@aws-sdk/client-ecr 3.936.0 → 3.939.0

package/dist-types/commands/DescribeImageSigningStatusCommand.d.ts

@@ -0,0 +1,113 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient";
+import { DescribeImageSigningStatusRequest, DescribeImageSigningStatusResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link DescribeImageSigningStatusCommand}.
+ */
+export interface DescribeImageSigningStatusCommandInput extends DescribeImageSigningStatusRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link DescribeImageSigningStatusCommand}.
+ */
+export interface DescribeImageSigningStatusCommandOutput extends DescribeImageSigningStatusResponse, __MetadataBearer {
+}
+declare const DescribeImageSigningStatusCommand_base: {
+    new (input: DescribeImageSigningStatusCommandInput): import("@smithy/smithy-client").CommandImpl<DescribeImageSigningStatusCommandInput, DescribeImageSigningStatusCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: DescribeImageSigningStatusCommandInput): import("@smithy/smithy-client").CommandImpl<DescribeImageSigningStatusCommandInput, DescribeImageSigningStatusCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Returns the signing status for a specified image. If the image matched
+ *             signing rules that reference different signing profiles, a status is returned
+ *             for each profile.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html">Managed signing</a> in the
+ *                 <i>Amazon Elastic Container Registry User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { ECRClient, DescribeImageSigningStatusCommand } from "@aws-sdk/client-ecr"; // ES Modules import
+ * // const { ECRClient, DescribeImageSigningStatusCommand } = require("@aws-sdk/client-ecr"); // CommonJS import
+ * // import type { ECRClientConfig } from "@aws-sdk/client-ecr";
+ * const config = {}; // type is ECRClientConfig
+ * const client = new ECRClient(config);
+ * const input = { // DescribeImageSigningStatusRequest
+ *   repositoryName: "STRING_VALUE", // required
+ *   imageId: { // ImageIdentifier
+ *     imageDigest: "STRING_VALUE",
+ *     imageTag: "STRING_VALUE",
+ *   },
+ *   registryId: "STRING_VALUE",
+ * };
+ * const command = new DescribeImageSigningStatusCommand(input);
+ * const response = await client.send(command);
+ * // { // DescribeImageSigningStatusResponse
+ * //   repositoryName: "STRING_VALUE",
+ * //   imageId: { // ImageIdentifier
+ * //     imageDigest: "STRING_VALUE",
+ * //     imageTag: "STRING_VALUE",
+ * //   },
+ * //   registryId: "STRING_VALUE",
+ * //   signingStatuses: [ // ImageSigningStatusList
+ * //     { // ImageSigningStatus
+ * //       signingProfileArn: "STRING_VALUE",
+ * //       failureCode: "STRING_VALUE",
+ * //       failureReason: "STRING_VALUE",
+ * //       status: "IN_PROGRESS" || "COMPLETE" || "FAILED",
+ * //     },
+ * //   ],
+ * // };
+ *
+ * ```
+ *
+ * @param DescribeImageSigningStatusCommandInput - {@link DescribeImageSigningStatusCommandInput}
+ * @returns {@link DescribeImageSigningStatusCommandOutput}
+ * @see {@link DescribeImageSigningStatusCommandInput} for command's `input` shape.
+ * @see {@link DescribeImageSigningStatusCommandOutput} for command's `response` shape.
+ * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape.
+ *
+ * @throws {@link ImageNotFoundException} (client fault)
+ *  <p>The image requested does not exist in the specified repository.</p>
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The specified parameter is invalid. Review the available parameters for the API
+ *             request.</p>
+ *
+ * @throws {@link RepositoryNotFoundException} (client fault)
+ *  <p>The specified repository could not be found. Check the spelling of the specified
+ *             repository and ensure that you are performing operations on the correct registry.</p>
+ *
+ * @throws {@link ServerException} (server fault)
+ *  <p>These errors are usually caused by a server-side issue.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>There was an exception validating this request.</p>
+ *
+ * @throws {@link ECRServiceException}
+ * <p>Base exception class for all service exceptions from ECR service.</p>
+ *
+ *
+ * @public
+ */
+export declare class DescribeImageSigningStatusCommand extends DescribeImageSigningStatusCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: DescribeImageSigningStatusRequest;
+            output: DescribeImageSigningStatusResponse;
+        };
+        sdk: {
+            input: DescribeImageSigningStatusCommandInput;
+            output: DescribeImageSigningStatusCommandOutput;
+        };
+    };
+}

package/dist-types/commands/GetSigningConfigurationCommand.d.ts

@@ -0,0 +1,102 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient";
+import { GetSigningConfigurationRequest, GetSigningConfigurationResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link GetSigningConfigurationCommand}.
+ */
+export interface GetSigningConfigurationCommandInput extends GetSigningConfigurationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link GetSigningConfigurationCommand}.
+ */
+export interface GetSigningConfigurationCommandOutput extends GetSigningConfigurationResponse, __MetadataBearer {
+}
+declare const GetSigningConfigurationCommand_base: {
+    new (input: GetSigningConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<GetSigningConfigurationCommandInput, GetSigningConfigurationCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (...[input]: [] | [GetSigningConfigurationCommandInput]): import("@smithy/smithy-client").CommandImpl<GetSigningConfigurationCommandInput, GetSigningConfigurationCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Retrieves the registry's signing configuration, which defines
+ *             rules for automatically signing images using Amazon Web Services Signer.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html">Managed signing</a> in the
+ *                 <i>Amazon Elastic Container Registry User Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { ECRClient, GetSigningConfigurationCommand } from "@aws-sdk/client-ecr"; // ES Modules import
+ * // const { ECRClient, GetSigningConfigurationCommand } = require("@aws-sdk/client-ecr"); // CommonJS import
+ * // import type { ECRClientConfig } from "@aws-sdk/client-ecr";
+ * const config = {}; // type is ECRClientConfig
+ * const client = new ECRClient(config);
+ * const input = {};
+ * const command = new GetSigningConfigurationCommand(input);
+ * const response = await client.send(command);
+ * // { // GetSigningConfigurationResponse
+ * //   registryId: "STRING_VALUE",
+ * //   signingConfiguration: { // SigningConfiguration
+ * //     rules: [ // SigningRuleList // required
+ * //       { // SigningRule
+ * //         signingProfileArn: "STRING_VALUE", // required
+ * //         repositoryFilters: [ // SigningRepositoryFilterList
+ * //           { // SigningRepositoryFilter
+ * //             filter: "STRING_VALUE", // required
+ * //             filterType: "WILDCARD_MATCH", // required
+ * //           },
+ * //         ],
+ * //       },
+ * //     ],
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param GetSigningConfigurationCommandInput - {@link GetSigningConfigurationCommandInput}
+ * @returns {@link GetSigningConfigurationCommandOutput}
+ * @see {@link GetSigningConfigurationCommandInput} for command's `input` shape.
+ * @see {@link GetSigningConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape.
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The specified parameter is invalid. Review the available parameters for the API
+ *             request.</p>
+ *
+ * @throws {@link ServerException} (server fault)
+ *  <p>These errors are usually caused by a server-side issue.</p>
+ *
+ * @throws {@link SigningConfigurationNotFoundException} (client fault)
+ *  <p>The specified signing configuration was not found. This occurs when
+ *             attempting to retrieve or delete a signing configuration that does not exist.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>There was an exception validating this request.</p>
+ *
+ * @throws {@link ECRServiceException}
+ * <p>Base exception class for all service exceptions from ECR service.</p>
+ *
+ *
+ * @public
+ */
+export declare class GetSigningConfigurationCommand extends GetSigningConfigurationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: {};
+            output: GetSigningConfigurationResponse;
+        };
+        sdk: {
+            input: GetSigningConfigurationCommandInput;
+            output: GetSigningConfigurationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/PutSigningConfigurationCommand.d.ts

@@ -0,0 +1,116 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../ECRClient";
+import { PutSigningConfigurationRequest, PutSigningConfigurationResponse } from "../models/models_0";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link PutSigningConfigurationCommand}.
+ */
+export interface PutSigningConfigurationCommandInput extends PutSigningConfigurationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link PutSigningConfigurationCommand}.
+ */
+export interface PutSigningConfigurationCommandOutput extends PutSigningConfigurationResponse, __MetadataBearer {
+}
+declare const PutSigningConfigurationCommand_base: {
+    new (input: PutSigningConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<PutSigningConfigurationCommandInput, PutSigningConfigurationCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: PutSigningConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<PutSigningConfigurationCommandInput, PutSigningConfigurationCommandOutput, ECRClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Creates or updates the registry's signing configuration, which defines
+ *             rules for automatically signing images with Amazon Web Services Signer.</p>
+ *          <p>For more information, see <a href="https://docs.aws.amazon.com/AmazonECR/latest/userguide/managed-signing.html">Managed signing</a> in the
+ *                 <i>Amazon Elastic Container Registry User Guide</i>.</p>
+ *          <note>
+ *             <p>To successfully generate a signature, the IAM principal pushing images must have
+ *                 permission to sign payloads with the Amazon Web Services Signer signing profile referenced in the signing
+ *                 configuration.</p>
+ *          </note>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { ECRClient, PutSigningConfigurationCommand } from "@aws-sdk/client-ecr"; // ES Modules import
+ * // const { ECRClient, PutSigningConfigurationCommand } = require("@aws-sdk/client-ecr"); // CommonJS import
+ * // import type { ECRClientConfig } from "@aws-sdk/client-ecr";
+ * const config = {}; // type is ECRClientConfig
+ * const client = new ECRClient(config);
+ * const input = { // PutSigningConfigurationRequest
+ *   signingConfiguration: { // SigningConfiguration
+ *     rules: [ // SigningRuleList // required
+ *       { // SigningRule
+ *         signingProfileArn: "STRING_VALUE", // required
+ *         repositoryFilters: [ // SigningRepositoryFilterList
+ *           { // SigningRepositoryFilter
+ *             filter: "STRING_VALUE", // required
+ *             filterType: "WILDCARD_MATCH", // required
+ *           },
+ *         ],
+ *       },
+ *     ],
+ *   },
+ * };
+ * const command = new PutSigningConfigurationCommand(input);
+ * const response = await client.send(command);
+ * // { // PutSigningConfigurationResponse
+ * //   signingConfiguration: { // SigningConfiguration
+ * //     rules: [ // SigningRuleList // required
+ * //       { // SigningRule
+ * //         signingProfileArn: "STRING_VALUE", // required
+ * //         repositoryFilters: [ // SigningRepositoryFilterList
+ * //           { // SigningRepositoryFilter
+ * //             filter: "STRING_VALUE", // required
+ * //             filterType: "WILDCARD_MATCH", // required
+ * //           },
+ * //         ],
+ * //       },
+ * //     ],
+ * //   },
+ * // };
+ *
+ * ```
+ *
+ * @param PutSigningConfigurationCommandInput - {@link PutSigningConfigurationCommandInput}
+ * @returns {@link PutSigningConfigurationCommandOutput}
+ * @see {@link PutSigningConfigurationCommandInput} for command's `input` shape.
+ * @see {@link PutSigningConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link ECRClientResolvedConfig | config} for ECRClient's `config` shape.
+ *
+ * @throws {@link InvalidParameterException} (client fault)
+ *  <p>The specified parameter is invalid. Review the available parameters for the API
+ *             request.</p>
+ *
+ * @throws {@link ServerException} (server fault)
+ *  <p>These errors are usually caused by a server-side issue.</p>
+ *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>There was an exception validating this request.</p>
+ *
+ * @throws {@link ECRServiceException}
+ * <p>Base exception class for all service exceptions from ECR service.</p>
+ *
+ *
+ * @public
+ */
+export declare class PutSigningConfigurationCommand extends PutSigningConfigurationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: PutSigningConfigurationRequest;
+            output: PutSigningConfigurationResponse;
+        };
+        sdk: {
+            input: PutSigningConfigurationCommandInput;
+            output: PutSigningConfigurationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/index.d.ts

@@ -12,9 +12,11 @@ export * from "./DeleteRegistryPolicyCommand";
 export * from "./DeleteRepositoryCommand";
 export * from "./DeleteRepositoryCreationTemplateCommand";
 export * from "./DeleteRepositoryPolicyCommand";
+export * from "./DeleteSigningConfigurationCommand";
 export * from "./DeregisterPullTimeUpdateExclusionCommand";
 export * from "./DescribeImageReplicationStatusCommand";
 export * from "./DescribeImageScanFindingsCommand";
+export * from "./DescribeImageSigningStatusCommand";
 export * from "./DescribeImagesCommand";
 export * from "./DescribePullThroughCacheRulesCommand";
 export * from "./DescribeRegistryCommand";
@@ -28,6 +30,7 @@ export * from "./GetLifecyclePolicyPreviewCommand";
 export * from "./GetRegistryPolicyCommand";
 export * from "./GetRegistryScanningConfigurationCommand";
 export * from "./GetRepositoryPolicyCommand";
+export * from "./GetSigningConfigurationCommand";
 export * from "./InitiateLayerUploadCommand";
 export * from "./ListImageReferrersCommand";
 export * from "./ListImagesCommand";
@@ -41,6 +44,7 @@ export * from "./PutLifecyclePolicyCommand";
 export * from "./PutRegistryPolicyCommand";
 export * from "./PutRegistryScanningConfigurationCommand";
 export * from "./PutReplicationConfigurationCommand";
+export * from "./PutSigningConfigurationCommand";
 export * from "./RegisterPullTimeUpdateExclusionCommand";
 export * from "./SetRepositoryPolicyCommand";
 export * from "./StartImageScanCommand";

package/dist-types/models/enums.d.ts

@@ -147,6 +147,17 @@ export declare const RCTAppliedFor: {
  * @public
  */
 export type RCTAppliedFor = (typeof RCTAppliedFor)[keyof typeof RCTAppliedFor];
+/**
+ * @public
+ * @enum
+ */
+export declare const SigningRepositoryFilterType: {
+    readonly WILDCARD_MATCH: "WILDCARD_MATCH";
+};
+/**
+ * @public
+ */
+export type SigningRepositoryFilterType = (typeof SigningRepositoryFilterType)[keyof typeof SigningRepositoryFilterType];
 /**
  * @public
  * @enum
@@ -236,6 +247,19 @@ export declare const ImageStatus: {
  * @public
  */
 export type ImageStatus = (typeof ImageStatus)[keyof typeof ImageStatus];
+/**
+ * @public
+ * @enum
+ */
+export declare const SigningStatus: {
+    readonly COMPLETE: "COMPLETE";
+    readonly FAILED: "FAILED";
+    readonly IN_PROGRESS: "IN_PROGRESS";
+};
+/**
+ * @public
+ */
+export type SigningStatus = (typeof SigningStatus)[keyof typeof SigningStatus];
 /**
  * @public
  * @enum

package/dist-types/models/errors.d.ts

@@ -349,6 +349,19 @@ export declare class RepositoryPolicyNotFoundException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<RepositoryPolicyNotFoundException, __BaseException>);
 }
+/**
+ * <p>The specified signing configuration was not found. This occurs when
+ *             attempting to retrieve or delete a signing configuration that does not exist.</p>
+ * @public
+ */
+export declare class SigningConfigurationNotFoundException extends __BaseException {
+    readonly name: "SigningConfigurationNotFoundException";
+    readonly $fault: "client";
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<SigningConfigurationNotFoundException, __BaseException>);
+}
 /**
  * <p>The specified pull time update exclusion was not found.</p>
  * @public

package/dist-types/models/models_0.d.ts

@@ -1,4 +1,4 @@
-import { ArtifactStatus, ArtifactStatusFilter, EncryptionType, FindingSeverity, ImageActionType, ImageFailureCode, ImageStatus, ImageStatusFilter, ImageTagMutability, ImageTagMutabilityExclusionFilterType, LayerAvailability, LayerFailureCode, LifecyclePolicyPreviewStatus, LifecyclePolicyStorageClass, LifecyclePolicyTargetStorageClass, RCTAppliedFor, ReplicationStatus, RepositoryFilterType, ScanFrequency, ScanningConfigurationFailureCode, ScanningRepositoryFilterType, ScanStatus, ScanType, TagStatus, TargetStorageClass, UpstreamRegistry } from "./enums";
+import { ArtifactStatus, ArtifactStatusFilter, EncryptionType, FindingSeverity, ImageActionType, ImageFailureCode, ImageStatus, ImageStatusFilter, ImageTagMutability, ImageTagMutabilityExclusionFilterType, LayerAvailability, LayerFailureCode, LifecyclePolicyPreviewStatus, LifecyclePolicyStorageClass, LifecyclePolicyTargetStorageClass, RCTAppliedFor, ReplicationStatus, RepositoryFilterType, ScanFrequency, ScanningConfigurationFailureCode, ScanningRepositoryFilterType, ScanStatus, ScanType, SigningRepositoryFilterType, SigningStatus, TagStatus, TargetStorageClass, UpstreamRegistry } from "./enums";
 /**
  * @public
  */
@@ -1170,6 +1170,102 @@ export interface DeleteRepositoryPolicyResponse {
      */
     policyText?: string | undefined;
 }
+/**
+ * @public
+ */
+export interface DeleteSigningConfigurationRequest {
+}
+/**
+ * <p>A repository filter used to determine which repositories have their
+ *             images automatically signed on push. Each filter consists of a filter type and filter value.</p>
+ * @public
+ */
+export interface SigningRepositoryFilter {
+    /**
+     * <p>The filter value used to match repository names. When using
+     *             <code>WILDCARD_MATCH</code>, the <code>*</code> character matches any sequence of characters.</p>
+     *          <p>Examples:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>myapp/*</code> - Matches all repositories starting with
+     *                     <code>myapp/</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>*\/production</code> - Matches all repositories ending with
+     *                     <code>/production</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>*prod*</code> - Matches all repositories containing
+     *                     <code>prod</code>
+     *                </p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    filter: string | undefined;
+    /**
+     * <p>The type of filter to apply. Currently, only <code>WILDCARD_MATCH</code> is supported,
+     *             which uses wildcard patterns to match repository names.</p>
+     * @public
+     */
+    filterType: SigningRepositoryFilterType | undefined;
+}
+/**
+ * <p>A signing rule that specifies a signing profile and optional
+ *             repository filters. When an image is pushed to a matching repository, a
+ *             signing job is created using the specified profile.</p>
+ * @public
+ */
+export interface SigningRule {
+    /**
+     * <p>The ARN of the Amazon Web Services Signer signing profile to use for signing images that match this
+     *             rule. For more information about signing profiles, see <a href="https://docs.aws.amazon.com/signer/latest/developerguide/signing-profiles.html">Signing profiles</a> in
+     *             the <i>Amazon Web Services Signer Developer Guide</i>.</p>
+     * @public
+     */
+    signingProfileArn: string | undefined;
+    /**
+     * <p>A list of repository filters that determine which repositories
+     *             have their images signed on push. If no filters are specified, all
+     *             images pushed to the registry are signed using the rule's signing
+     *             profile. Maximum of 100 filters per rule.</p>
+     * @public
+     */
+    repositoryFilters?: SigningRepositoryFilter[] | undefined;
+}
+/**
+ * <p>The signing configuration for a registry, which specifies rules
+ *             for automatically signing images when pushed.</p>
+ * @public
+ */
+export interface SigningConfiguration {
+    /**
+     * <p>A list of signing rules. Each rule defines a signing profile and optional repository
+     *             filters that determine which images are automatically signed. Maximum of 10 rules.</p>
+     * @public
+     */
+    rules: SigningRule[] | undefined;
+}
+/**
+ * @public
+ */
+export interface DeleteSigningConfigurationResponse {
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry.</p>
+     * @public
+     */
+    registryId?: string | undefined;
+    /**
+     * <p>The registry's deleted signing configuration.</p>
+     * @public
+     */
+    signingConfiguration?: SigningConfiguration | undefined;
+}
 /**
  * @public
  */
@@ -2052,6 +2148,95 @@ export interface DescribeImageScanFindingsResponse {
      */
     nextToken?: string | undefined;
 }
+/**
+ * @public
+ */
+export interface DescribeImageSigningStatusRequest {
+    /**
+     * <p>The name of the repository that contains the image.</p>
+     * @public
+     */
+    repositoryName: string | undefined;
+    /**
+     * <p>An object containing identifying information for an image.</p>
+     * @public
+     */
+    imageId: ImageIdentifier | undefined;
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.</p>
+     * @public
+     */
+    registryId?: string | undefined;
+}
+/**
+ * <p>The signing status for an image. Each status corresponds to a signing profile.</p>
+ * @public
+ */
+export interface ImageSigningStatus {
+    /**
+     * <p>The ARN of the Amazon Web Services Signer signing profile used to sign the image.</p>
+     * @public
+     */
+    signingProfileArn?: string | undefined;
+    /**
+     * <p>The failure code, which is only present if <code>status</code>
+     *             is <code>FAILED</code>.</p>
+     * @public
+     */
+    failureCode?: string | undefined;
+    /**
+     * <p>A description of why signing the image failed. This field is only
+     *             present if <code>status</code> is <code>FAILED</code>.</p>
+     * @public
+     */
+    failureReason?: string | undefined;
+    /**
+     * <p>The image's signing status. Possible values are:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>IN_PROGRESS</code> - Signing is currently in progress.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>COMPLETE</code> - The signature was successfully generated.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>FAILED</code> - Signing failed. See
+     *                     <code>failureCode</code> and <code>failureReason</code> for details.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    status?: SigningStatus | undefined;
+}
+/**
+ * @public
+ */
+export interface DescribeImageSigningStatusResponse {
+    /**
+     * <p>The name of the repository.</p>
+     * @public
+     */
+    repositoryName?: string | undefined;
+    /**
+     * <p>An object with identifying information for the image.</p>
+     * @public
+     */
+    imageId?: ImageIdentifier | undefined;
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry.</p>
+     * @public
+     */
+    registryId?: string | undefined;
+    /**
+     * <p>A list of signing statuses for the specified image. Each status corresponds to a
+     *             signing profile.</p>
+     * @public
+     */
+    signingStatuses?: ImageSigningStatus[] | undefined;
+}
 /**
  * @public
  */
@@ -2867,6 +3052,26 @@ export interface GetRepositoryPolicyResponse {
      */
     policyText?: string | undefined;
 }
+/**
+ * @public
+ */
+export interface GetSigningConfigurationRequest {
+}
+/**
+ * @public
+ */
+export interface GetSigningConfigurationResponse {
+    /**
+     * <p>The Amazon Web Services account ID associated with the registry.</p>
+     * @public
+     */
+    registryId?: string | undefined;
+    /**
+     * <p>The registry's signing configuration.</p>
+     * @public
+     */
+    signingConfiguration?: SigningConfiguration | undefined;
+}
 /**
  * @public
  */
@@ -3493,6 +3698,26 @@ export interface PutReplicationConfigurationResponse {
      */
     replicationConfiguration?: ReplicationConfiguration | undefined;
 }
+/**
+ * @public
+ */
+export interface PutSigningConfigurationRequest {
+    /**
+     * <p>The signing configuration to assign to the registry.</p>
+     * @public
+     */
+    signingConfiguration: SigningConfiguration | undefined;
+}
+/**
+ * @public
+ */
+export interface PutSigningConfigurationResponse {
+    /**
+     * <p>The registry's updated signing configuration.</p>
+     * @public
+     */
+    signingConfiguration?: SigningConfiguration | undefined;
+}
 /**
  * @public
  */