Posted On: Jan 4, 2024

Amazon OpenSearch Service adds support for Transport Layer Security (TLS) version 1.3 amongst its transport security options for domain endpoint security. TLS 1.3 offers customers enhanced security and performance as compared to older TLS versions. In addition, we now support perfect forward secrecy, which provides additional safeguards against eavesdropping of encrypted data, through the use of a unique random session key.

Amazon OpenSearch Service is protected by the AWS global network security procedures, and offers domain endpoint security by providing predefined TLS policies that will help customers encrypt their traffic end-to-end by enforcing HTTPS. With this launch, we recommend that customers start using TLS 1.3 for improved security posture. For more information about TLS options, please see the documentation.

To learn more about Amazon OpenSearch Service, please visit the product page.

Support for TLS 1.3 is now available in all regions where Amazon OpenSearch Service is supported. Please refer to the AWS Region Table for more information about Amazon OpenSearch Service availability.