Posted On: Feb 3, 2023
Amazon Relational Database Service (Amazon RDS) for Oracle now supports additional cipher suites that can be used with the Oracle Enterprise Manager (OEM) Agent and Oracle Secure Socket Layer (SSL) options. Customers can make use of these new cipher suites, as they provide stronger security for the RDS for Oracle database instance(s) connections, thereby strengthening the security posture of their infrastructure.
Starting today, RDS for Oracle will support 4 new cipher suites for the OEM Agent option and 6 new cipher suites for the SSL option. These new suites include various combinations of AES and RSA encryption with different key lengths and SHA algorithms.
For the OEM Agent option, RDS for Oracle will support the following 4 new cipher suites: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA. To learn more about modifying the OEM Agent, read Modifying OEM Agent Database settings documentation.
For the SSL option, RDS for Oracle will support the following 6 new cipher suites: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, and TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA. To learn more about adding the SSL option, read Adding SSL option documentation.
To learn more about modifying an existing option group, read Modifying an Option setting documentation.
For more information about the AWS Regions where Amazon Relational Database Service (Amazon RDS) for Oracle is available, see the AWS Region table. See the Amazon RDS for Oracle Database Pricing page for complete regional availability information.