AWS Signer

Jan 1, 0001

Definition

AWS Signer is a managed service that facilitates the digital signing of code, ensuring its authenticity and integrity. It enables developers to sign software artifacts such as container images, AWS Lambda functions, and other code packages, providing a way to verify that the code has not been altered since it was signed. This service is crucial for maintaining trust in software supply chains and preventing the execution of unauthorized code.

Secure Settings Example

{
  "SigningProfileName": "MySecureProfile",
  "PlatformId": "AWSLambda-SHA384-ECDSA",
  "Overrides": {
    "SigningConfiguration": {
      "EncryptionAlgorithm": "ECDSA",
      "HashAlgorithm": "SHA384"
    }
  },
  "SignatureValidityPeriod": {
    "Value": 365,
    "Type": "DAYS"
  }
}

Insecure Settings Example

{
  "SigningProfileName": "MyInsecureProfile",
  "PlatformId": "AWSLambda-SHA1-RSA",
  "Overrides": {
    "SigningConfiguration": {
      "EncryptionAlgorithm": "RSA",
      "HashAlgorithm": "SHA1"
    }
  },
  "SignatureValidityPeriod": {
    "Value": 0,
    "Type": "DAYS"
  }
}

AWS Signer

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter