UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

83 lines (82 loc) 2.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
import { Construct } from 'constructs'; import { CodeSigningConfigReference, ICodeSigningConfigRef } from './lambda.generated'; import { ISigningProfile } from '../../aws-signer'; import { IResource, Resource } from '../../core'; /** * Code signing configuration policy for deployment validation failure. */ export declare enum UntrustedArtifactOnDeployment { /** * Lambda blocks the deployment request if signature validation checks fail. */ ENFORCE = "Enforce", /** * Lambda allows the deployment of the code package, but issues a warning. * Lambda issues a new Amazon CloudWatch metric, called a signature validation error and also stores the warning in CloudTrail. */ WARN = "Warn" } /** * A Code Signing Config */ export interface ICodeSigningConfig extends IResource, ICodeSigningConfigRef { /** * The ARN of Code Signing Config * @attribute */ readonly codeSigningConfigArn: string; /** * The id of Code Signing Config * @attribute */ readonly codeSigningConfigId: string; } /** * Construction properties for a Code Signing Config object */ export interface CodeSigningConfigProps { /** * List of signing profiles that defines a * trusted user who can sign a code package. */ readonly signingProfiles: ISigningProfile[]; /** * Code signing configuration policy for deployment validation failure. * If you set the policy to Enforce, Lambda blocks the deployment request * if signature validation checks fail. * If you set the policy to Warn, Lambda allows the deployment and * creates a CloudWatch log. * * @default UntrustedArtifactOnDeployment.WARN */ readonly untrustedArtifactOnDeployment?: UntrustedArtifactOnDeployment; /** * Code signing configuration description. * * @default - No description. */ readonly description?: string; } /** * Defines a Code Signing Config. * * @resource AWS::Lambda::CodeSigningConfig */ export declare class CodeSigningConfig extends Resource implements ICodeSigningConfig { /** * Uniquely identifies this class. */ static readonly PROPERTY_INJECTION_ID: string; /** * Creates a Signing Profile construct that represents an external Signing Profile. * * @param scope The parent creating construct (usually `this`). * @param id The construct's name. * @param codeSigningConfigArn The ARN of code signing config. */ static fromCodeSigningConfigArn(scope: Construct, id: string, codeSigningConfigArn: string): ICodeSigningConfig; readonly codeSigningConfigArn: string; readonly codeSigningConfigId: string; constructor(scope: Construct, id: string, props: CodeSigningConfigProps); get codeSigningConfigRef(): CodeSigningConfigReference; }