Skip to content

Code Signing via CloudFormation? #2424

@jplock

Description

@jplock

Describe your idea/feature/enhancement

Related to #2407, is it possible to deploy a code signed Lambda function using CloudFormation or do you have to use sam deploy? We have CodePipeline's configured that run sam package from CodeBuild, but then use CodePipeline's CloudFormation integration to provisioned the packaged YAML file template (so we don't run sam deploy in our pipeline). CloudFormation returns an error message:

Lambda cannot deploy the function. The function or layer might be signed using a signature that the client is not configured to accept.

Reading https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/authoring-codesigning.html and https://aws.amazon.com/blogs/aws/new-code-signing-a-trust-and-integrity-control-for-aws-lambda/, it's not clear whether this is supported or not.

Thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    blocked/close-if-inactiveBlocked for >14 days with no response, will be closed if still inactive after 7 daysblocked/more-info-neededMore info is needed from the requester. If no response in 14 days, it will become stale.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions