POC of AWS lambda Signer with terraform
-
Configure terraform
terrafom --version # is 1.7.5. You can update by downloading from https://www.terraform.io/downloads.html -
Configure AWS credentials (Link)
-
Create and configure bucket name
// file terraform-lambda-signer/preferences.tf terraform { required_version = ">=1.5.0" required_providers { aws = { source = "hashicorp/aws" version = ">= 4.9" } } backend "s3" { key = "terraform.tfstate" bucket = "terraform-lambda-signer" // change the name of bucket region = "us-east-1" } }
-
Terraform init
terraform init
terraform plan
terraform apply
.
├── data.tf
├── lambda_role.tf
├── lambda.tf
├── LICENSE
├── preferences.tf
├── README.md
├── src # Lambda Folder
│ └── getcost.py # Lamba Code
├── terraform.tfvars
└── variables.tfref: https://docs.aws.amazon.com/signer/latest/developerguide/Welcome.html
AWS Signer is a fully managed code-signing service to ensure the trust and integrity of your code. Organizations validate code against a digital signature to confirm that the code is unaltered and from a trusted publisher. With AWS Signer, your security administrators have a single place to define your signing environment, including what AWS Identity and Access Management (IAM) role can sign code and in what Regions. AWS Signer manages the code-signing certificate's public and private keys, and enables central management of the code-signing lifecycle. Integration with AWS CloudTrail helps you track who is generating code signatures and to meet your compliance requirements.
If the deployment is success, the code of lambda does not show in the console
