Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Quicksight EmbedURL using TLS 1.0

0

Hi, I've built an application for the Salesforce.com AppExchange. This application Embeds a Quicksight Dashboard using this API call [GetSessionEmbedUrl] (https://docs.aws.amazon.com/quicksight/latest/APIReference/API_GetSessionEmbedUrl.html). Salesforce.com will not approve my application because their security scan is picking up the fact that this API fetches the Embedded URL using "https://api.us-east-2.quicksight.aws.amazon.com" which still has access to TLS V1.0 (they require all APIs to disable TLS v1.0). I've asked them to consider this as a 'false positive' given I can't change how the API works, but wondering if anyone has run into a case like this before and has any advice?

Argomenti
AnalisiAWS Well-Architected Framework
Tag
Amazon QuickSightSicurezza
Lingua
English
dmarcus
posta 2 anni fa286 visualizzazioni
1 Risposta
0

Thanks for sharing the challenge. QuickSight endpoint currently supports TLS1.0 for few legacy clients but is planning to deprecate that support.

Please feel free to get in touch with Customer Support to explore options or to get an update.

AWS
Vijay
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente