interface CodeSigningPoliciesProperty

Language	Type name
.NET	Amazon.CDK.AWS.Lambda.CfnCodeSigningConfig.CodeSigningPoliciesProperty
Go	github.com/aws/aws-cdk-go/awscdk/v2/awslambda#CfnCodeSigningConfig_CodeSigningPoliciesProperty
Java	software.amazon.awscdk.services.lambda.CfnCodeSigningConfig.CodeSigningPoliciesProperty
Python	aws_cdk.aws_lambda.CfnCodeSigningConfig.CodeSigningPoliciesProperty
TypeScript	aws-cdk-lib » aws_lambda » CfnCodeSigningConfig » CodeSigningPoliciesProperty

Code signing configuration policies specify the validation failure action for signature mismatch or expiry.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_lambda as lambda } from 'aws-cdk-lib';
const codeSigningPoliciesProperty: lambda.CfnCodeSigningConfig.CodeSigningPoliciesProperty = {
  untrustedArtifactOnDeployment: 'untrustedArtifactOnDeployment',
};

Properties

Name	Type	Description
untrustedArtifactOnDeployment	string	Code signing configuration policy for deployment validation failure.

---

untrustedArtifactOnDeployment

Type: string

Code signing configuration policy for deployment validation failure.

If you set the policy to Enforce , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to Warn , Lambda allows the deployment and issues a new Amazon CloudWatch metric ( SignatureValidationErrors ) and also stores the warning in the CloudTrail log.

Default value: Warn

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html#cfn-lambda-codesigningconfig-codesigningpolicies-untrustedartifactondeployment