Resource: aws_lambda_code_signing_config

Provides a Lambda Code Signing Config resource. A code signing configuration defines a list of allowed signing profiles and defines the code-signing validation policy (action to be taken if deployment validation checks fail).

For information about Lambda code signing configurations and how to use them, see configuring code signing for Lambda functions

Example Usage

resource "aws_lambda_code_signing_config" "new_csc" {
  allowed_publishers {
    signing_profile_version_arns = [
      aws_signer_signing_profile.example1.arn,
      aws_signer_signing_profile.example2.arn,
    ]
  }

  policies {
    untrusted_artifact_on_deployment = "Warn"
  }

  description = "My awesome code signing config."
}

Argument Reference

The allowed_publishers block supports the following argument:

The policies block supports the following argument:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import Code Signing Configs using their ARN. For example:

import {
  to = aws_lambda_code_signing_config.imported_csc
  id = "arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-0f6c334abcdea4d8b"
}

Using terraform import, import Code Signing Configs using their ARN. For example:

% terraform import aws_lambda_code_signing_config.imported_csc arn:aws:lambda:us-west-2:123456789012:code-signing-config:csc-0f6c334abcdea4d8b