Serverless configuration for a SigningProfile and CodeSigningConfig

serverless.yml

Resources:
  SigningProfile:
      Type: AWS::Signer::SigningProfile
      Properties:
        PlatformId: AWSLambda-SHA384-ECDSA
    CodesignedFunctionConfig:
      Type: AWS::Lambda::CodeSigningConfig
      Properties:
        Description: "GitHub Action Code Signing for Lambdas"
        AllowedPublishers:
          SigningProfileVersionArns:
            - "Fn::GetAtt":
              - SigningProfile
              - Arn
        CodeSigningPolicies:
          UntrustedArtifactOnDeployment: "Enforce"

extensions:
  LambdaFunctionName:
    Properties:
      CodeSigningConfigArn:
        "Fn::GetAtt":
          - CodesignedFunctionConfig
          - CodeSigningConfigArn