The practice of digitally signing source code packages for functions and layers is called Lambda code signing. The goal of code signing is to make sure that only trusted code runs in your functions.
The signer service can be used to verify the integrity of your code. The deployment package will be rejected or accepted if a series of validation checks are not performed.
In this article, you will use the console to set up code signing for a function. The validation checks and policies that can be applied to your code signing configurations are covered in the article.
Defining Amazon S3 source and destination buckets is the first step in the code-signing process. The signed package is deposited in the S3 destination bucket after the signer retrieves unsigned packages from the S3 source bucket.
You can simplify this process by using the same bucket to store both signed and unsigned packages.
Kindly watch the below video to configure an Amazon S3 Bucket to…