diff --git a/packages/@aws-cdk/aws-lambda/lib/code-signing-config.ts b/packages/@aws-cdk/aws-lambda/lib/code-signing-config.ts
index 0472eb5d048f5..5e76436b75cca 100644
--- a/packages/@aws-cdk/aws-lambda/lib/code-signing-config.ts
+++ b/packages/@aws-cdk/aws-lambda/lib/code-signing-config.ts
@@ -10,13 +10,13 @@ export enum UntrustedArtifactOnDeployment {
   /**
    * Lambda blocks the deployment request if signature validation checks fail.
    */
-  ENFORCE = 'enforce',
+  ENFORCE = 'Enforce',
 
   /**
    * Lambda allows the deployment of the code package, but issues a warning.
    * Lambda issues a new Amazon CloudWatch metric, called a signature validation error and also stores the warning in CloudTrail.
    */
-  WARN = 'warn',
+  WARN = 'Warn',
 }
 
 /**
diff --git a/packages/@aws-cdk/aws-lambda/test/code-signing-config.test.ts b/packages/@aws-cdk/aws-lambda/test/code-signing-config.test.ts
index 3e123ab5d5d89..6f6c1047f5453 100644
--- a/packages/@aws-cdk/aws-lambda/test/code-signing-config.test.ts
+++ b/packages/@aws-cdk/aws-lambda/test/code-signing-config.test.ts
@@ -28,7 +28,7 @@ describe('code signing config', () => {
         }],
       },
       CodeSigningPolicies: {
-        UntrustedArtifactOnDeployment: lambda.UntrustedArtifactOnDeployment.WARN,
+        UntrustedArtifactOnDeployment: 'Warn',
       },
     });
   });
@@ -78,7 +78,7 @@ describe('code signing config', () => {
 
     expect(stack).toHaveResource('AWS::Lambda::CodeSigningConfig', {
       CodeSigningPolicies: {
-        UntrustedArtifactOnDeployment: lambda.UntrustedArtifactOnDeployment.ENFORCE,
+        UntrustedArtifactOnDeployment: 'Enforce',
       },
       Description: 'test description',
     });