:doc:`ECR <../../ecr>` / Client / put_signing_configuration

*************************
put_signing_configuration
*************************



.. py:method:: ECR.Client.put_signing_configuration(**kwargs)

  

  Creates or updates the registry's signing configuration, which defines rules for automatically signing images with Amazon Web Services Signer.

   

  For more information, see `Managed signing <https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html>`__ in the *Amazon Elastic Container Registry User Guide*.

   

  .. note::

    

    To successfully generate a signature, the IAM principal pushing images must have permission to sign payloads with the Amazon Web Services Signer signing profile referenced in the signing configuration.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PutSigningConfiguration>`_  


  **Request Syntax**
  ::

    response = client.put_signing_configuration(
        signingConfiguration={
            'rules': [
                {
                    'signingProfileArn': 'string',
                    'repositoryFilters': [
                        {
                            'filter': 'string',
                            'filterType': 'WILDCARD_MATCH'
                        },
                    ]
                },
            ]
        }
    )
    
  :type signingConfiguration: dict
  :param signingConfiguration: **[REQUIRED]** 

    The signing configuration to assign to the registry.

    

  
    - **rules** *(list) --* **[REQUIRED]** 

      A list of signing rules. Each rule defines a signing profile and optional repository filters that determine which images are automatically signed. Maximum of 10 rules.

      

    
      - *(dict) --* 

        A signing rule that specifies a signing profile and optional repository filters. When an image is pushed to a matching repository, a signing job is created using the specified profile.

        

      
        - **signingProfileArn** *(string) --* **[REQUIRED]** 

          The ARN of the Amazon Web Services Signer signing profile to use for signing images that match this rule. For more information about signing profiles, see `Signing profiles <https://docs.aws.amazon.com/signer/latest/developerguide/signing-profiles.html>`__ in the *Amazon Web Services Signer Developer Guide*.

          

        
        - **repositoryFilters** *(list) --* 

          A list of repository filters that determine which repositories have their images signed on push. If no filters are specified, all images pushed to the registry are signed using the rule's signing profile. Maximum of 100 filters per rule.

          

        
          - *(dict) --* 

            A repository filter used to determine which repositories have their images automatically signed on push. Each filter consists of a filter type and filter value.

            

          
            - **filter** *(string) --* **[REQUIRED]** 

              The filter value used to match repository names. When using ``WILDCARD_MATCH``, the ``*`` character matches any sequence of characters.

               

              Examples:

               

              
              * ``myapp/*`` - Matches all repositories starting with ``myapp/``
               
              * ``*/production`` - Matches all repositories ending with ``/production``
               
              * ``*prod*`` - Matches all repositories containing ``prod``
              

              

            
            - **filterType** *(string) --* **[REQUIRED]** 

              The type of filter to apply. Currently, only ``WILDCARD_MATCH`` is supported, which uses wildcard patterns to match repository names.

              

            
          
      
      
  
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'signingConfiguration': {
              'rules': [
                  {
                      'signingProfileArn': 'string',
                      'repositoryFilters': [
                          {
                              'filter': 'string',
                              'filterType': 'WILDCARD_MATCH'
                          },
                      ]
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **signingConfiguration** *(dict) --* 

        The registry's updated signing configuration.

        
        

        - **rules** *(list) --* 

          A list of signing rules. Each rule defines a signing profile and optional repository filters that determine which images are automatically signed. Maximum of 10 rules.

          
          

          - *(dict) --* 

            A signing rule that specifies a signing profile and optional repository filters. When an image is pushed to a matching repository, a signing job is created using the specified profile.

            
            

            - **signingProfileArn** *(string) --* 

              The ARN of the Amazon Web Services Signer signing profile to use for signing images that match this rule. For more information about signing profiles, see `Signing profiles <https://docs.aws.amazon.com/signer/latest/developerguide/signing-profiles.html>`__ in the *Amazon Web Services Signer Developer Guide*.

              
            

            - **repositoryFilters** *(list) --* 

              A list of repository filters that determine which repositories have their images signed on push. If no filters are specified, all images pushed to the registry are signed using the rule's signing profile. Maximum of 100 filters per rule.

              
              

              - *(dict) --* 

                A repository filter used to determine which repositories have their images automatically signed on push. Each filter consists of a filter type and filter value.

                
                

                - **filter** *(string) --* 

                  The filter value used to match repository names. When using ``WILDCARD_MATCH``, the ``*`` character matches any sequence of characters.

                   

                  Examples:

                   

                  
                  * ``myapp/*`` - Matches all repositories starting with ``myapp/``
                   
                  * ``*/production`` - Matches all repositories ending with ``/production``
                   
                  * ``*prod*`` - Matches all repositories containing ``prod``
                  

                  
                

                - **filterType** *(string) --* 

                  The type of filter to apply. Currently, only ``WILDCARD_MATCH`` is supported, which uses wildcard patterns to match repository names.

                  
            
          
        
      
    
  
  **Exceptions**
  
  *   :py:class:`ECR.Client.exceptions.ServerException`

  
  *   :py:class:`ECR.Client.exceptions.InvalidParameterException`

  
  *   :py:class:`ECR.Client.exceptions.ValidationException`

  