Creates a Signer Signing Profile. A signing profile contains information about the code signing configuration parameters that can be used by a given code signing user.
resource "aws_signer_signing_profile" "test_sp" {
platform_id = "AWSLambda-SHA384-ECDSA"
}
resource "aws_signer_signing_profile" "prod_sp" {
platform_id = "AWSLambda-SHA384-ECDSA"
name_prefix = "prod_sp_"
signature_validity_period {
value = 5
type = "YEARS"
}
tags = {
tag1 = "value1"
tag2 = "value2"
}
}
platform_id
- (Required, Forces new resource) The ID of the platform that is used by the target signing profile.name
- (Optional, Forces new resource) A unique signing profile name. By default generated by Terraform. Signing profile names are immutable and cannot be reused after canceled.name_prefix
- (Optional, Forces new resource) A signing profile name prefix. Terraform will generate a unique suffix. Conflicts with name
.signature_validity_period
- (Optional, Forces new resource) The validity period for a signing job. See signature_validity_period
Block below for details.signing_material
- (Optional, Forces new resource) The AWS Certificate Manager certificate that will be used to sign code with the new signing profile. See signing_material
Block below for details.tags
- (Optional) A list of tags associated with the signing profile. If configured with a provider default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.signature_validity_period
BlockThe signature_validity_period
configuration block supports the following arguments:
type
- (Required, Forces new resource) The time unit for signature validity. Valid values: DAYS
, MONTHS
, YEARS
.value
- (Required, Forces new resource) The numerical value of the time unit for signature validity.signing_material
BlockThe signing_material
configuration block supports the following arguments:
certificate_arn
- (Required, Forces new resource) The Amazon Resource Name (ARN) of the certificates that is used to sign your code.This resource exports the following attributes in addition to the arguments above:
arn
- The Amazon Resource Name (ARN) for the signing profile.name
- The name of the target signing profile.platform_display_name
- A human-readable name for the signing platform associated with the signing profile.revocation_record
- Revocation information for a signing profile. See revocation_record
Block below for details.status
- The status of the target signing profile.version
- The current version of the signing profile.version_arn
- The signing profile ARN, including the profile version.tags_all
- A map of tags assigned to the resource, including those inherited from the provider default_tags
configuration block.revocation_record
BlockThe revocation_record
configuration block supports the following attributes:
revocation_effective_from
- The time when revocation becomes effective.revoked_at
- The time when the signing profile was revoked.revoked_by
- The identity of the revoker.In Terraform v1.5.0 and later, use an import
block to import Signer signing profiles using the name
. For example:
import {
to = aws_signer_signing_profile.test_signer_signing_profile
id = "test_sp_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK"
}
Using terraform import
, import Signer signing profiles using the name
. For example:
% terraform import aws_signer_signing_profile.test_signer_signing_profile test_sp_DdW3Mk1foYL88fajut4mTVFGpuwfd4ACO6ANL0D1uIj7lrn8adK