the lambda function configuration, add an S3 trigger.
    2. Select the S3 bucket you want to monitor.
    3. Set the "Event type" or "All object create events" (or a similar option like s3:ObjectCreated:*). This ensures the function only triggers for newly added or overwritten files
  3. Deploy the Function Code - use the Python code example below as your Lambda function handler.

  4. Configure Environment Variables - in the lambda function's configuration settings (Under "Environment variables") add APIENDPOINT, APIKEY, and STORAGECLIENTID with their respective values.

Python
Copy

Azure Blob Function app setup

This setup uses Azure Functions triggered by new blobs in Azure Blob Storage. The example focuses on deployment via Terraform.

Setup using Terraform:

  1. Get the Terraform Script: Clone or download the script from the OPSWAT repository: https://github.com/OPSWAT/metadefender-k8s/tree/main/terraform/azure-function-docker
  2. Configure variables in the .tvars file: Create a terraform.tfvars file (or similar) and define the required variables for MDSS: APIENDPOINT, APIKEY, and STORAGECLIENTID.
  3. Deploy: Run terraform init, terraform plan, and terraform apply from the directory containing the script and your .tfvars file - this will provision the Azure Function App, configure the trigger, and set the MDSS environment variables.
Python
Copy

Azure Blob Event Grid RTP Configuration (Alternative/Advanced)

Event Notifications via Event Grid for Page Blobs and Append Blobs are not reliably supported for detecting upload completion. Events might trigger on the first block commit, which can happen before the entire blob upload is finished.

Stick to Block Blobs if using Event Grid for this purpose.

Google Cloud Storage & Google Cloud Functions

This setup uses Google Cloud Functions (Gen 2 recommended) triggered by Cloud Storage events.

Setup Steps:

  1. Create a Cloud Function (Gen 2): Use the Google Cloud Console or gcloud CLI to create a new Cloud Function (Generation 2).

  2. Configure the Trigger

    • Set the "Trigger type" to "Cloud Storage".
    • Set the "Event type" to google.cloud.storage.object.v1.finalizedtrigger . This event fires only after an object has been successfully created or replaced in the bucket.
    • Select the Cloud Storage bucket to monitor.
  3. Deploy the Function Code - use the Python code example below. Ensure functions-framework is listed in your requirements.txt.

  4. Configure Environment Variables: During deployment (via Console UI or gcloud deploy command), set the APIENDPOINT, APIKEY, and STORAGECLIENTID environment variables.

Python
Copy

Alibaba Cloud Object Storage Service (OSS) & Function Compute

This setup uses Alibaba Cloud Function Compute triggered by OSS events.

  1. Create a Function Compute Function: Follow the official Alibaba Cloud documentation to create a compute function: https://www.alibabacloud.com/help/en/function-compute/latest/configure-an-oss-trigger . Choose a Python runtime.

  2. Configure the OSS Trigger:

    1. Specify the OSS bucket you wish to monitor.
    2. Subscribe to the oss:ObjectCreated:* event type to trigger the function for all object creation events
    3. Specify the bucket to monitor and subscribe toPython Function Example:
  3. Deploy the Function Code - use the Python example below as your function handler.

  4. Configure Environment Variables: In the Function Compute service configuration, define the APIENDPOINT, APIKEY, and STORAGECLIENTID environment variables for your function.

Python
Copy

Wasabi Cloud Storage Function Setup

Wasabi uses an S3-compatible API but often requires integrating with another service (like AWS SNS/Lambda) for compute capabilities.

Setup Steps:

  1. Configure Event Notifications in Wasabi: Follow the official Wasabi documentation to set up bucket event notifications: https://docs.wasabi.com/v1/docs/event-notifications-bucket

  2. Choose a Target Service: Configure Wasabi notifications to send events to a service capable of making HTTP POST requests. A common pattern is to send notifications to:

  3. Process Notifications:

    • If using AWS SNS, configure it to trigger an AWS Lambda function (similar to the AWS S3 setup described in Section 1).
    • The Lambda function will receive the event notification (originally from Wasabi, forwarded by SNS), extract the relevant object information, and send the request to the MDSS APIENDPOINT.
  4. Configure Lambda - make sure the Lambda function has the necessary code (adapt the AWS S3 example, checking the event structure from SNS) and the APIENDPOINT, APIKEY, STORAGECLIENTID environment variables set. The event payload structure might differ slightly when coming via SNS compared to a direct S3 trigger.

Other S3-Compatible function setup

Many other storage services offer S3-compatible APIs and event notification mechanisms (e.g., MinIO, Ceph RGW).

General Configuration Approach

  1. Enable Event Notifications - consult your specific S3-compatible service's documentation to enable event notifications for object creation (similar to s3:ObjectCreated:*).

  2. Set Up a Target/Webhook - configure the notifications to be sent to a target service. This might be:

    • A webhook endpoint (if the service supports direct HTTP/S POST for notifications).
    • A message queue (like Kafka, RabbitMQ, NATS).
    • A specific function-as-a-service platform integrated with the storage.
  3. Implement the Processing Logic - create a function, service, or script that:

    • Receives the event notification.
    • Parses the event data to extract the object path/key
    • Constructs the required JSON payload (see below)
    • Sends an HTTP POST request to your MDSS APIENDPOINT
  4. Configure Environment Variables - make sure APIENDPOINT, APIKEY, and STORAGECLIENTID are accessible to your processing logic.

Required MDSS Webhook Request

Your processing logic must send an HTTP POST request to: http(s)://{your_mdss_host}/api/webhook/realtime

With headers:

  • ApiKey: {your_mdss_api_key}
  • Content-Type: application/json

And a JSON body structured like this:

JSON
Copy
  • Replace YOUR_MDSS_STORAGE_CLIENT_ID with the value from your environment variable
  • Replace YOUR_OBJECT_PATH/KEY with the actual key/path of the created object, extracted from the event notification
  • The value of the "metadata" field must be a JSON string , not a nested JSON object. The example shows the simplest required structure. You might include more S3-like metadata within the stringified JSON if needed, matching the structure MDSS expects (often based on the AWS S3 event structure). Check MDSS documentation for precise metadata requirements if defaults are insufficient.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard