Lambda / Client / create_code_signing_config
create_code_signing_config#
- Lambda.Client.create_code_signing_config(**kwargs)#
Creates a code signing configuration. A code signing configuration defines a list of allowed signing profiles and defines the code-signing validation policy (action to be taken if deployment validation checks fail).
See also: AWS API Documentation
Request Syntax
response = client.create_code_signing_config( Description='string', AllowedPublishers={ 'SigningProfileVersionArns': [ 'string', ] }, CodeSigningPolicies={ 'UntrustedArtifactOnDeployment': 'Warn'|'Enforce' }, Tags={ 'string': 'string' } )
- Parameters:
Description (string) – Descriptive name for this code signing configuration.
AllowedPublishers (dict) –
[REQUIRED]
Signing profiles for this code signing configuration.
SigningProfileVersionArns (list) – [REQUIRED]
The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.
(string) –
CodeSigningPolicies (dict) –
The code signing policies define the actions to take if the validation checks fail.
UntrustedArtifactOnDeployment (string) –
Code signing configuration policy for deployment validation failure. If you set the policy to
Enforce
, Lambda blocks the deployment request if signature validation checks fail. If you set the policy toWarn
, Lambda allows the deployment and creates a CloudWatch log.Default value:
Warn
Tags (dict) –
A list of tags to add to the code signing configuration.
(string) –
(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'CodeSigningConfig': { 'CodeSigningConfigId': 'string', 'CodeSigningConfigArn': 'string', 'Description': 'string', 'AllowedPublishers': { 'SigningProfileVersionArns': [ 'string', ] }, 'CodeSigningPolicies': { 'UntrustedArtifactOnDeployment': 'Warn'|'Enforce' }, 'LastModified': 'string' } }
Response Structure
(dict) –
CodeSigningConfig (dict) –
The code signing configuration.
CodeSigningConfigId (string) –
Unique identifer for the Code signing configuration.
CodeSigningConfigArn (string) –
The Amazon Resource Name (ARN) of the Code signing configuration.
Description (string) –
Code signing configuration description.
AllowedPublishers (dict) –
List of allowed publishers.
SigningProfileVersionArns (list) –
The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.
(string) –
CodeSigningPolicies (dict) –
The code signing policy controls the validation failure action for signature mismatch or expiry.
UntrustedArtifactOnDeployment (string) –
Code signing configuration policy for deployment validation failure. If you set the policy to
Enforce
, Lambda blocks the deployment request if signature validation checks fail. If you set the policy toWarn
, Lambda allows the deployment and creates a CloudWatch log.Default value:
Warn
LastModified (string) –
The date and time that the Code signing configuration was last modified, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).
Exceptions