AWS.Signer — AWS SDK for JavaScript (original) (raw)

We recommend that you migrate to AWS SDK for JavaScript v3. For dates, additional details, and information on how to migrate, please refer to the linked announcement.

Class: AWS.Signer

Overview

Constructs a service interface object. Each API operation is exposed as a function on service.

Service Description

AWS Signer is a fully managed code-signing service to help you ensure the trust and integrity of your code.

Signer supports the following applications:

With code signing for AWS Lambda, you can sign AWS Lambda deployment packages. Integrated support is provided for Amazon S3, Amazon CloudWatch, and AWS CloudTrail. In order to sign code, you create a signing profile and then use Signer to sign Lambda zip files in S3.

With code signing for IoT, you can sign code for any IoT device that is supported by AWS. IoT code signing is available for Amazon FreeRTOS and AWS IoT Device Management, and is integrated with AWS Certificate Manager (ACM). In order to sign code, you import a third-party code-signing certificate using ACM, and use that to sign updates in Amazon FreeRTOS and AWS IoT Device Management.

With Signer and the Notation CLI from the Notary Project, you can sign container images stored in a container registry such as Amazon Elastic Container Registry (ECR). The signatures are stored in the registry alongside the images, where they are available for verifying image authenticity and integrity.

For more information about Signer, see the AWS Signer Developer Guide.

Sending a Request Using Signer

var signer = new AWS.Signer();
signer.addProfilePermission(params, function (err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

Locking the API Version

In order to ensure that the Signer object uses this specific API, you can construct the object by passing the apiVersion option to the constructor:

var signer = new AWS.Signer({apiVersion: '2017-08-25'});

You can also set the API version globally in AWS.config.apiVersions using the signer service identifier:

AWS.config.apiVersions = {
  signer: '2017-08-25',
  // other service API versions
};

var signer = new AWS.Signer();

Waiter Resource States

This service supports a list of resource states that can be polled using the waitFor() method. The resource states are:

successfulSigningJob

Constructor Summarycollapse

Property Summarycollapse

Properties inherited from AWS.Service

apiVersions

Method Summarycollapse

Methods inherited from AWS.Service

makeRequest, makeUnauthenticatedRequest, setupRequestListeners, defineService

Constructor Details

new AWS.Signer(options = {}) ⇒ Object

Constructs a service object. This object has one method for each API operation.

Property Details

endpointAWS.Endpoint

Returns an Endpoint object representing the endpoint URL for service requests.

Method Details

addProfilePermission(params = {}, callback) ⇒ AWS.Request

Adds cross-account permissions to a signing profile.

cancelSigningProfile(params = {}, callback) ⇒ AWS.Request

Changes the state of an ACTIVE signing profile to CANCELED. A canceled profile is still viewable with the ListSigningProfiles operation, but it cannot perform new signing jobs, and is deleted two years after cancelation.

describeSigningJob(params = {}, callback) ⇒ AWS.Request

Returns information about a specific code signing job. You specify the job by using the jobId value that is returned by the StartSigningJob operation.

getRevocationStatus(params = {}, callback) ⇒ AWS.Request

Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.

getSigningPlatform(params = {}, callback) ⇒ AWS.Request

Returns information on a specific signing platform.

getSigningProfile(params = {}, callback) ⇒ AWS.Request

Returns information on a specific signing profile.

listProfilePermissions(params = {}, callback) ⇒ AWS.Request

Lists the cross-account permissions associated with a signing profile.

listSigningJobs(params = {}, callback) ⇒ AWS.Request

Lists all your signing jobs. You can use the maxResults parameter to limit the number of signing jobs that are returned in the response. If additional jobs remain to be listed, AWS Signer returns a nextToken value. Use this value in subsequent calls to ListSigningJobs to fetch the remaining values. You can continue calling ListSigningJobs with your maxResults parameter and with new values that Signer returns in the nextToken parameter until all of your signing jobs have been returned.

listSigningPlatforms(params = {}, callback) ⇒ AWS.Request

Lists all signing platforms available in AWS Signer that match the request parameters. If additional jobs remain to be listed, Signer returns a nextToken value. Use this value in subsequent calls to ListSigningJobs to fetch the remaining values. You can continue calling ListSigningJobs with your maxResults parameter and with new values that Signer returns in the nextToken parameter until all of your signing jobs have been returned.

listSigningProfiles(params = {}, callback) ⇒ AWS.Request

Lists all available signing profiles in your AWS account. Returns only profiles with an ACTIVE status unless the includeCanceled request field is set to true. If additional jobs remain to be listed, AWS Signer returns a nextToken value. Use this value in subsequent calls to ListSigningJobs to fetch the remaining values. You can continue calling ListSigningJobs with your maxResults parameter and with new values that Signer returns in the nextToken parameter until all of your signing jobs have been returned.

listTagsForResource(params = {}, callback) ⇒ AWS.Request

Returns a list of the tags associated with a signing profile resource.

putSigningProfile(params = {}, callback) ⇒ AWS.Request

Creates a signing profile. A signing profile is a code-signing template that can be used to carry out a pre-defined signing job.

removeProfilePermission(params = {}, callback) ⇒ AWS.Request

Removes cross-account permissions from a signing profile.

revokeSignature(params = {}, callback) ⇒ AWS.Request

Changes the state of a signing job to REVOKED. This indicates that the signature is no longer valid.

revokeSigningProfile(params = {}, callback) ⇒ AWS.Request

Changes the state of a signing profile to REVOKED. This indicates that signatures generated using the signing profile after an effective start date are no longer valid.

signPayload(params = {}, callback) ⇒ AWS.Request

Signs a binary payload and returns a signature envelope.

startSigningJob(params = {}, callback) ⇒ AWS.Request

Initiates a signing job to be performed on the code provided. Signing jobs are viewable by the ListSigningJobs operation for two years after they are performed. Note the following requirements:

You can call the DescribeSigningJob and the ListSigningJobs actions after you call StartSigningJob.

For a Java example that shows how to use this action, see StartSigningJob.

tagResource(params = {}, callback) ⇒ AWS.Request

Adds one or more tags to a signing profile. Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a key and an optional value. To specify the signing profile, use its Amazon Resource Name (ARN). To specify the tag, use a key-value pair.

untagResource(params = {}, callback) ⇒ AWS.Request

Removes one or more tags from a signing profile. To remove the tags, specify a list of tag keys.

waitFor(state, params = {}, callback) ⇒ AWS.Request

Waits for a given Signer resource. The final callback or'complete' event will be fired only when the resource is either in its final state or the waiter has timed out and stopped polling for the final state.

Waiter Resource Details

signer.waitFor('successfulSigningJob', params = {}, [callback]) ⇒ AWS.Request

Waits for the successfulSigningJob state by periodically calling the underlyingSigner.describeSigningJob() operation every 20 seconds (at most 25 times).