Security Configuration Reference¶
AAM provides comprehensive security policies to protect against malicious packages, ensure package integrity, and enforce organizational security requirements.
Security Model¶
AAM's security model is based on three pillars:
- Checksum verification - Always verify package integrity
- Signature verification - Optional cryptographic signatures
- Policy enforcement - Configurable security policies
Configuration Location¶
Security policies are configured in the security section of:
- Global config (
~/.aam/config.yaml) - User-level policies - Project config (
.aam/config.yaml) - Project-level policies
Project config overrides global config.
Security Schema¶
SecurityConfig Fields¶
| Field | Type | Default | Description |
|---|---|---|---|
require_checksum | bool | true | Enforce SHA-256 checksum verification |
require_signature | bool | false | Require package signatures |
on_signature_failure | string | "warn" | Action on signature failure: warn, error, ignore |
trusted_identities | list[string] | [] | Sigstore OIDC identities to trust |
trusted_keys | list[string] | [] | GPG key fingerprints to trust |
Example: Basic Security¶
Checksum Verification¶
Field: require_checksum¶
Type: bool Default: true Non-configurable: Always enforced (cannot be disabled)
Every package includes a SHA-256 checksum that is verified on installation.
How Checksums Work¶
- Package creation:
aam pkg packcalculates SHA-256 of.aamarchive - Publishing: Checksum stored in registry metadata
- Installation: AAM downloads package and verifies checksum
- Lock file: Checksum recorded in
.aam/aam-lock.yaml
Checksum Format¶
Format: sha256:<64-character-hex>
Checksum Verification Failure¶
Error: Checksum mismatch for package my-package@1.0.0
Expected: sha256:abc123...
Got: sha256:def456...
Causes: - Package was modified after publishing - Download corruption - Man-in-the-middle attack
Action: Installation fails immediately (non-configurable).
Signature Verification¶
Field: require_signature¶
Type: bool Default: false
When true, AAM rejects unsigned packages.
Use cases: - High-security environments - Regulated industries - Enterprise deployments
Signature Methods¶
AAM supports two signature methods:
- Sigstore (recommended) - Keyless signing via OIDC
- GPG - Traditional GPG key-based signing
Sigstore Signatures¶
Sigstore uses OIDC identities (e.g., email addresses) instead of managing keys.
Publishing with Sigstore:
Verification:
AAM verifies: 1. Package signature is valid 2. Signer identity matches trusted list
GPG Signatures¶
Traditional GPG key-based signing.
Publishing with GPG:
Verification:
Signature Verification Policies¶
Field: on_signature_failure¶
Type: string Default: "warn" Valid values: "warn", "error", "ignore"
Controls behavior when signature verification fails.
Mode: warn¶
Log warning but continue installation.
Output:
Use case: Transitioning to mandatory signatures.
Mode: error¶
Fail installation immediately.
Output:
Use case: Production environments with strict security.
Mode: ignore¶
Skip signature verification entirely.
Use case: Development environments (not recommended for production).
Trusted Identities¶
Field: trusted_identities¶
Type: list[string] Default: []
List of Sigstore OIDC identities (email patterns) to trust.
Exact Identity Match¶
Only packages signed by developer@mycompany.com are trusted.
Wildcard Patterns¶
Trust all users from a domain:
Trust multiple domains:
Verification Process¶
When installing a package:
- AAM extracts signer identity from Sigstore bundle
- Checks if identity matches any pattern in
trusted_identities - If no match: Action depends on
on_signature_failure
Trusted Keys¶
Field: trusted_keys¶
Type: list[string] Default: []
List of GPG key fingerprints to trust.
Example¶
security:
trusted_keys:
- "ABCD1234EFGH5678IJKL9012MNOP3456QRST7890"
- "1234567890ABCDEF1234567890ABCDEF12345678"
Getting Key Fingerprints¶
# List your GPG keys
gpg --list-keys --fingerprint
# Output:
# pub rsa4096 2024-01-01 [SC]
# ABCD 1234 EFGH 5678 IJKL 9012 MNOP 3456 QRST 7890
# uid [ultimate] Your Name <you@example.com>
Use the 40-character fingerprint (spaces optional).
Security Policy Examples¶
Policy: Permissive (Default)¶
Verify checksums, warn on signature failures.
security:
require_checksum: true # Always enforced
require_signature: false # Don't require signatures
on_signature_failure: warn # Warn but continue
Use case: Individual developers, open-source projects.
Policy: Moderate¶
Require signatures, warn on failures.
security:
require_checksum: true
require_signature: true # Reject unsigned packages
on_signature_failure: warn # Warn on bad signatures
trusted_identities:
- "*@mycompany.com"
Use case: Teams transitioning to mandatory signatures.
Policy: Strict¶
Require signatures, fail on bad signatures.
security:
require_checksum: true
require_signature: true
on_signature_failure: error # Fail immediately
trusted_identities:
- "*@mycompany.com"
Use case: Production environments, regulated industries.
Policy: High-Security Enterprise¶
Strict verification with GPG keys.
security:
require_checksum: true
require_signature: true
on_signature_failure: error
trusted_keys:
- "ABCD1234EFGH5678IJKL9012MNOP3456QRST7890"
- "1234567890ABCDEF1234567890ABCDEF12345678"
Use case: Financial services, healthcare, government.
Policy: Air-Gapped Environment¶
Checksums only (no signature verification).
Use case: Offline/air-gapped networks with pre-vetted packages.
Advanced Security Configuration¶
Registry Allowlists¶
Restrict package installation to specific registries.
Effect: Packages from other registries are rejected.
Error message:
Package Blocklists¶
Block specific packages from installation.
Effect: Blocked packages cannot be installed.
Error message:
Install Policy¶
Control what can be installed based on scope, tags, etc.
security:
install_policy:
allowed_scopes:
- "myorg"
- "trusted-vendor"
require_tag: true # Only allow tagged releases
allowed_scopes: Only install packages from these scopes. require_tag: Reject packages without dist-tags.
Publish Policy¶
Control package publishing.
security:
publish_policy:
require_approval: true
approvers:
- "manager@mycompany.com"
- "security@mycompany.com"
require_approval: Require manual approval before publishing. approvers: List of email addresses that can approve.
Workflow:
aam pkg publish
# Package uploaded but marked "pending approval"
# Approver runs: aam approve @myorg/my-package@1.0.0
# Package becomes available
Team Security Policies¶
Global vs. Project Config¶
Global config (~/.aam/config.yaml): - Personal security preferences - Less strict for development
Project config (.aam/config.yaml): - Team-wide security requirements - Committed to git - More strict for production
Example: Team Policy¶
Global config (developer's machine):
Project config (committed to git):
security:
require_checksum: true
require_signature: true # Team requires signatures
on_signature_failure: error # Fail on bad signatures
trusted_identities:
- "*@mycompany.com"
Result: Project config overrides global, enforcing team policy.
Auditing and Compliance¶
Audit Installed Packages¶
Output:
@myorg/package-a@1.0.0
Signature: Valid (developer@mycompany.com)
Checksum: sha256:abc123...
@vendor/package-b@2.0.0
Signature: Missing
Checksum: sha256:def456...
Verify Signatures¶
Output:
Checking 5 packages...
✓ @myorg/package-a@1.0.0 (signed by developer@mycompany.com)
✓ @myorg/package-b@1.2.0 (signed by admin@mycompany.com)
✗ @vendor/package-c@3.0.0 (unsigned)
2/3 packages passed verification
Export Audit Report¶
Signature Workflow¶
For Package Publishers¶
- Setup signing:
Sigstore (recommended):
GPG:
- Sign and publish:
- Verify signature:
For Package Consumers¶
- Configure trust:
- Install packages:
- Audit periodically:
Troubleshooting¶
Signature Verification Failed¶
Problem:
Solutions:
-
Check trusted identities:
-
Verify package signature:
-
Override for testing:
Package Not Signed¶
Problem:
Solutions:
-
Contact package author to sign and republish
-
Override security policy (if acceptable):
-
Use different package from trusted source
Checksum Mismatch¶
Problem:
Solutions:
-
Re-download package:
-
Check registry integrity:
-
Report to registry maintainer if persistent
Best Practices¶
Always Verify Checksums¶
Never disable checksum verification (it's enforced anyway).
Sign Your Packages¶
If publishing packages, always sign them:
Use Sigstore for Simplicity¶
Sigstore is easier than GPG (no key management).
Configure Trust Lists¶
Define who you trust:
security:
trusted_identities:
- "*@mycompany.com" # Trust company developers
- "*@trusted-vendor.com" # Trust vendor packages
Enable Strict Mode for Production¶
Audit Regularly¶
Document Security Policies¶
Add security policy to project README:
## Security Policy
This project requires all packages to be signed by @mycompany.com developers.
See `.aam/config.yaml` for security configuration.
Migration¶
Enabling Signatures Gradually¶
Step 1: Warn on unsigned packages
Step 2: Require signatures, but warn on failures
Step 3: Strict enforcement
From GPG to Sigstore¶
-
Add Sigstore identities:
-
Transition packages:
- Republish with Sigstore signatures
-
Verify both GPG and Sigstore work
-
Remove GPG keys:
Compliance Considerations¶
GDPR¶
- Signing metadata may include personal information (email)
- Document in privacy policy
SOC 2¶
- Enable signature verification
- Audit installed packages regularly
- Document security policies
HIPAA¶
- Use strict security policies
- Enable signature verification
- Restrict to approved registries
ISO 27001¶
- Document security configuration
- Regular security audits
- Access control via scopes
Next Steps¶
- Global Configuration - Configure security globally
- Project Configuration - Project-level security policies
- CLI Reference: publish - Signing packages
- CLI Reference: verify - Verifying signatures
- Advanced: Package Signing - In-depth signing guide