Can we disable the older versions of TLS when using API Gateway?

Question

Hey, I am planning on deploying my on premise application and I am exploring options for it and came across AWS API gateway but there is a requirement that my API should be running on TLS 1.2 or higher and the lower versions should be disabled so do we have an option to disable the older versions of TLS for the apis(default REST apis) created by API Gateway without using custom domains.

Answer

You can only choose a minimum TLS version for a custom domain in API Gateway. **BUT** for regional, private, and WebSocket API endpoints in API Gateway, only TLS 1.2 is supported, older versions are not supported. So, no action required from you.

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html#apigateway-custom-domain-tls-version-regional-and-websocket

Can we disable the older versions of TLS when using API Gateway?

相关内容