Implications of TLS 1.2 as Minimum Protocol for AWS API Endpoints: Does it impact on ELB and S3 etc.

Question

I recently came across a notification stating, "TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints." This change prompts the question: does it affect all services on AWS? Specifically, does this mean that I can no longer integrate my applications, which are still using TLS 1.0/1.1, with Elastic Load Balancing (ELB) or S3?

**Source:** https://aws.amazon.com/cn/blogs/security/tls-1-2-required-for-aws-endpoints/

> February 27, 2024: AWS has completed our global updates to deprecate support for TLS 1.0 and TLS 1.1 versions on our AWS service API endpoints across each of our AWS Regions and Availability Zones.

Does anyone please clarify whether this change will impact all services on AWS? Additionally, does this mean that my applications still using TLS 1.0/1.1 will no longer be able to connect to Elastic Load Balancing (ELB) or S3 or any other service on AWS?

Thank you.

Answer

I think you are mixing things here. What it's being updated is the AWS APIs (what we usually call the control plane). So, if you want to interact with AWS via API your client (i.e. SDK or AWS cli) will need to "speak" TLS 1.2 or higher, no AWS API will support TLS 1.x. So, this has nothing to do with the listener of an ELB for your application, which our suggestion is not to use anything lower than TLS 1.2 but that's your decision.

Hope this clarifies your question.

Best,

Hope this clarifies your question.

Best,

Answer

Yes it is but there is a way to avoid it.  
The below knowledge[1] will be help.

[1] How do I allow access to my Amazon S3 buckets to customers who do not use TLS 1.2 or higher?
https://repost.aws/knowledge-center/s3-access-old-tls

Implications of TLS 1.2 as Minimum Protocol for AWS API Endpoints: Does it impact on ELB and S3 etc.

相关内容