Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Quicksight EmbedURL using TLS 1.0

0

Hi, I've built an application for the Salesforce.com AppExchange. This application Embeds a Quicksight Dashboard using this API call [GetSessionEmbedUrl] (https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetSessionEmbedUrl.html). Salesforce.com will not approve my application because their security scan is picking up the fact that this API fetches the Embedded URL using "https://api.us-east-2.quicksight.aws.amazon.com" which still has access to TLS V1.0 (they require all APIs to disable TLS v1.0). I've asked them to consider this as a 'false positive' given I can't change how the API works, but wondering if anyone has run into a case like this before and has any advice?

Themen
AnalysenAWS Framework mit guter Struktur
Tags
Amazon QuickSightSicherheit
Sprache
English
dmarcus
gefragt vor 2 Jahren289 Aufrufe
1 Antwort
0

Thanks for sharing the challenge. QuickSight endpoint currently supports TLS1.0 for few legacy clients but is planning to deprecate that support.

Please feel free to get in touch with Customer Support to explore options or to get an update.

AWS
Vijay
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt