This documentation is a draft for private preview for regions in the AWS European Sovereign Cloud. Documentation content will continue to evolve. Published: January 12, 2026.Welcome
AWS Signer is a fully managed code-signing service to help you ensure the trust and
integrity of your code.
Signer supports the following applications:
With code signing for AWS Lambda, you can sign AWS
Lambda deployment packages. Integrated support is provided for Amazon S3, Amazon
CloudWatch, and AWS CloudTrail. In order
to sign code, you create a signing profile and then use Signer to sign Lambda zip
files in S3.
With code signing for IoT, you can sign code for any IoT device that is supported by AWS.
IoT code signing is available for Amazon FreeRTOS and AWS IoT Device Management, and is integrated with AWS Certificate Manager (ACM). In order to sign code, you import a third-party code-signing
certificate using ACM, and use that to sign updates in Amazon FreeRTOS and AWS IoT Device Management.
With Signer and the Notation CLI from the Notary
Project, you can sign container images stored in a container registry such
as Amazon Elastic Container Registry (ECR). The signatures are stored in the registry
alongside the images, where they are available for verifying image authenticity and
integrity.
For more information about Signer, see the AWS Signer Developer
Guide.
This document was last published on January 12, 2026.