What is the deadline for TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints


What is the deadline for the TLS 1.2 policy enforcement? June 28, 2023, or December 31, 2023?

Regarding article: https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/

The post was updated May 23, 2023 to indicate a gradual enforcement between now and December 31, 2023 Paragraph 1 also indicates a "continued gradual rollout that will complete by December 31, 2023." Paragraph 5 however indicates "After June 28, 2023, AWS will update our API endpoint configuration to remove TLS 1.0 and TLS 1.1, even if you still have connections using these versions."

3 Respuestas
Respuesta aceptada

So this will be gradual rollout as per the blog and will be completed by Dec 31,2023.

See this blog

At Amazon Web Services (AWS), we continuously innovate to deliver you a cloud computing environment that works to help meet the requirements of the most security-sensitive organizations. To respond to evolving technology and regulatory standards for Transport Layer Security (TLS), we will be updating the TLS configuration for all AWS service API endpoints to a minimum of version TLS 1.2. This update means you will need to use of TLS versions 1.2 or higher for your connections, with a continued gradual rollout that will complete by December 31, 2023. In this post, we will tell you how to check your TLS version, and what to do to prepare.

profile pictureAWS
respondido hace un año
profile picture
revisado hace 3 meses

The deadline is June 28, 2023. After June 28, 2023, AWS will update our API endpoint configuration to remove TLS 1.0 and TLS 1.1, even if you still have connections using these versions.

respondido hace un año
profile picture
revisado hace 3 meses

Does this apply to Customer Endpoints ex: AWS API gateway?

respondido hace un año
  • Customer specific endpoints such as CloudFront distributions, ALBs, RDS instances endpoints, API Gateway and Cognito IDP endpoints are not in scope. This deprecation will have no effect on customer specific endpoints.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas