- 最新
- 投票最多
- 评论最多
If this question is related to the AWS SDK for .NET, there is also additional information in the developer guide: https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/enforcing-tls.html
Please check the following official AWS blog first. [1]
[1] TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints | AWS Security Blog
https://aws.amazon.com/jp/blogs/security/tls-1-2-required-for-aws-endpoints/
The blog explains that the following actions should be taken
・Use CloudTrail to identify clients using TLS 1.0 or 1.1.
・Apply the minimum version of TLS by checking the documentation of the SDKs and other documents in the following blogs [2].
[2] TLS 1.2 to become the minimum for all AWS FIPS endpoints | AWS Security Blog
https://aws.amazon.com/jp/blogs/security/tls-1-2-to-become-the-minimum-for-all-aws-fips-endpoints/
We do not know which SDKs are used in your environment, so please check the documentation of each SDK according to your environment.
We hope this will be helpful.
how can i update SDK for android? there is not info abou SDK for android
you need to rebuild the android app using the latest version of the SDK. ie update the gradle depedency if you are using gradle
When you use AWS resources from SDK, JDK or command line interface (CLI) you make calls to API from AWS, to make this calls a secure protocol is used (TLS), the TLS version is related to the version of the SDK/JDK/CLI used. If you received the notification it means that some software is accesing your account with a rather old version and the action to be taken is to update SDK/JDK/CLI from that software in order to upgrade TLS version to 1.2. This software can be something you developed by you organization, a third partie developed software or a SaaS you use that integrates with AWS, i.e. backup solutions, SIEM ingesting your logs.
In this related blog post you find guidance for two actions you can take:
a. Understand what resources are afected, that info you can look at the Personal Health Dashboard for our account (login to your account and then look for Persoal Health Dashboard.
b. Find what calls are using TLS older than 1.2 using CloudTrail logs, this logs will provide with some information like credentials beings used, IP and library used. That usually is a clue to find what program is involved in the calls to API.
I might also add to check IAM Access Analyzer to find out access from other accounts or federated users accesing your account and reviewing the credential report as it is likely and old SDK/JDK/CLI use might be related to a user that has not rotated passwords or access keys.
Update: If notice is related to Cloudfront accesing S3 Origin, you can check this documentation and select TLS 1.2 for origin access protocol.
Hope this answers clarifies path for action.
相关内容
- AWS 官方已更新 10 个月前
- AWS 官方已更新 7 个月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 10 个月前
how can update SDK for android? there is not info about SDK for android