AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Update your S3 object access to maintain connectivity - I'm clueless!

0

Hi, I use an S3 bucket only to host pdf files for my members to download. I just received an email saying:

"We are reaching out because there are TLS 1.0 or TLS 1.1 connections to Amazon Simple Storage Service (Amazon S3) objects hosted in your account. As AWS is updating the TLS configuration for all AWS API endpoints to a minimum of version TLS 1.2 [1], you must take action as soon as possible for these connections to maintain their access to your S3 objects."

My first question is, if I do nothing does that mean that soon my members will get broken links when they click to download course materials?

My second question is do I need to hire someone to take care of this for me? All of the information I've read on this is way too technical for me to follow. I have no idea what I'm supposed to do. I did search for other questions relating to this but the answers were impossible for me to understand too.

Can anyone help with these questions? Thank you in advance for helping out a confused non-tech!

주제
스토리지보안, 신원 및 규정 준수AWS Well-Architected 프레임워크
태그
아마존 심플 스토리지 서비스보안, 신원 및 규정 준수스토리지보안
언어
English
jools209
질문됨 일 년 전718회 조회
1개 답변
2
수락된 답변

There are a few other posts on this topic, the most recent is about CloudFront but the discussion is still relevant: https://repost.aws/questions/QU0ADWK6e3TIKz8CFldhHQVw/what-are-tls-1-0-or-tls-1-1-connections-and-cloudfront#ANwPP-u7f5SI2lxTQlUBZeZQ

In this case, it entirely depends on how your users are connecting to the bucket. If you have made the objects public and the users are connecting with a web browser then there shouldn't be any issue - the browsers will happily negotiate the "better" protocol (TLS 1.2) and it'll all be invisible. The exception will be any users with an ancient web browser - of which (in the modern world) there will hopefully be none. For them: They need to update - and that's a good update to make because they'll be running insecure software anyway.

However, if your users are connecting using any other tools (such as the AWS command-line tool - but there are many others) then they do need to upgrade immediately. I'm pretty sure (given your description) that this is not how your users are connecting but just in case...

profile pictureAWS
전문가
Brettski-AWS
답변함 일 년 전
profile pictureAWS
전문가
Tushar_J
검토됨 일 년 전
profile picture
전문가
Hiroki Takahashi
검토됨 일 년 전
  • jools209
    일 년 전

    Thank you! This is exactly how my users are connecting so it's a huge relief to read this. Much, MUCH appreciated. This has been scrambling my brain. Thank you. :-)

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠