What is AWS Signer? - AWS Signer

What is AWS Signer?

AWS Signer is a fully managed code-signing service to ensure the trust and integrity of your code. Organizations validate code against a digital signature to confirm that the code is unaltered and from a trusted publisher. With AWS Signer, your security administrators have a single place to define your signing environment, including what AWS Identity and Access Management (IAM) role can sign code and in what regions. AWS Signer manages the code-signing certificate public and private keys and enables central management of the code-signing lifecycle. Integration with AWS CloudTrail helps you track who is generating code signatures and meet your compliance requirements.

  • Code signing for AWS Lambda

    With Code Signing for AWS Lambda, you can ensure that only trusted code runs in your Lambda functions. You can use AWS Signer to create digitally signed packages for Lambda deployment. To sign your code packages before deploying them to AWS Lambda, you can use the AWS Signer console, the Signer CLI the AWS Serverless Application Model (AWS SAM) CLI, or one of the AWS SDKs.

  • Code signing for AWS IoT

    With Code Signing for AWS IoT, you can sign code that you create for IoT devices supported by Amazon FreeRTOS and AWS IoT device management. Code signing for AWS IoT is integrated with AWS Certificate Manager (ACM). In order to sign code, you import a third-party code-signing certificate with ACM that is used to sign updates in FreeRTOS and AWS IoT Device Management.

    You can use code signing through the FreeRTOS console to sign your firmware images before deploying them to a microcontroller. To sign your code images before deploying them in an over-the-air (OTA) update job, you can use the AWS IoT Device Management console, the AWS CLI, or one of the AWS SDKs.

For information about the AWS Signer API, see the AWS Signer API Reference.