StartSigningJob
Initiates a signing job to be performed on the code provided. Signing jobs are
viewable by the ListSigningJobs
operation for two years after they are
performed. Note the following requirements:
-
You must create an Amazon S3 source bucket. For more information, see Creating a Bucket in the Amazon S3 Getting Started Guide.
-
Your S3 source bucket must be version enabled.
-
You must create an S3 destination bucket. AWS Signer uses your S3 destination bucket to write your signed code.
-
You specify the name of the source and destination buckets when calling the
StartSigningJob
operation. -
You must ensure the S3 buckets are from the same Region as the signing profile. Cross-Region signing isn't supported.
-
You must also specify a request token that identifies your request to Signer.
You can call the DescribeSigningJob and the ListSigningJobs actions after you call
StartSigningJob
.
For a Java example that shows how to use this action, see StartSigningJob.
Request Syntax
POST /signing-jobs HTTP/1.1
Content-type: application/json
{
"clientRequestToken": "string
",
"destination": {
"s3": {
"bucketName": "string
",
"prefix": "string
"
}
},
"profileName": "string
",
"profileOwner": "string
",
"source": {
"s3": {
"bucketName": "string
",
"key": "string
",
"version": "string
"
}
}
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- clientRequestToken
-
String that identifies the signing request. All calls after the first that use this token return the same response as the first call.
Type: String
Required: Yes
- destination
-
The S3 bucket in which to save your signed object. The destination contains the name of your bucket and an optional prefix.
Type: Destination object
Required: Yes
- profileName
-
The name of the signing profile.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 64.
Pattern:
^[a-zA-Z0-9_]{2,}
Required: Yes
- profileOwner
-
The AWS account ID of the signing profile owner.
Type: String
Length Constraints: Fixed length of 12.
Pattern:
^[0-9]{12}$
Required: No
- source
-
The S3 bucket that contains the object to sign or a BLOB that contains your raw code.
Type: Source object
Required: Yes
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"jobId": "string",
"jobOwner": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 403
- InternalServiceErrorException
-
An internal error occurred.
HTTP Status Code: 500
- ResourceNotFoundException
-
A specified resource could not be found.
HTTP Status Code: 404
- ThrottlingException
-
This error has been deprecated.
The request was denied due to request throttling.
Instead of this error,
TooManyRequestsException
should be used.HTTP Status Code: 429
- TooManyRequestsException
-
The allowed number of job-signing requests has been exceeded.
This error supersedes the error
ThrottlingException
.HTTP Status Code: 429
- ValidationException
-
You signing certificate could not be validated.
HTTP Status Code: 400
Examples
Start a signing job
This example illustrates one usage of StartSigningJob.
Sample Request
POST /Prod/signing-jobs HTTP/1.1
Host: signer.us-east-1.amazonaws.com
Accept-Encoding: identity
Content-Length: 411
Authorization: AWS4-HMAC-SHA256 Credential=acces_key/20171115/us-east-1/signer/aws4_request, SignedHeaders=host;x-amz-date, Signature=e5a6cf8f72819823373eef632ab310e940aea5abec6c101ab27265b7aaa37aee
X-Amz-Date: 20171115T154708Z
User-Agent: aws-cli/1.11.132 Python/2.7.9 Windows/8 botocore/1.5.95
{
"source": {
"s3": {
"version": "W.OIrIFmjIFeuNXOaBJzPee66.wRg4GR",
"bucketName": "signer-test-source",
"key": "my-example-code.java"
}
},
"destination": {
"s3": {
"bucketName": "signer-test-dest"
}
},
"platform": "TexasInstruments",
"signingMaterial": {
"certificateArn": "arn:aws:acm:region:123456789012:certificate/9ec626ca-0bbb-4be5-83a2-ee563f8386ca"
},
"clientRequestToken": "12345"
}
Sample Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Date: Wed, 15 Nov 2017 15:47:17 GMT
x-amzn-RequestId: 41bab6aa-ca1c-11e7-84c9-a3126a821e6a
X-Amzn-Trace-Id: sampled=0;root=1-5a0c6184-fcef477f16c548f2ab9a3c29
X-Cache: Miss from cloudfront
Via: 1.1 a44b4468444ef3ee67472bd5c5016098.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JPloXC54wpP2pempPkUcX7S5Qf-5oMmgNE1Uc05KNIlG2igfInFU-g==
Connection: Keep-alive
{"jobId":"ba506303-848d-4fb7-a07f-e8049eb5faa6"}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: