AWS::Lambda::CodeSigningConfig CodeSigningPolicies

Code signing configuration policies specify the validation failure action for signature mismatch or expiry.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON


{
  "UntrustedArtifactOnDeployment" : String
}

YAML


  UntrustedArtifactOnDeployment: String

Properties

UntrustedArtifactOnDeployment

Code signing configuration policy for deployment validation failure. If you set the policy to Enforce, Lambda blocks the deployment request if signature validation checks fail. If you set the policy to Warn, Lambda allows the deployment and issues a new Amazon CloudWatch metric (SignatureValidationErrors) and also stores the warning in the CloudTrail log.

Default value: Warn

Required: Yes

Type: String

Allowed values: Warn | Enforce

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AllowedPublishers

Tag