AWS Security Blog

Faster AWS cloud connections with TLS 1.3

June 10, 2024: This blog post is updated to announce that TLS 1.3 is available on our AWS service API endpoints across each of our AWS Regions.

January 12, 2024: Over 80% of AWS service API endpoints now support TLS 1.3, along with TLS 1.2. The remaining services are in progress on adding TLS 1.3 globally across AWS Regions and Availability Zones. We will update this post again when these deployments complete.

September 13, 2023: Over 65% of AWS service API endpoints now support TLS version 1.3. We are continuing work to enable TLS version 1.3 on AWS service API endpoints globally.


At Amazon Web Services (AWS), we strive to continuously improve customer experience by delivering a cloud computing environment that supports the most modern security technologies. To improve the overall performance of your connections, we have already started to enable TLS version 1.3 globally across our AWS service API endpoints, and will complete this process by December 31, 2023. By using TLS 1.3, you can decrease your connection time by removing one network round trip for every connection request, and can benefit from some of the most modern and secure cryptographic cipher suites available today.

If you are using current software tools (2014 or later) including our AWS SDKs or AWS Command Line Interface (AWS CLI), you will automatically receive the benefits of TLS 1.3 with no action required on your part. This is because AWS services will negotiate the highest TLS protocol version that your client software supports. If you want to continue using TLS 1.2, you will still have full control through your client configurations. AWS will retain support for TLS 1.2, in addition to TLS 1.3, into the foreseeable future. Meanwhile, here’s the latest information on the on-going deprecation of TLS 1.0/1.1.

If you have any questions, start a new thread on AWS re:Post, or contact AWS Support or your technical account manager. If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Kate Rodgers

Kate Rodgers

Kate is a Senior Technical Program Manager in AWS Security with over 10 years of experience in industry as an engineer and program manager. Today she works with AWS services, infrastructure, and administrative teams to drive innovative solutions that improve the AWS security posture.

James McDuffie

James McDuffie

James is a Senior Technical Account Manager. He has over 20 years of experience in software development, with previous roles in Software and Hardware Security Architecture in Industrial IoT. He is an active member of the AWS Security community, and he works closely with our customers to help them solve complex security challenges at scale.

Author

Janelle Hopper

Janelle is a Principal Technical Program Manager in AWS Security with over 25 years of experience in the IT security field. She works with AWS services, infrastructure, and administrative teams to identify and drive innovative solutions that improve the AWS security posture.

Scott Malkie

Scott Malkie

Scott is a Senior Technical Program Manager on the Compliance Remediation team in AWS Security, with over 20 years of experience in information systems and security. He specializes in driving large-scale, cross-functional programs that enhance the security, performance, and reliability of AWS.