Default Flows tab

Signing Flows

To remove the option for Key Use Approvers to allow unlimited signings when approving a signing request, check the Approvers may not allow unlimited signings upon signing request approval checkbox in this section. With this checked, the Unlimited Use radio button (outlined in the screenshot below) will be removed from the Signing Request approval screen entirely.

If you leave Unlimited Use enabled, Key Use Approvers will be required to select a date and time when the unlimited key use approval expires.

Project and Environment Flows

Project and Environment Flows specify the Flows that will be invoked when either a Project or Environment is created, updated, or deleted. This gives code signing administrators the ability to require approvals on any of these actions.

If you want to use Flows that enforce approvals, and those Flows aren't in place yet, start by creating them. Once they are in place, return here to assign them. You can assign Flows by clicking the drop-down selector for any of the options described below, and then selecting the Flow.

EXAMPLE Suppose you wanted to enforce Code Signing Administrator approval anytime a new Environment is added or deleted, and Project Owner approval anytime an existing Environment is changed. You also want a Code Signing Administrator to have to approve Project deletions.

First, you'd create two Change Management Flows—we'll call those Flows "Administrator Approval" and "Owner Approval." The Administrator Approval Flow would have an "Administrator" approval action, and the Owner Approval Flow would have a "Standard" approval action with the Attribute set to Owner.

Then, you'd assign the Administrator Approval Flow to Environment Create, Environment Delete, and Project Delete.

Finally, you'd assign the Owner Approval Flow to Environment Update.

Project Flows

Select which Flows should be invoked for when Projects are created, updated, or deleted.

Action	Description
Create	Sets the Flow that is invoked when new Projects are submitted for approval.
Update	Sets the Flow that is invoked when changes to existing projects are submitted. If the Flow requires approvals, the Project remains Enabled in its original configuration while awaiting approval. Once the approval is given, the updates to the Project take effect.
Delete	Sets the Flow that is invoked when existing projects are deleted. When a Project is deleted, it is put in the Pending Deletion Approval state. In this state, none of the Environments are enabled. Once the deletion is approved, the Project and all its Environments are deleted.

Action

Description

Create

Sets the Flow that is invoked when new Projects are submitted for approval.

Update

Sets the Flow that is invoked when changes to existing projects are submitted.

If the Flow requires approvals, the Project remains Enabled in its original configuration while awaiting approval. Once the approval is given, the updates to the Project take effect.

Delete

Sets the Flow that is invoked when existing projects are deleted.

When a Project is deleted, it is put in the Pending Deletion Approval state. In this state, none of the Environments are enabled. Once the deletion is approved, the Project and all its Environments are deleted.

Environment Flows

Select which Flows should be invoked for when Environments are created, updated, or deleted.

Action	Description
Create	Sets the Flow that is invoked when new Environments are added to a Project. This Flow is invoked no matter what state the Project itself is in. If the Flow requires approvals, the Environment will be in the Disabled status until the approval is given. Once approved, it moves to the Enabled state. Approvers should follow the instructions in Approving or rejecting changes to Code Sign Manager - Self-Hosted Environments to take action on the request.
Update	Sets the Flow that is invoked when changes to existing projects are submitted. This Flow is invoked no matter what state the Project itself is in. If the Flow requires approvals, the Environment remains Enabled in its original configuration while awaiting approval. Once the approval is given, the updates to the Environment take effect. Approvers should follow the instructions in Approving or rejecting changes to Code Sign Manager - Self-Hosted Environments to take action on the request.
Delete	Sets the Flow that is invoked when existing projects are deleted. When an Environment is deleted, it remains in the Enabled state until the deletion is approved. Once approved, the Environment, its associated certificates, and keys are deleted. Approvers should follow the instructions in Approving or Rejecting a Project deletion request to take action on the request.

Action

Description

Create

Sets the Flow that is invoked when new Environments are added to a Project.

This Flow is invoked no matter what state the Project itself is in. If the Flow requires approvals, the Environment will be in the Disabled status until the approval is given. Once approved, it moves to the Enabled state.

Approvers should follow the instructions in Approving or rejecting changes to Code Sign Manager - Self-Hosted Environments to take action on the request.

Update

Sets the Flow that is invoked when changes to existing projects are submitted.

This Flow is invoked no matter what state the Project itself is in. If the Flow requires approvals, the Environment remains Enabled in its original configuration while awaiting approval. Once the approval is given, the updates to the Environment take effect.

Approvers should follow the instructions in Approving or rejecting changes to Code Sign Manager - Self-Hosted Environments to take action on the request.

Delete

Sets the Flow that is invoked when existing projects are deleted.

When an Environment is deleted, it remains in the Enabled state until the deletion is approved. Once approved, the Environment, its associated certificates, and keys are deleted.

Approvers should follow the instructions in Approving or Rejecting a Project deletion request to take action on the request.