[ aws . signer ]

describe-signing-job

Description

Returns information about a specific code signing job. You specify the job by using the jobId value that is returned by the StartSigningJob operation.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-signing-job
--job-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--job-id (string)

The ID of the signing job on input.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Examples

To display details about a signing job

The following describe-signing-job example displays details about the specified signing job.

aws signer describe-signing-job \
    --job-id 2065c468-73e2-4385-a6c9-0123456789abc

Output:

{
    "status": "Succeeded",
    "completedAt": 1568412037,
    "platformId": "AmazonFreeRTOS-Default",
    "signingMaterial": {
        "certificateArn": "arn:aws:acm:us-west-2:123456789012:certificate/6a55389b-306b-4e8c-a95c-0123456789abc"
    },
    "statusReason": "Signing Succeeded",
    "jobId": "2065c468-73e2-4385-a6c9-0123456789abc",
    "source": {
        "s3": {
            "version": "PNyFaUTgsQh5ZdMCcoCe6pT1gOpgB_M4",
            "bucketName": "signer-source",
            "key": "MyCode.rb"
        }
    },
    "profileName": "MyProfile2",
    "signedObject": {
        "s3": {
            "bucketName": "signer-destination",
            "key": "signed-2065c468-73e2-4385-a6c9-0123456789abc"
        }
    },
    "requestedBy": "arn:aws:iam::123456789012:user/maria",
    "createdAt": 1568412036
}

Output

jobId -> (string)

The ID of the signing job on output.

source -> (structure)

The object that contains the name of your S3 bucket or your raw code.

s3 -> (structure)

The S3Source object.

bucketName -> (string)

Name of the S3 bucket.

key -> (string)

Key name of the bucket object that contains your unsigned code.

version -> (string)

Version of your source image in your version enabled S3 bucket.

signingMaterial -> (structure)

The Amazon Resource Name (ARN) of your code signing certificate.

certificateArn -> (string)

The Amazon Resource Name (ARN) of the certificates that is used to sign your code.

platformId -> (string)

The microcontroller platform to which your signed code image will be distributed.

platformDisplayName -> (string)

A human-readable name for the signing platform associated with the signing job.

profileName -> (string)

The name of the profile that initiated the signing operation.

profileVersion -> (string)

The version of the signing profile used to initiate the signing job.

overrides -> (structure)

A list of any overrides that were applied to the signing operation.

signingConfiguration -> (structure)

A signing configuration that overrides the default encryption or hash algorithm of a signing job.

encryptionAlgorithm -> (string)

A specified override of the default encryption algorithm that is used in a code signing job.

hashAlgorithm -> (string)

A specified override of the default hash algorithm that is used in a code signing job.

signingImageFormat -> (string)

A signed image is a JSON object. When overriding the default signing platform configuration, a customer can select either of two signing formats, JSONEmbedded or JSONDetached . (A third format value, JSON , is reserved for future use.) With JSONEmbedded , the signing image has the payload embedded in it. With JSONDetached , the payload is not be embedded in the signing image.

signingParameters -> (map)

Map of user-assigned key-value pairs used during signing. These values contain any information that you specified for use in your signing job.

key -> (string)

value -> (string)

createdAt -> (timestamp)

Date and time that the signing job was created.

completedAt -> (timestamp)

Date and time that the signing job was completed.

signatureExpiresAt -> (timestamp)

Thr expiration timestamp for the signature generated by the signing job.

requestedBy -> (string)

The IAM principal that requested the signing job.

status -> (string)

Status of the signing job.

statusReason -> (string)

String value that contains the status reason.

revocationRecord -> (structure)

A revocation record if the signature generated by the signing job has been revoked. Contains a timestamp and the ID of the IAM entity that revoked the signature.

reason -> (string)

A caller-supplied reason for revocation.

revokedAt -> (timestamp)

The time of revocation.

revokedBy -> (string)

The identity of the revoker.

signedObject -> (structure)

Name of the S3 bucket where the signed code image is saved by code signing.

s3 -> (structure)

The S3SignedObject .

bucketName -> (string)

Name of the S3 bucket.

key -> (string)

Key name that uniquely identifies a signed code image in your bucket.

jobOwner -> (string)

The AWS account ID of the job owner.

jobInvoker -> (string)

The IAM entity that initiated the signing job.