Skip to content

Commit

Permalink
fix(lambda): incorrect values for prop UntrustedArtifactOnDeployment (#…
Browse files Browse the repository at this point in the history
…13667)

The allowed values for `UntrustedArtifactOnDeployment` in the
`AWS::Lambda::CodeSigningConfig` resource type are 'Warn' and 'Enforce'.

This was incorrectly set in the CDK.

fixes #13586


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
Niranjan Jayakar authored Mar 19, 2021
1 parent 0ea4b19 commit 0757686
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions packages/@aws-cdk/aws-lambda/lib/code-signing-config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@ export enum UntrustedArtifactOnDeployment {
/**
* Lambda blocks the deployment request if signature validation checks fail.
*/
ENFORCE = 'enforce',
ENFORCE = 'Enforce',

/**
* Lambda allows the deployment of the code package, but issues a warning.
* Lambda issues a new Amazon CloudWatch metric, called a signature validation error and also stores the warning in CloudTrail.
*/
WARN = 'warn',
WARN = 'Warn',
}

/**
Expand Down
4 changes: 2 additions & 2 deletions packages/@aws-cdk/aws-lambda/test/code-signing-config.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ describe('code signing config', () => {
}],
},
CodeSigningPolicies: {
UntrustedArtifactOnDeployment: lambda.UntrustedArtifactOnDeployment.WARN,
UntrustedArtifactOnDeployment: 'Warn',
},
});
});
Expand Down Expand Up @@ -78,7 +78,7 @@ describe('code signing config', () => {

expect(stack).toHaveResource('AWS::Lambda::CodeSigningConfig', {
CodeSigningPolicies: {
UntrustedArtifactOnDeployment: lambda.UntrustedArtifactOnDeployment.ENFORCE,
UntrustedArtifactOnDeployment: 'Enforce',
},
Description: 'test description',
});
Expand Down

0 comments on commit 0757686

Please sign in to comment.