AWS Lambda code signing is the practice of digitally signing source code packages for functions and layers. The goal of code signing is to ensure that only trusted code runs in your AWS Lambda functions.
AWS Signer is a fully-managed code-signing service that can be used to verify the integrity of your AWS Lambda code. Before your code is deployed, AWS Lambda will perform a series of validation checks which will determine whether to accept or reject the deployment package.
In this lab, you will work in the AWS console to configure code signing for an AWS Lambda function using AWS Signer. This lab also covers the signature validation process in detail, including the validation checks and policies that can be applied to your code signing configurations.
Learning Objectives
Upon completion of this intermediate-level lab, you will be able to:
- Prepare an Amazon S3 bucket to store signed assets
- Create an AWS Signer signing profile
- Configure an AWS Lambda function code signing configuration
- Initiate a signing job in AWS Signer
Intended Audience
- Cloud Architects
- DevOps Engineers
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- Amazon Simple Storage Service (S3)
- AWS Lambda
The following content can be used to fulfill the prerequisite:
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.