Creates a signing profile. A signing profile is a code signing template that can be used to carry out a pre-defined signing job. For more information, see http://docs.aws.amazon.com/signer/latest/developerguide/gs-profile.html
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
put-signing-profile
--profile-name <value>
[--signing-material <value>]
[--signature-validity-period <value>]
--platform-id <value>
[--overrides <value>]
[--signing-parameters <value>]
[--tags <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--profile-name
(string)
The name of the signing profile to be created.
--signing-material
(structure)
The AWS Certificate Manager certificate that will be used to sign code with the new signing profile.
certificateArn -> (string)
The Amazon Resource Name (ARN) of the certificates that is used to sign your code.
Shorthand Syntax:
certificateArn=string
JSON Syntax:
{
"certificateArn": "string"
}
--signature-validity-period
(structure)
The default validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.
value -> (integer)
The numerical value of the time unit for signature validity.
type -> (string)
The time unit for signature validity.
Shorthand Syntax:
value=integer,type=string
JSON Syntax:
{
"value": integer,
"type": "DAYS"|"MONTHS"|"YEARS"
}
--platform-id
(string)
The ID of the signing platform to be created.
--overrides
(structure)
A subfield of
platform
. This specifies any different configuration options that you want to apply to the chosen platform (such as a differenthash-algorithm
orsigning-algorithm
).signingConfiguration -> (structure)
A signing configuration that overrides the default encryption or hash algorithm of a signing job.
encryptionAlgorithm -> (string)
A specified override of the default encryption algorithm that is used in a code signing job.
hashAlgorithm -> (string)
A specified override of the default hash algorithm that is used in a code signing job.
signingImageFormat -> (string)
A signed image is a JSON object. When overriding the default signing platform configuration, a customer can select either of two signing formats,
JSONEmbedded
orJSONDetached
. (A third format value,JSON
, is reserved for future use.) WithJSONEmbedded
, the signing image has the payload embedded in it. WithJSONDetached
, the payload is not be embedded in the signing image.
Shorthand Syntax:
signingConfiguration={encryptionAlgorithm=string,hashAlgorithm=string},signingImageFormat=string
JSON Syntax:
{
"signingConfiguration": {
"encryptionAlgorithm": "RSA"|"ECDSA",
"hashAlgorithm": "SHA1"|"SHA256"
},
"signingImageFormat": "JSON"|"JSONEmbedded"|"JSONDetached"
}
--signing-parameters
(map)
Map of key-value pairs for signing. These can include any information that you want to use during signing.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--tags
(map)
Tags to be associated with the signing profile that is being created.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To create a signing profile
The following put-signing-profile
example creates a signing profile using the specified certificate and platform.
aws signer put-signing-profile \
--profile-name MyProfile6 \
--signing-material certificateArn=arn:aws:acm:us-west-2:123456789012:certificate/6a55389b-306b-4e8c-a95c-0123456789abc \
--platform AmazonFreeRTOS-TI-CC3220SF
Output:
{
"arn": "arn:aws:signer:us-west-2:123456789012:/signing-profiles/MyProfile6"
}
arn -> (string)
The Amazon Resource Name (ARN) of the signing profile created.
profileVersion -> (string)
The version of the signing profile being created.
profileVersionArn -> (string)
The signing profile ARN, including the profile version.