# Actions The following actions are supported: + [AddProfilePermission](API_AddProfilePermission.md) + [CancelSigningProfile](API_CancelSigningProfile.md) + [DescribeSigningJob](API_DescribeSigningJob.md) + [GetRevocationStatus](API_GetRevocationStatus.md) + [GetSigningPlatform](API_GetSigningPlatform.md) + [GetSigningProfile](API_GetSigningProfile.md) + [ListProfilePermissions](API_ListProfilePermissions.md) + [ListSigningJobs](API_ListSigningJobs.md) + [ListSigningPlatforms](API_ListSigningPlatforms.md) + [ListSigningProfiles](API_ListSigningProfiles.md) + [ListTagsForResource](API_ListTagsForResource.md) + [PutSigningProfile](API_PutSigningProfile.md) + [RemoveProfilePermission](API_RemoveProfilePermission.md) + [RevokeSignature](API_RevokeSignature.md) + [RevokeSigningProfile](API_RevokeSigningProfile.md) + [SignPayload](API_SignPayload.md) + [StartSigningJob](API_StartSigningJob.md) + [TagResource](API_TagResource.md) + [UntagResource](API_UntagResource.md) # AddProfilePermission Adds cross-account permissions to a signing profile. ## Request Syntax ``` POST /signing-profiles/profileName/permissions HTTP/1.1 Content-type: application/json { "action": "string", "principal": "string", "profileVersion": "string", "revisionId": "string", "statementId": "string" } ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_AddProfilePermission_RequestSyntax) ** The human-readable name of the signing profile. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ## Request Body The request accepts the following data in JSON format. ** [action](#API_AddProfilePermission_RequestSyntax) ** For cross-account signing. Grant a designated account permission to perform one or more of the following actions. Each action is associated with a specific API's operations. For more information about cross-account signing, see [Using cross-account signing with signing profiles](https://docs.aws.amazon.com/signer/latest/developerguide/signing-profile-cross-account.html) in the *AWS Signer Developer Guide*. You can designate the following actions to an account. + `signer:StartSigningJob`. This action isn't supported for container image workflows. For details, see [StartSigningJob](API_StartSigningJob.md). + `signer:SignPayload`. This action isn't supported for AWS Lambda workflows. For details, see [SignPayload](API_SignPayload.md) + `signer:GetSigningProfile`. For details, see [GetSigningProfile](API_GetSigningProfile.md). + `signer:RevokeSignature`. For details, see [RevokeSignature](API_RevokeSignature.md). Type: String Required: Yes ** [principal](#API_AddProfilePermission_RequestSyntax) ** The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID. Type: String Required: Yes ** [profileVersion](#API_AddProfilePermission_RequestSyntax) ** The version of the signing profile. Type: String Length Constraints: Fixed length of 10. Pattern: `^[a-zA-Z0-9]{10}$` Required: No ** [revisionId](#API_AddProfilePermission_RequestSyntax) ** A unique identifier for the current profile revision. Type: String Required: No ** [statementId](#API_AddProfilePermission_RequestSyntax) ** A unique identifier for the cross-account permission statement. Type: String Required: Yes ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "revisionId": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [revisionId](#API_AddProfilePermission_ResponseSyntax) ** A unique identifier for the current profile revision. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** ConflictException ** The resource encountered a conflicting state. HTTP Status Code: 409 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** ServiceLimitExceededException ** The client is making a request that exceeds service limits. HTTP Status Code: 402 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/AddProfilePermission) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/AddProfilePermission) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/AddProfilePermission) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/AddProfilePermission) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/AddProfilePermission) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/AddProfilePermission) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/AddProfilePermission) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/AddProfilePermission) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/AddProfilePermission) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/AddProfilePermission) # CancelSigningProfile Changes the state of an `ACTIVE` signing profile to `CANCELED`. A canceled profile is still viewable with the `ListSigningProfiles` operation, but it cannot perform new signing jobs, and is deleted two years after cancelation. ## Request Syntax ``` DELETE /signing-profiles/profileName HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_CancelSigningProfile_RequestSyntax) ** The name of the signing profile to be canceled. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/CancelSigningProfile) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/CancelSigningProfile) # DescribeSigningJob Returns information about a specific code signing job. You specify the job by using the `jobId` value that is returned by the [StartSigningJob](API_StartSigningJob.md) operation. ## Request Syntax ``` GET /signing-jobs/jobId HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [jobId](#API_DescribeSigningJob_RequestSyntax) ** The ID of the signing job on input. Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "completedAt": number, "createdAt": number, "jobId": "string", "jobInvoker": "string", "jobOwner": "string", "overrides": { "signingConfiguration": { "encryptionAlgorithm": "string", "hashAlgorithm": "string" }, "signingImageFormat": "string" }, "platformDisplayName": "string", "platformId": "string", "profileName": "string", "profileVersion": "string", "requestedBy": "string", "revocationRecord": { "reason": "string", "revokedAt": number, "revokedBy": "string" }, "signatureExpiresAt": number, "signedObject": { "s3": { "bucketName": "string", "key": "string" } }, "signingMaterial": { "certificateArn": "string" }, "signingParameters": { "string" : "string" }, "source": { "s3": { "bucketName": "string", "key": "string", "version": "string" } }, "status": "string", "statusReason": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [completedAt](#API_DescribeSigningJob_ResponseSyntax) ** Date and time that the signing job was completed. Type: Timestamp ** [createdAt](#API_DescribeSigningJob_ResponseSyntax) ** Date and time that the signing job was created. Type: Timestamp ** [jobId](#API_DescribeSigningJob_ResponseSyntax) ** The ID of the signing job on output. Type: String ** [jobInvoker](#API_DescribeSigningJob_ResponseSyntax) ** The IAM entity that initiated the signing job. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ** [jobOwner](#API_DescribeSigningJob_ResponseSyntax) ** The AWS account ID of the job owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ** [overrides](#API_DescribeSigningJob_ResponseSyntax) ** A list of any overrides that were applied to the signing operation. Type: [SigningPlatformOverrides](API_SigningPlatformOverrides.md) object ** [platformDisplayName](#API_DescribeSigningJob_ResponseSyntax) ** A human-readable name for the signing platform associated with the signing job. Type: String ** [platformId](#API_DescribeSigningJob_ResponseSyntax) ** The microcontroller platform to which your signed code image will be distributed. Type: String ** [profileName](#API_DescribeSigningJob_ResponseSyntax) ** The name of the profile that initiated the signing operation. Type: String Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` ** [profileVersion](#API_DescribeSigningJob_ResponseSyntax) ** The version of the signing profile used to initiate the signing job. Type: String Length Constraints: Fixed length of 10. Pattern: `^[a-zA-Z0-9]{10}$` ** [requestedBy](#API_DescribeSigningJob_ResponseSyntax) ** The IAM principal that requested the signing job. Type: String ** [revocationRecord](#API_DescribeSigningJob_ResponseSyntax) ** A revocation record if the signature generated by the signing job has been revoked. Contains a timestamp and the ID of the IAM entity that revoked the signature. Type: [SigningJobRevocationRecord](API_SigningJobRevocationRecord.md) object ** [signatureExpiresAt](#API_DescribeSigningJob_ResponseSyntax) ** Thr expiration timestamp for the signature generated by the signing job. Type: Timestamp ** [signedObject](#API_DescribeSigningJob_ResponseSyntax) ** Name of the S3 bucket where the signed code image is saved by AWS Signer. Type: [SignedObject](API_SignedObject.md) object ** [signingMaterial](#API_DescribeSigningJob_ResponseSyntax) ** The Amazon Resource Name (ARN) of your code signing certificate. Type: [SigningMaterial](API_SigningMaterial.md) object ** [signingParameters](#API_DescribeSigningJob_ResponseSyntax) ** Map of user-assigned key-value pairs used during signing. These values contain any information that you specified for use in your signing job. Type: String to string map ** [source](#API_DescribeSigningJob_ResponseSyntax) ** The object that contains the name of your S3 bucket or your raw code. Type: [Source](API_Source.md) object ** [status](#API_DescribeSigningJob_ResponseSyntax) ** Status of the signing job. Type: String Valid Values: `InProgress | Failed | Succeeded` ** [statusReason](#API_DescribeSigningJob_ResponseSyntax) ** String value that contains the status reason. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## Examples ### Describe a signing job This example illustrates one usage of DescribeSigningJob. #### Sample Request ``` GET /Prod/signing-jobs/9052caa6-1d8d-43b5-9ead-0cb8621c8c74 HTTP/1.1 Host: signer.us-east-1.amazonaws.com Accept-Encoding: identity Authorization: AWS4-HMAC-SHA256 Credential=access_key/us-east-1/signer/aws4_request, SignedHeaders=host;x-amz-date, Signature=93e24ab743082913abfb466a13b2f65a7f3eec9893aa2dcbdc91d160b3d7ff67 X-Amz-Date: 20171115T165923Z User-Agent: aws-cli/1.11.132 Python/2.7.9 Windows/8 botocore/1.5.95 ``` #### Sample Response ``` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 631 Date: Wed, 15 Nov 2017 16:59:31 GMT x-amzn-RequestId: 5946a79a-ca26-11e7-ae27-cda958f39b26 X-Amzn-Trace-Id: sampled=0;root=1-5a0c7273-fd33420b90425c1dc4b94bcc X-Cache: Miss from cloudfront Via: 1.1 ce270f4a88edde7438864bc44406e83a.cloudfront.net (CloudFront) X-Amz-Cf-Id: hAkstXf07ycoa3HgI2MebhYgvyZ39K7zn2Z9mpqxsRlPjPphgaHZUQ== Connection: Keep-alive { "jobId": "9052caa6-1d8d-43b5-9ead-0cb8621c8c74", "source": { "s3": { "bucketName": "signer-test-source", "key": "my-example-code.java", "version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR" } }, "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca" }, "platform": "TexasInstruments", "signingParameters": null, "createdAt": 1510695622, "completedAt": 1510695623, "requestedBy": "arn:aws:iam::123456789012:root", "status": "Succeeded", "statusReason": "Signing success", "signedObject": { "s3": { "bucketName": "signer-test-dest", "key": "9052caa6-1d8d-43b5-9ead-0cb8621c8c74" } } } ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/DescribeSigningJob) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/DescribeSigningJob) # GetRevocationStatus Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate. ## Request Syntax ``` GET /revocations?certificateHashes=certificateHashes&jobArn=jobArn&platformId=platformId&profileVersionArn=profileVersionArn&signatureTimestamp=signatureTimestamp HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [certificateHashes](#API_GetRevocationStatus_RequestSyntax) ** A list of composite signed hashes that identify certificates. A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA. The following example shows how to calculate a hash for this parameter using OpenSSL commands: `openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs` `openssl sha384 < childCert.tbs -binary > childCertTbsHash` `openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs` `openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex` `cat certificateHash.hex | tr -d '\n'` Required: Yes ** [jobArn](#API_GetRevocationStatus_RequestSyntax) ** The ARN of a signing job. Length Constraints: Minimum length of 20. Maximum length of 2048. Required: Yes ** [platformId](#API_GetRevocationStatus_RequestSyntax) ** The ID of a signing platform. Required: Yes ** [profileVersionArn](#API_GetRevocationStatus_RequestSyntax) ** The version of a signing profile. Length Constraints: Minimum length of 20. Maximum length of 2048. Required: Yes ** [signatureTimestamp](#API_GetRevocationStatus_RequestSyntax) ** The timestamp of the signature that validates the profile or job. Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "revokedEntities": [ "string" ] } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [revokedEntities](#API_GetRevocationStatus_ResponseSyntax) ** A list of revoked entities (including zero or more of the signing profile ARN, signing job ARN, and certificate hashes) supplied as input to the API. Type: Array of strings ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/GetRevocationStatus) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/GetRevocationStatus) # GetSigningPlatform Returns information on a specific signing platform. ## Request Syntax ``` GET /signing-platforms/platformId HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [platformId](#API_GetSigningPlatform_RequestSyntax) ** The ID of the target signing platform. Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "category": "string", "displayName": "string", "maxSizeInMB": number, "partner": "string", "platformId": "string", "revocationSupported": boolean, "signingConfiguration": { "encryptionAlgorithmOptions": { "allowedValues": [ "string" ], "defaultValue": "string" }, "hashAlgorithmOptions": { "allowedValues": [ "string" ], "defaultValue": "string" } }, "signingImageFormat": { "defaultFormat": "string", "supportedFormats": [ "string" ] }, "target": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [category](#API_GetSigningPlatform_ResponseSyntax) ** The category type of the target signing platform. Type: String Valid Values: `AWSIoT` ** [displayName](#API_GetSigningPlatform_ResponseSyntax) ** The display name of the target signing platform. Type: String ** [maxSizeInMB](#API_GetSigningPlatform_ResponseSyntax) ** The maximum size (in MB) of the payload that can be signed by the target platform. Type: Integer ** [partner](#API_GetSigningPlatform_ResponseSyntax) ** A list of partner entities that use the target signing platform. Type: String ** [platformId](#API_GetSigningPlatform_ResponseSyntax) ** The ID of the target signing platform. Type: String ** [revocationSupported](#API_GetSigningPlatform_ResponseSyntax) ** A flag indicating whether signatures generated for the signing platform can be revoked. Type: Boolean ** [signingConfiguration](#API_GetSigningPlatform_ResponseSyntax) ** A list of configurations applied to the target platform at signing. Type: [SigningConfiguration](API_SigningConfiguration.md) object ** [signingImageFormat](#API_GetSigningPlatform_ResponseSyntax) ** The format of the target platform's signing image. Type: [SigningImageFormat](API_SigningImageFormat.md) object ** [target](#API_GetSigningPlatform_ResponseSyntax) ** The validation template that is used by the target signing platform. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/GetSigningPlatform) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/GetSigningPlatform) # GetSigningProfile Returns information on a specific signing profile. ## Request Syntax ``` GET /signing-profiles/profileName?profileOwner=profileOwner HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_GetSigningProfile_RequestSyntax) ** The name of the target signing profile. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ** [profileOwner](#API_GetSigningProfile_RequestSyntax) ** The AWS account ID of the profile owner. Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "arn": "string", "overrides": { "signingConfiguration": { "encryptionAlgorithm": "string", "hashAlgorithm": "string" }, "signingImageFormat": "string" }, "platformDisplayName": "string", "platformId": "string", "profileName": "string", "profileVersion": "string", "profileVersionArn": "string", "revocationRecord": { "revocationEffectiveFrom": number, "revokedAt": number, "revokedBy": "string" }, "signatureValidityPeriod": { "type": "string", "value": number }, "signingMaterial": { "certificateArn": "string" }, "signingParameters": { "string" : "string" }, "status": "string", "statusReason": "string", "tags": { "string" : "string" } } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [arn](#API_GetSigningProfile_ResponseSyntax) ** The Amazon Resource Name (ARN) for the signing profile. Type: String ** [overrides](#API_GetSigningProfile_ResponseSyntax) ** A list of overrides applied by the target signing profile for signing operations. Type: [SigningPlatformOverrides](API_SigningPlatformOverrides.md) object ** [platformDisplayName](#API_GetSigningProfile_ResponseSyntax) ** A human-readable name for the signing platform associated with the signing profile. Type: String ** [platformId](#API_GetSigningProfile_ResponseSyntax) ** The ID of the platform that is used by the target signing profile. Type: String ** [profileName](#API_GetSigningProfile_ResponseSyntax) ** The name of the target signing profile. Type: String Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` ** [profileVersion](#API_GetSigningProfile_ResponseSyntax) ** The current version of the signing profile. Type: String Length Constraints: Fixed length of 10. Pattern: `^[a-zA-Z0-9]{10}$` ** [profileVersionArn](#API_GetSigningProfile_ResponseSyntax) ** The signing profile ARN, including the profile version. Type: String Length Constraints: Minimum length of 20. Maximum length of 2048. ** [revocationRecord](#API_GetSigningProfile_ResponseSyntax) ** Revocation information for a signing profile. Type: [SigningProfileRevocationRecord](API_SigningProfileRevocationRecord.md) object ** [signatureValidityPeriod](#API_GetSigningProfile_ResponseSyntax) ** The validity period for a signing job. Type: [SignatureValidityPeriod](API_SignatureValidityPeriod.md) object ** [signingMaterial](#API_GetSigningProfile_ResponseSyntax) ** The ARN of the certificate that the target profile uses for signing operations. Type: [SigningMaterial](API_SigningMaterial.md) object ** [signingParameters](#API_GetSigningProfile_ResponseSyntax) ** A map of key-value pairs for signing operations that is attached to the target signing profile. Type: String to string map ** [status](#API_GetSigningProfile_ResponseSyntax) ** The status of the target signing profile. Type: String Valid Values: `Active | Canceled | Revoked` ** [statusReason](#API_GetSigningProfile_ResponseSyntax) ** Reason for the status of the target signing profile. Type: String ** [tags](#API_GetSigningProfile_ResponseSyntax) ** A list of tags associated with the signing profile. Type: String to string map Map Entries: Maximum number of 200 items. Key Length Constraints: Minimum length of 1. Maximum length of 128. Key Pattern: `^(?!aws:)[a-zA-Z+-=._:/]+$` Value Length Constraints: Maximum length of 256. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/GetSigningProfile) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/GetSigningProfile) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/GetSigningProfile) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/GetSigningProfile) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/GetSigningProfile) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/GetSigningProfile) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/GetSigningProfile) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/GetSigningProfile) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/GetSigningProfile) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/GetSigningProfile) # ListProfilePermissions Lists the cross-account permissions associated with a signing profile. ## Request Syntax ``` GET /signing-profiles/profileName/permissions?nextToken=nextToken HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [nextToken](#API_ListProfilePermissions_RequestSyntax) ** String for specifying the next set of paginated results. ** [profileName](#API_ListProfilePermissions_RequestSyntax) ** Name of the signing profile containing the cross-account permissions. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "nextToken": "string", "permissions": [ { "action": "string", "principal": "string", "profileVersion": "string", "statementId": "string" } ], "policySizeBytes": number, "revisionId": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [nextToken](#API_ListProfilePermissions_ResponseSyntax) ** String for specifying the next set of paginated results. Type: String ** [permissions](#API_ListProfilePermissions_ResponseSyntax) ** List of permissions associated with the Signing Profile. Type: Array of [Permission](API_Permission.md) objects ** [policySizeBytes](#API_ListProfilePermissions_ResponseSyntax) ** Total size of the policy associated with the Signing Profile in bytes. Type: Integer ** [revisionId](#API_ListProfilePermissions_ResponseSyntax) ** The identifier for the current revision of profile permissions. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/ListProfilePermissions) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/ListProfilePermissions) # ListSigningJobs Lists all your signing jobs. You can use the `maxResults` parameter to limit the number of signing jobs that are returned in the response. If additional jobs remain to be listed, AWS Signer returns a `nextToken` value. Use this value in subsequent calls to `ListSigningJobs` to fetch the remaining values. You can continue calling `ListSigningJobs` with your `maxResults` parameter and with new values that Signer returns in the `nextToken` parameter until all of your signing jobs have been returned. ## Request Syntax ``` GET /signing-jobs?isRevoked=isRevoked&jobInvoker=jobInvoker&maxResults=maxResults&nextToken=nextToken&platformId=platformId&requestedBy=requestedBy&signatureExpiresAfter=signatureExpiresAfter&signatureExpiresBefore=signatureExpiresBefore&status=status HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [isRevoked](#API_ListSigningJobs_RequestSyntax) ** Filters results to return only signing jobs with revoked signatures. ** [jobInvoker](#API_ListSigningJobs_RequestSyntax) ** Filters results to return only signing jobs initiated by a specified IAM entity. Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ** [maxResults](#API_ListSigningJobs_RequestSyntax) ** Specifies the maximum number of items to return in the response. Use this parameter when paginating results. If additional items exist beyond the number you specify, the `nextToken` element is set in the response. Use the `nextToken` value in a subsequent request to retrieve additional items. Valid Range: Minimum value of 1. Maximum value of 25. ** [nextToken](#API_ListSigningJobs_RequestSyntax) ** String for specifying the next set of paginated results to return. After you receive a response with truncated results, use this parameter in a subsequent request. Set it to the value of `nextToken` from the response that you just received. ** [platformId](#API_ListSigningJobs_RequestSyntax) ** The ID of microcontroller platform that you specified for the distribution of your code image. ** [requestedBy](#API_ListSigningJobs_RequestSyntax) ** The IAM principal that requested the signing job. ** [signatureExpiresAfter](#API_ListSigningJobs_RequestSyntax) ** Filters results to return only signing jobs with signatures expiring after a specified timestamp. ** [signatureExpiresBefore](#API_ListSigningJobs_RequestSyntax) ** Filters results to return only signing jobs with signatures expiring before a specified timestamp. ** [status](#API_ListSigningJobs_RequestSyntax) ** A status value with which to filter your results. Valid Values: `InProgress | Failed | Succeeded` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "jobs": [ { "createdAt": number, "isRevoked": boolean, "jobId": "string", "jobInvoker": "string", "jobOwner": "string", "platformDisplayName": "string", "platformId": "string", "profileName": "string", "profileVersion": "string", "signatureExpiresAt": number, "signedObject": { "s3": { "bucketName": "string", "key": "string" } }, "signingMaterial": { "certificateArn": "string" }, "source": { "s3": { "bucketName": "string", "key": "string", "version": "string" } }, "status": "string" } ], "nextToken": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [jobs](#API_ListSigningJobs_ResponseSyntax) ** A list of your signing jobs. Type: Array of [SigningJob](API_SigningJob.md) objects ** [nextToken](#API_ListSigningJobs_ResponseSyntax) ** String for specifying the next set of paginated results. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## Examples ### Example This example illustrates one usage of ListSigningJobs. #### Sample Request ``` GET /Prod/signing-jobs?status=InProgress&platform=TexasInstruments&maxResults=10 HTTP/1.1 Host: qvvi640b53.execute-api.us-east-1.amazonaws.com Accept-Encoding: identity Authorization: AWS4-HMAC-SHA256 Credential=access_key/20171115/us-east-1/signer/aws4_request, SignedHeaders=host;x-amz-date, Signature=59e5f7ac6c2193c1eb163b0a8f3b2b3ec47fc5687631aa4d42bdcfacc14d626a X-Amz-Date: 20171115T173358Z User-Agent: aws-cli/1.11.132 Python/2.7.9 Windows/8 botocore/1.5.95 ``` #### Sample Response ``` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 1896 Date: Wed, 15 Nov 2017 17:34:06 GMT x-amzn-RequestId: 2e5eaaf7-ca2b-11e7-bfa0-e7cd77b24597 X-Amzn-Trace-Id: sampled=0;root=1-5a0c7a8e-66a88aa1083a4631ce1a9e45 X-Cache: Miss from cloudfront Via: 1.1 9ba06853e586727720bf0a1bf763bad7.cloudfront.net (CloudFront) X-Amz-Cf-Id: BtaBXTGIVWfSRurtkK7aMOcg39oiA1Uz3UCoPPQm5LWu5bt72gV_cA== Connection: Keep-alive { "jobs": [{ "jobId": "ade0f15c-5857-4fcd-b731-43530bbd2d7d", "source": { "s3": { "bucketName": "signer-test-source", "key": "my-example-code.java", "version": null } }, "signedObject": { "s3": { "bucketName": "signer-test-dest", "key": "signed_images/ade0f15c-5857-4fcd-b731-43530bbd2d7d" } }, "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/7a0ed941-64dd-419b-8b59-24378756fee3" }, "createdAt": 1508345543, "status": "Succeeded" }, { "jobId": "9052caa6-1d8d-43b5-9ead-0cb8621c8c74", "source": { "s3": { "bucketName": "signer-test-source", "key": "my-example-code.java", "version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR" } }, "signedObject": { "s3": { "bucketName": "signer-test-dest", "key": "9052caa6-1d8d-43b5-9ead-0cb8621c8c74" } }, "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca" }, "createdAt": 1510695622, "status": "Succeeded" }, { "jobId": "cc9067a9-9258-489a-abae-1c3408191071", "source": { "s3": { "bucketName": "signer-test-source", "key": "my-example-code.java", "version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR" } }, "signedObject": { "s3": { "bucketName": "signer-test-dest", "key": "cc9067a9-9258-489a-abae-1c3408191071" } }, "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca" }, "createdAt": 1510698374, "status": "Succeeded" }, { "jobId": "ba506303-848d-4fb7-a07f-e8049eb5faa6", "source": { "s3": { "bucketName": "signer-test-source", "key": "my-example-code.java", "version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR" } }, "signedObject": { "s3": { "bucketName": "signer-test-dest", "key": "ba506303-848d-4fb7-a07f-e8049eb5faa6" } }, "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca" }, "createdAt": 1510760837, "status": "Succeeded" }], "nextToken": null } ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/ListSigningJobs) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/ListSigningJobs) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/ListSigningJobs) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/ListSigningJobs) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/ListSigningJobs) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/ListSigningJobs) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/ListSigningJobs) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/ListSigningJobs) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/ListSigningJobs) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/ListSigningJobs) # ListSigningPlatforms Lists all signing platforms available in AWS Signer that match the request parameters. If additional jobs remain to be listed, Signer returns a `nextToken` value. Use this value in subsequent calls to `ListSigningJobs` to fetch the remaining values. You can continue calling `ListSigningJobs` with your `maxResults` parameter and with new values that Signer returns in the `nextToken` parameter until all of your signing jobs have been returned. ## Request Syntax ``` GET /signing-platforms?category=category&maxResults=maxResults&nextToken=nextToken&partner=partner&target=target HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [category](#API_ListSigningPlatforms_RequestSyntax) ** The category type of a signing platform. ** [maxResults](#API_ListSigningPlatforms_RequestSyntax) ** The maximum number of results to be returned by this operation. Valid Range: Minimum value of 1. Maximum value of 25. ** [nextToken](#API_ListSigningPlatforms_RequestSyntax) ** Value for specifying the next set of paginated results to return. After you receive a response with truncated results, use this parameter in a subsequent request. Set it to the value of `nextToken` from the response that you just received. ** [partner](#API_ListSigningPlatforms_RequestSyntax) ** Any partner entities connected to a signing platform. ** [target](#API_ListSigningPlatforms_RequestSyntax) ** The validation template that is used by the target signing platform. ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "nextToken": "string", "platforms": [ { "category": "string", "displayName": "string", "maxSizeInMB": number, "partner": "string", "platformId": "string", "revocationSupported": boolean, "signingConfiguration": { "encryptionAlgorithmOptions": { "allowedValues": [ "string" ], "defaultValue": "string" }, "hashAlgorithmOptions": { "allowedValues": [ "string" ], "defaultValue": "string" } }, "signingImageFormat": { "defaultFormat": "string", "supportedFormats": [ "string" ] }, "target": "string" } ] } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [nextToken](#API_ListSigningPlatforms_ResponseSyntax) ** Value for specifying the next set of paginated results to return. Type: String ** [platforms](#API_ListSigningPlatforms_ResponseSyntax) ** A list of all platforms that match the request parameters. Type: Array of [SigningPlatform](API_SigningPlatform.md) objects ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/ListSigningPlatforms) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/ListSigningPlatforms) # ListSigningProfiles Lists all available signing profiles in your AWS account. Returns only profiles with an `ACTIVE` status unless the `includeCanceled` request field is set to `true`. If additional jobs remain to be listed, AWS Signer returns a `nextToken` value. Use this value in subsequent calls to `ListSigningJobs` to fetch the remaining values. You can continue calling `ListSigningJobs` with your `maxResults` parameter and with new values that Signer returns in the `nextToken` parameter until all of your signing jobs have been returned. ## Request Syntax ``` GET /signing-profiles?includeCanceled=includeCanceled&maxResults=maxResults&nextToken=nextToken&platformId=platformId&statuses=statuses HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [includeCanceled](#API_ListSigningProfiles_RequestSyntax) ** Designates whether to include profiles with the status of `CANCELED`. ** [maxResults](#API_ListSigningProfiles_RequestSyntax) ** The maximum number of profiles to be returned. Valid Range: Minimum value of 1. Maximum value of 25. ** [nextToken](#API_ListSigningProfiles_RequestSyntax) ** Value for specifying the next set of paginated results to return. After you receive a response with truncated results, use this parameter in a subsequent request. Set it to the value of `nextToken` from the response that you just received. ** [platformId](#API_ListSigningProfiles_RequestSyntax) ** Filters results to return only signing jobs initiated for a specified signing platform. ** [statuses](#API_ListSigningProfiles_RequestSyntax) ** Filters results to return only signing jobs with statuses in the specified list. Valid Values: `Active | Canceled | Revoked` ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "nextToken": "string", "profiles": [ { "arn": "string", "platformDisplayName": "string", "platformId": "string", "profileName": "string", "profileVersion": "string", "profileVersionArn": "string", "signatureValidityPeriod": { "type": "string", "value": number }, "signingMaterial": { "certificateArn": "string" }, "signingParameters": { "string" : "string" }, "status": "string", "tags": { "string" : "string" } } ] } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [nextToken](#API_ListSigningProfiles_ResponseSyntax) ** Value for specifying the next set of paginated results to return. Type: String ** [profiles](#API_ListSigningProfiles_ResponseSyntax) ** A list of profiles that are available in the AWS account. This includes profiles with the status of `CANCELED` if the `includeCanceled` parameter is set to `true`. Type: Array of [SigningProfile](API_SigningProfile.md) objects ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/ListSigningProfiles) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/ListSigningProfiles) # ListTagsForResource Returns a list of the tags associated with a signing profile resource. ## Request Syntax ``` GET /tags/resourceArn HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [resourceArn](#API_ListTagsForResource_RequestSyntax) ** The Amazon Resource Name (ARN) for the signing profile. Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "tags": { "string" : "string" } } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [tags](#API_ListTagsForResource_ResponseSyntax) ** A list of tags associated with the signing profile. Type: String to string map Map Entries: Maximum number of 200 items. Key Length Constraints: Minimum length of 1. Maximum length of 128. Key Pattern: `^(?!aws:)[a-zA-Z+-=._:/]+$` Value Length Constraints: Maximum length of 256. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** BadRequestException ** The request contains invalid parameters for the ARN or tags. This exception also occurs when you call a tagging API on a cancelled signing profile. HTTP Status Code: 400 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** NotFoundException ** The signing profile was not found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/ListTagsForResource) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/ListTagsForResource) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/ListTagsForResource) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/ListTagsForResource) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/ListTagsForResource) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/ListTagsForResource) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/ListTagsForResource) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/ListTagsForResource) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/ListTagsForResource) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/ListTagsForResource) # PutSigningProfile Creates a signing profile. A signing profile is a code-signing template that can be used to carry out a pre-defined signing job. ## Request Syntax ``` PUT /signing-profiles/profileName HTTP/1.1 Content-type: application/json { "overrides": { "signingConfiguration": { "encryptionAlgorithm": "string", "hashAlgorithm": "string" }, "signingImageFormat": "string" }, "platformId": "string", "signatureValidityPeriod": { "type": "string", "value": number }, "signingMaterial": { "certificateArn": "string" }, "signingParameters": { "string" : "string" }, "tags": { "string" : "string" } } ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_PutSigningProfile_RequestSyntax) ** The name of the signing profile to be created. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ## Request Body The request accepts the following data in JSON format. ** [overrides](#API_PutSigningProfile_RequestSyntax) ** A subfield of `platform`. This specifies any different configuration options that you want to apply to the chosen platform (such as a different `hash-algorithm` or `signing-algorithm`). Type: [SigningPlatformOverrides](API_SigningPlatformOverrides.md) object Required: No ** [platformId](#API_PutSigningProfile_RequestSyntax) ** The ID of the signing platform to be created. Type: String Required: Yes ** [signatureValidityPeriod](#API_PutSigningProfile_RequestSyntax) ** The default validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months. Type: [SignatureValidityPeriod](API_SignatureValidityPeriod.md) object Required: No ** [signingMaterial](#API_PutSigningProfile_RequestSyntax) ** The AWS Certificate Manager certificate that will be used to sign code with the new signing profile. Type: [SigningMaterial](API_SigningMaterial.md) object Required: No ** [signingParameters](#API_PutSigningProfile_RequestSyntax) ** Map of key-value pairs for signing. These can include any information that you want to use during signing. Type: String to string map Required: No ** [tags](#API_PutSigningProfile_RequestSyntax) ** Tags to be associated with the signing profile that is being created. Type: String to string map Map Entries: Maximum number of 200 items. Key Length Constraints: Minimum length of 1. Maximum length of 128. Key Pattern: `^(?!aws:)[a-zA-Z+-=._:/]+$` Value Length Constraints: Maximum length of 256. Required: No ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "arn": "string", "profileVersion": "string", "profileVersionArn": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [arn](#API_PutSigningProfile_ResponseSyntax) ** The Amazon Resource Name (ARN) of the signing profile created. Type: String ** [profileVersion](#API_PutSigningProfile_ResponseSyntax) ** The version of the signing profile being created. Type: String Length Constraints: Fixed length of 10. Pattern: `^[a-zA-Z0-9]{10}$` ** [profileVersionArn](#API_PutSigningProfile_ResponseSyntax) ** The signing profile ARN, including the profile version. Type: String Length Constraints: Minimum length of 20. Maximum length of 2048. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/PutSigningProfile) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/PutSigningProfile) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/PutSigningProfile) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/PutSigningProfile) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/PutSigningProfile) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/PutSigningProfile) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/PutSigningProfile) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/PutSigningProfile) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/PutSigningProfile) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/PutSigningProfile) # RemoveProfilePermission Removes cross-account permissions from a signing profile. ## Request Syntax ``` DELETE /signing-profiles/profileName/permissions/statementId?revisionId=revisionId HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_RemoveProfilePermission_RequestSyntax) ** A human-readable name for the signing profile with permissions to be removed. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ** [revisionId](#API_RemoveProfilePermission_RequestSyntax) ** An identifier for the current revision of the signing profile permissions. Required: Yes ** [statementId](#API_RemoveProfilePermission_RequestSyntax) ** A unique identifier for the cross-account permissions statement. Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "revisionId": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [revisionId](#API_RemoveProfilePermission_ResponseSyntax) ** An identifier for the current revision of the profile permissions. Type: String ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** ConflictException ** The resource encountered a conflicting state. HTTP Status Code: 409 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/RemoveProfilePermission) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/RemoveProfilePermission) # RevokeSignature Changes the state of a signing job to REVOKED. This indicates that the signature is no longer valid. ## Request Syntax ``` PUT /signing-jobs/jobId/revoke HTTP/1.1 Content-type: application/json { "jobOwner": "string", "reason": "string" } ``` ## URI Request Parameters The request uses the following URI parameters. ** [jobId](#API_RevokeSignature_RequestSyntax) ** ID of the signing job to be revoked. Required: Yes ## Request Body The request accepts the following data in JSON format. ** [jobOwner](#API_RevokeSignature_RequestSyntax) ** AWS account ID of the job owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` Required: No ** [reason](#API_RevokeSignature_RequestSyntax) ** The reason for revoking the signing job. Type: String Length Constraints: Minimum length of 1. Maximum length of 500. Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/RevokeSignature) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/RevokeSignature) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/RevokeSignature) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/RevokeSignature) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/RevokeSignature) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/RevokeSignature) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/RevokeSignature) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/RevokeSignature) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/RevokeSignature) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/RevokeSignature) # RevokeSigningProfile Changes the state of a signing profile to REVOKED. This indicates that signatures generated using the signing profile after an effective start date are no longer valid. ## Request Syntax ``` PUT /signing-profiles/profileName/revoke HTTP/1.1 Content-type: application/json { "effectiveTime": number, "profileVersion": "string", "reason": "string" } ``` ## URI Request Parameters The request uses the following URI parameters. ** [profileName](#API_RevokeSigningProfile_RequestSyntax) ** The name of the signing profile to be revoked. Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ## Request Body The request accepts the following data in JSON format. ** [effectiveTime](#API_RevokeSigningProfile_RequestSyntax) ** A timestamp for when revocation of a Signing Profile should become effective. Signatures generated using the signing profile after this timestamp are not trusted. Type: Timestamp Required: Yes ** [profileVersion](#API_RevokeSigningProfile_RequestSyntax) ** The version of the signing profile to be revoked. Type: String Length Constraints: Fixed length of 10. Pattern: `^[a-zA-Z0-9]{10}$` Required: Yes ** [reason](#API_RevokeSigningProfile_RequestSyntax) ** The reason for revoking a signing profile. Type: String Length Constraints: Minimum length of 1. Maximum length of 500. Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/RevokeSigningProfile) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/RevokeSigningProfile) # SignPayload Signs a binary payload and returns a signature envelope. ## Request Syntax ``` POST /signing-jobs/with-payload HTTP/1.1 Content-type: application/json { "payload": blob, "payloadFormat": "string", "profileName": "string", "profileOwner": "string" } ``` ## URI Request Parameters The request does not use any URI parameters. ## Request Body The request accepts the following data in JSON format. ** [payload](#API_SignPayload_RequestSyntax) ** Specifies the object digest (hash) to sign. Type: Base64-encoded binary data object Length Constraints: Minimum length of 1. Maximum length of 4096. Required: Yes ** [payloadFormat](#API_SignPayload_RequestSyntax) ** Payload content type. The single valid type is `application/vnd.cncf.notary.payload.v1+json`. Type: String Required: Yes ** [profileName](#API_SignPayload_RequestSyntax) ** The name of the signing profile. Type: String Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ** [profileOwner](#API_SignPayload_RequestSyntax) ** The AWS account ID of the profile owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` Required: No ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "jobId": "string", "jobOwner": "string", "metadata": { "string" : "string" }, "signature": blob } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [jobId](#API_SignPayload_ResponseSyntax) ** Unique identifier of the signing job. Type: String ** [jobOwner](#API_SignPayload_ResponseSyntax) ** The AWS account ID of the job owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ** [metadata](#API_SignPayload_ResponseSyntax) ** Information including the signing profile ARN and the signing job ID. Type: String to string map ** [signature](#API_SignPayload_ResponseSyntax) ** A cryptographic signature. Type: Base64-encoded binary data object ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/SignPayload) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/SignPayload) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/SignPayload) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/SignPayload) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/SignPayload) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/SignPayload) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/SignPayload) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/SignPayload) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/SignPayload) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/SignPayload) # StartSigningJob Initiates a signing job to be performed on the code provided. Signing jobs are viewable by the `ListSigningJobs` operation for two years after they are performed. Note the following requirements: + You must create an Amazon S3 source bucket. For more information, see [Creating a Bucket](http://docs.aws.amazon.com/AmazonS3/latest/gsg/CreatingABucket.html) in the *Amazon S3 Getting Started Guide*. + Your S3 source bucket must be version enabled. + You must create an S3 destination bucket. AWS Signer uses your S3 destination bucket to write your signed code. + You specify the name of the source and destination buckets when calling the `StartSigningJob` operation. + You must ensure the S3 buckets are from the same Region as the signing profile. Cross-Region signing isn't supported. + You must also specify a request token that identifies your request to Signer. You can call the [DescribeSigningJob](API_DescribeSigningJob.md) and the [ListSigningJobs](API_ListSigningJobs.md) actions after you call `StartSigningJob`. For a Java example that shows how to use this action, see [StartSigningJob](https://docs.aws.amazon.com/signer/latest/developerguide/api-startsigningjob.html). ## Request Syntax ``` POST /signing-jobs HTTP/1.1 Content-type: application/json { "clientRequestToken": "string", "destination": { "s3": { "bucketName": "string", "prefix": "string" } }, "profileName": "string", "profileOwner": "string", "source": { "s3": { "bucketName": "string", "key": "string", "version": "string" } } } ``` ## URI Request Parameters The request does not use any URI parameters. ## Request Body The request accepts the following data in JSON format. ** [clientRequestToken](#API_StartSigningJob_RequestSyntax) ** String that identifies the signing request. All calls after the first that use this token return the same response as the first call. Type: String Required: Yes ** [destination](#API_StartSigningJob_RequestSyntax) ** The S3 bucket in which to save your signed object. The destination contains the name of your bucket and an optional prefix. Type: [Destination](API_Destination.md) object Required: Yes ** [profileName](#API_StartSigningJob_RequestSyntax) ** The name of the signing profile. Type: String Length Constraints: Minimum length of 2. Maximum length of 64. Pattern: `^[a-zA-Z0-9_]{2,}` Required: Yes ** [profileOwner](#API_StartSigningJob_RequestSyntax) ** The AWS account ID of the signing profile owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` Required: No ** [source](#API_StartSigningJob_RequestSyntax) ** The S3 bucket that contains the object to sign or a BLOB that contains your raw code. Type: [Source](API_Source.md) object Required: Yes ## Response Syntax ``` HTTP/1.1 200 Content-type: application/json { "jobId": "string", "jobOwner": "string" } ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response. The following data is returned in JSON format by the service. ** [jobId](#API_StartSigningJob_ResponseSyntax) ** The ID of your signing job. Type: String ** [jobOwner](#API_StartSigningJob_ResponseSyntax) ** The AWS account ID of the signing job owner. Type: String Length Constraints: Fixed length of 12. Pattern: `^[0-9]{12}$` ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDeniedException ** You do not have sufficient access to perform this action. HTTP Status Code: 403 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** ResourceNotFoundException ** A specified resource could not be found. HTTP Status Code: 404 ** ThrottlingException ** *This error has been deprecated.* The request was denied due to request throttling. Instead of this error, `TooManyRequestsException` should be used. HTTP Status Code: 429 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ** ValidationException ** You signing certificate could not be validated. HTTP Status Code: 400 ## Examples ### Start a signing job This example illustrates one usage of StartSigningJob. #### Sample Request ``` POST /Prod/signing-jobs HTTP/1.1 Host: signer.us-east-1.amazonaws.com Accept-Encoding: identity Content-Length: 411 Authorization: AWS4-HMAC-SHA256 Credential=acces_key/20171115/us-east-1/signer/aws4_request, SignedHeaders=host;x-amz-date, Signature=e5a6cf8f72819823373eef632ab310e940aea5abec6c101ab27265b7aaa37aee X-Amz-Date: 20171115T154708Z User-Agent: aws-cli/1.11.132 Python/2.7.9 Windows/8 botocore/1.5.95 { "source": { "s3": { "version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR", "bucketName": "signer-test-source", "key": "my-example-code.java" } }, "destination": { "s3": { "bucketName": "signer-test-dest" } }, "platform": "TexasInstruments", "signingMaterial": { "certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca" }, "clientRequestToken": "12345" } ``` #### Sample Response ``` HTTP/1.1 200 OK Content-Type: application/json Content-Length: 48 Date: Wed, 15 Nov 2017 15:47:17 GMT x-amzn-RequestId: 41bab6aa-ca1c-11e7-84c9-a3126a821e6a X-Amzn-Trace-Id: sampled=0;root=1-5a0c6184-fcef477f16c548f2ab9a3c29 X-Cache: Miss from cloudfront Via: 1.1 a44b4468444ef3ee67472bd5c5016098.cloudfront.net (CloudFront) X-Amz-Cf-Id: JPloXC54wpP2pempPkUcX7S5Qf-5oMmgNE1Uc05KNIlG2igfInFU-g== Connection: Keep-alive {"jobId":"ba506303-848d-4fb7-a07f-e8049eb5faa6"} ``` ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/StartSigningJob) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/StartSigningJob) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/StartSigningJob) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/StartSigningJob) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/StartSigningJob) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/StartSigningJob) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/StartSigningJob) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/StartSigningJob) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/StartSigningJob) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/StartSigningJob) # TagResource Adds one or more tags to a signing profile. Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a key and an optional value. To specify the signing profile, use its Amazon Resource Name (ARN). To specify the tag, use a key-value pair. ## Request Syntax ``` POST /tags/resourceArn HTTP/1.1 Content-type: application/json { "tags": { "string" : "string" } } ``` ## URI Request Parameters The request uses the following URI parameters. ** [resourceArn](#API_TagResource_RequestSyntax) ** The Amazon Resource Name (ARN) for the signing profile. Required: Yes ## Request Body The request accepts the following data in JSON format. ** [tags](#API_TagResource_RequestSyntax) ** One or more tags to be associated with the signing profile. Type: String to string map Map Entries: Maximum number of 200 items. Key Length Constraints: Minimum length of 1. Maximum length of 128. Key Pattern: `^(?!aws:)[a-zA-Z+-=._:/]+$` Value Length Constraints: Maximum length of 256. Required: Yes ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** BadRequestException ** The request contains invalid parameters for the ARN or tags. This exception also occurs when you call a tagging API on a cancelled signing profile. HTTP Status Code: 400 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** NotFoundException ** The signing profile was not found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/TagResource) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/TagResource) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/TagResource) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/TagResource) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/TagResource) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/TagResource) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/TagResource) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/TagResource) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/TagResource) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/TagResource) # UntagResource Removes one or more tags from a signing profile. To remove the tags, specify a list of tag keys. ## Request Syntax ``` DELETE /tags/resourceArn?tagKeys=tagKeys HTTP/1.1 ``` ## URI Request Parameters The request uses the following URI parameters. ** [resourceArn](#API_UntagResource_RequestSyntax) ** The Amazon Resource Name (ARN) for the signing profile. Required: Yes ** [tagKeys](#API_UntagResource_RequestSyntax) ** A list of tag keys to be removed from the signing profile. Array Members: Minimum number of 1 item. Maximum number of 200 items. Length Constraints: Minimum length of 1. Maximum length of 128. Pattern: `^(?!aws:)[a-zA-Z+-=._:/]+$` Required: Yes ## Request Body The request does not have a request body. ## Response Syntax ``` HTTP/1.1 200 ``` ## Response Elements If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body. ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** BadRequestException ** The request contains invalid parameters for the ARN or tags. This exception also occurs when you call a tagging API on a cancelled signing profile. HTTP Status Code: 400 ** InternalServiceErrorException ** An internal error occurred. HTTP Status Code: 500 ** NotFoundException ** The signing profile was not found. HTTP Status Code: 404 ** TooManyRequestsException ** The allowed number of job-signing requests has been exceeded. This error supersedes the error `ThrottlingException`. HTTP Status Code: 429 ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS Command Line Interface V2](https://docs.aws.amazon.com/goto/cli2/signer-2017-08-25/UntagResource) + [AWS SDK for .NET V4](https://docs.aws.amazon.com/goto/DotNetSDKV4/signer-2017-08-25/UntagResource) + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/signer-2017-08-25/UntagResource) + [AWS SDK for Go v2](https://docs.aws.amazon.com/goto/SdkForGoV2/signer-2017-08-25/UntagResource) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/signer-2017-08-25/UntagResource) + [AWS SDK for JavaScript V3](https://docs.aws.amazon.com/goto/SdkForJavaScriptV3/signer-2017-08-25/UntagResource) + [AWS SDK for Kotlin](https://docs.aws.amazon.com/goto/SdkForKotlin/signer-2017-08-25/UntagResource) + [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/signer-2017-08-25/UntagResource) + [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/signer-2017-08-25/UntagResource) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/signer-2017-08-25/UntagResource)