New serverless pattern - lambda-microvm-dta#3184
Open
riita10069 wants to merge 2 commits into
Open
Conversation
CI/CD dynamic threat analysis in AWS Lambda MicroVMs: a sandbox supervisor runs an untrusted target inside an isolated MicroVM and observes it from outside (process/filesystem/canary/strace/network collectors); a simple rule engine produces a deterministic CI verdict. Infra is Terraform (artifact bucket + least-privilege build/execution IAM roles using verified lambda:* actions); optional GitHub OIDC role and VPC egress are off by default. Benign, canary-only defaults; never classifies malware. MIT-0.
Author
|
@bfreiberg Hello, I'm Ryota I mention you as Rohan Mehta told me on Slack channel. |
ellisms
requested changes
Jun 26, 2026
ellisms
left a comment
ellisms
left a comment
Contributor
There was a problem hiding this comment.
Hi @riita10069 , thanks for the submission. Requesting a few minor changes. Note the jq error I encountered - it seems the command outputs more than just the JSON response.
|
|
||
| This pattern runs an **untrusted artifact** inside an isolated AWS Lambda MicroVM and decides whether to pass or fail a CI/CD pipeline based on **how the artifact actually behaves** — not on what it claims about itself. A sandbox supervisor launches the artifact and a set of collectors observe it from the outside; a small rule engine turns those observations into a deterministic verdict. | ||
|
|
||
| Learn more about this pattern at Serverless Land Patterns: << Add the live URL here >> |
Contributor
There was a problem hiding this comment.
Add the expected url: https://serverlessland.com/patterns/lambda-microvm-dta
| @@ -0,0 +1,26 @@ | |||
| # Lambda MicroVM application image. The MicroVM operating-system base image is | |||
| # selected separately by the Lambda MicroVMs create/update API via --base-image-arn. | |||
| # Lambda MicroVM application image. The MicroVM operating-system base image is | |||
Contributor
There was a problem hiding this comment.
Suggested change
| # Lambda MicroVM application image. The MicroVM operating-system base image is |
| # Lambda MicroVM application image. The MicroVM operating-system base image is | ||
| # selected separately by the Lambda MicroVMs create/update API via --base-image-arn. | ||
| # Lambda MicroVM application image. The MicroVM operating-system base image is | ||
| # selected separately by the Lambda MicroVMs create/update API via --base-image-arn. |
Contributor
There was a problem hiding this comment.
Suggested change
| # selected separately by the Lambda MicroVMs create/update API via --base-image-arn. |
|
|
||
| ```bash | ||
| # Start a MicroVM (lifecycle only) and capture its id | ||
| MVM=$(microvm-dta --region <REGION> run --confirm-sandbox-account \ |
Contributor
There was a problem hiding this comment.
This command fails on the jq step with:
jq: parse error: Invalid numeric literal at line 1, column 8
My MVM variable contains:
microvm state=PENDING
microvm state=RUNNING
{
"endpoint": "b8cf8297-f47b-b2d3-a852-b0d1bcea5af1.lambda-microvm.us-east-1.on.aws",
"microvmId": "microvm-ff660258-d884-3bfc-b379-035c4770a5cc"
}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
New serverless pattern:
lambda-microvm-dtaA CI/CD dynamic threat analysis (DTA) gate built on AWS Lambda MicroVMs. It runs an untrusted artifact inside an isolated MicroVM and decides pass/fail based on how the artifact behaves at runtime — not on what it claims about itself.
How it works
/proc), filesystem before/after diff, canary files/env vars, syscalls (strace -ff, ptrace/user-space), and network (/proc/net).clean/suspicious/policy_violation/unknown/error) and a machine-readablereport.json. There is nomalwareverdict — it is a CI gate, not a classifier.Design notes
DTA_ALLOW_AWS_MODE=trueand--confirm-sandbox-account).Contents
main.tf/variables.tf/outputs.tf/versions.tf/vpc_egress.tf— Terraform for the artifact S3 bucket and least-privilege build/execution IAM roles (optional GitHub OIDC role and VPC egress are off by default).src/microvm/— the in-MicroVM supervisor, collectors, and rule engine.src/orchestrator/— themicrovm-dtaCLI (package / build-image / run / start-analysis / fetch-results / dry-run / cleanup).src/examples/targets/— benign and behavior-demonstrating target configs.Testing performed
terraform apply→ build image → run MicroVM →start-analysis→fetch-results→ cleanup →terraform destroy. A benign target returnspassed/clean; a/bin/sh-spawning target is flaggedsuspicious(rule R004) oncestraceobserves theexecve.dry-run(no AWS account) for the full supervisor pipeline.By submitting this pull request, I confirm that my contribution is made under the terms of the MIT-0 license.