AWS::Lambda::CodeSigningConfig CodeSigningPolicies - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::Lambda::CodeSigningConfig CodeSigningPolicies

Code signing configuration policies specify the validation failure action for signature mismatch or expiry.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "UntrustedArtifactOnDeployment" : String
}

Properties

UntrustedArtifactOnDeployment

Code signing configuration policy for deployment validation failure. If you set the policy to Enforce, Lambda blocks the deployment request if signature validation checks fail. If you set the policy to Warn, Lambda allows the deployment and issues a new Amazon CloudWatch metric (SignatureValidationErrors) and also stores the warning in the CloudTrail log.

Default value: Warn

Required: Yes

Type: String

Allowed values: Warn | Enforce

Update requires: No interruption