Code Signing for AWS IoT
Developer Guide

Signing Profiles in Code Signing for AWS IoT

A signing profile is a code signing template that can be used to carry out a predefined signing job. A signing profile designates the signing material (a file) to be signed with a particular signing platform, as well as any hash or encryption algorithm overrides to be applied to that signing platform. Once created, administrators can use AWS Identity and Access Management (IAM) to delegate control over signing profiles. Doing so ensures that only approved users have access to particular code signing, Amazon FreeRTOS, AWS IoT Device Management, and AWS Certificate Manager resources. For more information about managing user permissions in code signing, see Customer Managed Policies.

In order to start a signing job with the StartSigningJob operation, you must designate a signing profile.

Use the PutSigningProfile operation to create a signing profile, and the CancelSigningProfile operation to cancel a signing profile. Canceled profiles remain in the CANCELED state for two years after the CancelSigningProfile operation is issued, after which time they are deleted. To find the status of a particular signing profile, use the GetSigningProfile operation.

For a list of all available signing profiles, including those in the CANCELED state, use the ListSigningProfiles operation.

For more information about the configurations and parameters related to signing profiles, see SigningPlatform in the Code Signing for AWS IoT API Reference Guide.