This pattern demonstrates creating an Amazon S3 Malware Protection plan and integrating the findings with Amazon EventBridge and Amazon SNS to notify users of the scan results.

The AWS SAM template creates an IAM role that includes permissions required for GuardDuty to receive S3 put object and bucket-level event notifications through an EventBridge managed rule. The template also creates an EventBridge managed rule, which is used to route S3 `put-object` and S3 bucket-level event notifications to GuardDuty's S3 Malware Protection Service.

Another EventBridge rule monitors the S3 object scan results and sends notifications to an SNS topic where users can subscribe via email.

This pattern deploys one S3 Bucket, one SNS topic, one SNS subscription, one IAM role, one EventBridge rule, and one Malware protection plan.