AWS Security ChangesHomeSearch

AWS lambda documentation change

Service: lambda · 2025-08-28 · Documentation low

File: lambda/latest/dg/configuration-codesigning.md

Summary

Added specific CloudWatch metric name 'SignatureValidationErrors' to the 'Warn' code signing configuration documentation

Security assessment

The change clarifies monitoring capabilities for code signing validation warnings but does not address a specific security vulnerability. It enhances documentation of an existing security feature (code signing).

Diff

diff --git a/lambda/latest/dg/configuration-codesigning.md b/lambda/latest/dg/configuration-codesigning.md
index 3d57adf95..4f211c385 100644
--- a//lambda/latest/dg/configuration-codesigning.md
+++ b//lambda/latest/dg/configuration-codesigning.md
@@ -36 +36 @@ When you create a code signing configuration, you can use the [UntrustedArtifact
-  * `Warn`: This is the default setting. Lambda allows the deployment of the code package, but issues a warning. Lambda issues a new Amazon CloudWatch metric and also stores the warning in the CloudTrail log.
+  * `Warn`: This is the default setting. Lambda allows the deployment of the code package, but issues a warning. Lambda issues a new Amazon CloudWatch metric (`SignatureValidationErrors`) and also stores the warning in the CloudTrail log.