aws_signer
AWS Signer is a fully managed code signing service to help you ensure the trust and integrity of your code.
AWS Signer supports the following applications:
With code signing for AWS Lambda, you can sign AWS Lambda deployment packages. Integrated support is provided for Amazon S3, Amazon CloudWatch, and AWS CloudTrail. In order to sign code, you create a signing profile and then use Signer to sign Lambda zip files in S3.
With code signing for IoT, you can sign code for any IoT device that is supported by AWS. IoT code signing is available for Amazon FreeRTOS and AWS IoT Device Management, and is integrated with AWS Certificate Manager (ACM). In order to sign code, you import a third-party code signing certificate using ACM, and use that to sign updates in Amazon FreeRTOS and AWS IoT Device Management.
For more information about AWS Signer, see the AWS Signer Developer Guide.Summary
Functions
-
add_profile_permission(Client, ProfileName, Input)
Adds cross-account permissions to a signing profile.
- add_profile_permission(Client, ProfileName, Input0, Options0)
-
cancel_signing_profile(Client, ProfileName, Input)
Changes the state of an
ACTIVE
signing profile toCANCELED
. - cancel_signing_profile(Client, ProfileName, Input0, Options0)
-
describe_signing_job(Client, JobId)
Returns information about a specific code signing job.
- describe_signing_job(Client, JobId, QueryMap, HeadersMap)
- describe_signing_job(Client, JobId, QueryMap, HeadersMap, Options0)
-
get_signing_platform(Client, PlatformId)
Returns information on a specific signing platform.
- get_signing_platform(Client, PlatformId, QueryMap, HeadersMap)
- get_signing_platform(Client, PlatformId, QueryMap, HeadersMap, Options0)
-
get_signing_profile(Client, ProfileName)
Returns information on a specific signing profile.
- get_signing_profile(Client, ProfileName, QueryMap, HeadersMap)
- get_signing_profile(Client, ProfileName, QueryMap, HeadersMap, Options0)
-
list_profile_permissions(Client, ProfileName)
Lists the cross-account permissions associated with a signing profile.
- list_profile_permissions(Client, ProfileName, QueryMap, HeadersMap)
- list_profile_permissions(Client, ProfileName, QueryMap, HeadersMap, Options0)
-
list_signing_jobs(Client)
Lists all your signing jobs.
- list_signing_jobs(Client, QueryMap, HeadersMap)
- list_signing_jobs(Client, QueryMap, HeadersMap, Options0)
-
list_signing_platforms(Client)
Lists all signing platforms available in code signing that match the request parameters.
- list_signing_platforms(Client, QueryMap, HeadersMap)
- list_signing_platforms(Client, QueryMap, HeadersMap, Options0)
-
list_signing_profiles(Client)
Lists all available signing profiles in your AWS account.
- list_signing_profiles(Client, QueryMap, HeadersMap)
- list_signing_profiles(Client, QueryMap, HeadersMap, Options0)
-
list_tags_for_resource(Client, ResourceArn)
Returns a list of the tags associated with a signing profile resource.
- list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap)
- list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap, Options0)
-
put_signing_profile(Client, ProfileName, Input)
Creates a signing profile.
- put_signing_profile(Client, ProfileName, Input0, Options0)
-
remove_profile_permission(Client, ProfileName, StatementId, Input)
Removes cross-account permissions from a signing profile.
- remove_profile_permission(Client, ProfileName, StatementId, Input0, Options0)
-
revoke_signature(Client, JobId, Input)
Changes the state of a signing job to REVOKED.
- revoke_signature(Client, JobId, Input0, Options0)
-
revoke_signing_profile(Client, ProfileName, Input)
Changes the state of a signing profile to REVOKED.
- revoke_signing_profile(Client, ProfileName, Input0, Options0)
-
start_signing_job(Client, Input)
Initiates a signing job to be performed on the code provided.
- start_signing_job(Client, Input0, Options0)
-
tag_resource(Client, ResourceArn, Input)
Adds one or more tags to a signing profile.
- tag_resource(Client, ResourceArn, Input0, Options0)
-
untag_resource(Client, ResourceArn, Input)
Removes one or more tags from a signing profile.
- untag_resource(Client, ResourceArn, Input0, Options0)
Functions
add_profile_permission(Client, ProfileName, Input)
Adds cross-account permissions to a signing profile.
add_profile_permission(Client, ProfileName, Input0, Options0)
cancel_signing_profile(Client, ProfileName, Input)
Changes the state of an ACTIVE
signing profile to CANCELED
.
ListSigningProfiles
operation, but it cannot perform new signing jobs, and is deleted two
years after cancelation.
cancel_signing_profile(Client, ProfileName, Input0, Options0)
describe_signing_job(Client, JobId)
Returns information about a specific code signing job.
You specify the job by using thejobId
value that is returned by the
StartSigningJob
operation.
describe_signing_job(Client, JobId, QueryMap, HeadersMap)
describe_signing_job(Client, JobId, QueryMap, HeadersMap, Options0)
get_signing_platform(Client, PlatformId)
Returns information on a specific signing platform.
get_signing_platform(Client, PlatformId, QueryMap, HeadersMap)
get_signing_platform(Client, PlatformId, QueryMap, HeadersMap, Options0)
get_signing_profile(Client, ProfileName)
Returns information on a specific signing profile.
get_signing_profile(Client, ProfileName, QueryMap, HeadersMap)
get_signing_profile(Client, ProfileName, QueryMap, HeadersMap, Options0)
list_profile_permissions(Client, ProfileName)
Lists the cross-account permissions associated with a signing profile.
list_profile_permissions(Client, ProfileName, QueryMap, HeadersMap)
list_profile_permissions(Client, ProfileName, QueryMap, HeadersMap, Options0)
list_signing_jobs(Client)
Lists all your signing jobs.
You can use themaxResults
parameter to limit the number of signing jobs
that are returned in the response. If additional jobs remain to be listed,
code signing returns a nextToken
value. Use this value in subsequent
calls to ListSigningJobs
to fetch the remaining values. You can continue
calling ListSigningJobs
with your maxResults
parameter and with new
values that code signing returns in the nextToken
parameter until all of
your signing jobs have been returned.
list_signing_jobs(Client, QueryMap, HeadersMap)
list_signing_jobs(Client, QueryMap, HeadersMap, Options0)
list_signing_platforms(Client)
Lists all signing platforms available in code signing that match the request parameters.
If additional jobs remain to be listed, code signing returns anextToken
value. Use this value in subsequent calls to ListSigningJobs
to fetch
the remaining values. You can continue calling ListSigningJobs
with your
maxResults
parameter and with new values that code signing returns in
the nextToken
parameter until all of your signing jobs have been
returned.
list_signing_platforms(Client, QueryMap, HeadersMap)
list_signing_platforms(Client, QueryMap, HeadersMap, Options0)
list_signing_profiles(Client)
Lists all available signing profiles in your AWS account.
Returns only profiles with anACTIVE
status unless the includeCanceled
request field is set to true
. If additional jobs remain to be listed,
code signing returns a nextToken
value. Use this value in subsequent
calls to ListSigningJobs
to fetch the remaining values. You can continue
calling ListSigningJobs
with your maxResults
parameter and with new
values that code signing returns in the nextToken
parameter until all of
your signing jobs have been returned.
list_signing_profiles(Client, QueryMap, HeadersMap)
list_signing_profiles(Client, QueryMap, HeadersMap, Options0)
list_tags_for_resource(Client, ResourceArn)
Returns a list of the tags associated with a signing profile resource.
list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap)
list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap, Options0)
put_signing_profile(Client, ProfileName, Input)
Creates a signing profile.
A signing profile is a code signing template that can be used to carry out a pre-defined signing job. For more information, see http://docs.aws.amazon.com/signer/latest/developerguide/gs-profile.htmlput_signing_profile(Client, ProfileName, Input0, Options0)
remove_profile_permission(Client, ProfileName, StatementId, Input)
Removes cross-account permissions from a signing profile.
remove_profile_permission(Client, ProfileName, StatementId, Input0, Options0)
revoke_signature(Client, JobId, Input)
Changes the state of a signing job to REVOKED.
This indicates that the signature is no longer valid.revoke_signature(Client, JobId, Input0, Options0)
revoke_signing_profile(Client, ProfileName, Input)
Changes the state of a signing profile to REVOKED.
This indicates that signatures generated using the signing profile after an effective start date are no longer valid.revoke_signing_profile(Client, ProfileName, Input0, Options0)
start_signing_job(Client, Input)
Initiates a signing job to be performed on the code provided.
Signing jobs are viewable by the ListSigningJobs
operation for two years
after they are performed. Note the following requirements:
You must create an Amazon S3 source bucket. For more information, see Create a Bucket in the Amazon S3 Getting Started Guide.
Your S3 source bucket must be version enabled.
You must create an S3 destination bucket. Code signing uses your S3 destination bucket to write your signed code.
You specify the name of the source and destination buckets when calling the
StartSigningJob
operation.You must also specify a request token that identifies your request to code signing.
You can call the DescribeSigningJob
and the
ListSigningJobs
actions after you call StartSigningJob
.
start_signing_job(Client, Input0, Options0)
tag_resource(Client, ResourceArn, Input)
Adds one or more tags to a signing profile.
Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a key and an optional value. To specify the signing profile, use its Amazon Resource Name (ARN). To specify the tag, use a key-value pair.tag_resource(Client, ResourceArn, Input0, Options0)
untag_resource(Client, ResourceArn, Input)
Removes one or more tags from a signing profile.
To remove the tags, specify a list of tag keys.