feat: add scan filters & update doc

src/index.ts

@@ -55,15 +55,15 @@ export interface ServerlessClamscanLoggingProps {
 /**
  * Interface for bucket with notification filters. Used to configure a bucket with key filters.
  */
-export interface FilteredClamscanBucket {
-  bucket: IBucket;
-  keyFilters: NotificationKeyFilter[];
+export interface IFilteredClamscanBucket {
+  readonly bucket: IBucket;
+  readonly keyFilters: NotificationKeyFilter[];
 }
 
 /**
  * Union type. Can be use as AWS Bucket or Bucket with key filters.
  */
-export type ServerlessClamscanBucket = IBucket | FilteredClamscanBucket;
+export type ServerlessClamscanBucket = IBucket | IFilteredClamscanBucket;
 /**
  * Interface for creating a ServerlessClamscan.
  */
@@ -584,11 +584,20 @@ export class ServerlessClamscan extends Construct {
    * @param bucket The bucket to add the scanning bucket policy and s3:ObjectCreate* trigger to.
    */
   addSourceBucket(bucket: IBucket, ...keyFilters: NotificationKeyFilter[]): void {
-    bucket.addEventNotification(
-      EventType.OBJECT_CREATED,
-      new LambdaDestination(this._scanFunction),
-      ...keyFilters,
-    );
+    if (keyFilters?.length) {
+      keyFilters.map((keyFilter) => {
+        bucket.addEventNotification(
+          EventType.OBJECT_CREATED,
+          new LambdaDestination(this._scanFunction),
+          keyFilter,
+        );
+      });
+    } else {
+      bucket.addEventNotification(
+        EventType.OBJECT_CREATED,
+        new LambdaDestination(this._scanFunction),
+      );
+    }
 
     bucket.grantRead(this._scanFunction);
     this._scanFunction.addToRolePolicy(

test/ServerlessClamscan.test.ts

@@ -10,8 +10,6 @@ import { Bucket, NotificationKeyFilter } from 'aws-cdk-lib/aws-s3';
 import { Queue } from 'aws-cdk-lib/aws-sqs';
 import { ServerlessClamscan, ServerlessClamscanBucket } from '../src';
 import '@aws-cdk/assert/jest';
-import { Template } from 'aws-cdk-lib/assertions';
-
 
 test('expect default EventBridge Lambda destination and Event Rules for onSuccess and SQS Destination for onDelete', () => {
   const stack = new Stack();
@@ -1009,25 +1007,6 @@ test('should handle FilteredClamscanBucket correctly', () => {
   const filteredBucket: ServerlessClamscanBucket = { bucket, keyFilters };
   new ServerlessClamscan(stack, 'default', { buckets: [filteredBucket] });
 
-  const template = Template.fromStack(stack);
-  console.log(JSON.stringify(template.toJSON(), null, 2));
-// Check for the S3 bucket notification configuration
-// template.hasResourceProperties('AWS::S3::Bucket', {
-//   NotificationConfiguration: {
-//     LambdaConfigurations: [
-//       {
-//         Event: 's3:ObjectCreated:*',
-//         Filter: {
-//           S3Key: {
-//             Rules: [
-//               { Name: 'prefix', Value: 'sample/' },
-//             ],
-//           },
-//         },
-//       },
-//     ],
-//   },
-// });
   expect(stack).toHaveResource('AWS::Lambda::Permission', {
     Action: 'lambda:InvokeFunction',
     FunctionName: {