AWS Security Blog

Tag: Transport Layer Security

Faster AWS cloud connections with TLS 1.3

Faster AWS cloud connections with TLS 1.3

September 13, 2023: Over 65% of AWS service API endpoints now support TLS version 1.3. We are continuing work to enable TLS version 1.3 on AWS service API endpoints globally. At Amazon Web Services (AWS), we strive to continuously improve customer experience by delivering a cloud computing environment that supports the most modern security technologies. […]

How to tune TLS for hybrid post-quantum cryptography with Kyber

January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated to only support Kyber. BIKE or other KEMs may still be added as the standardization proceeds. August 3, 2022: This post has been updated to include […]

TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints

June 1, 2023: This blog post has been updated to add a timeline to clarify the key dates. To avoid a disruption to your AWS workloads, you must update all of your TLS 1.0/ 1.1 software clients no later than 06/28/23. May 23, 2023: This post was revised to indicate that we are continuing to […]

How to confirm your automated Amazon EBS snapshots are still created after the TLS 1.2 uplift on AWS FIPS endpoints

We are happy to announce that all AWS Federal Information Processing Standard (FIPS) endpoints have been updated to only accept a minimum of Transport Layer Security (TLS) 1.2 connections. This ensures that our customers who run regulated workloads can meet FedRAMP compliance requirements that mandate a minimum of TLS 1.2 encryption for data in transit. Attempts […]

TLS 1.2 will be required for all AWS FIPS endpoints beginning March 31, 2021

November 10, 2022: This project was successfully completed in March 2021. TLS 1.2 is now the minimum version supported for all connections to AWS FIPS service endpoints. Note we will be implementing the same policy for non-FIPS endpoints by June 2023. If you also use these endpoints see https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/ for details. To help you meet […]

Over 70 services require TLS 1.2 minimum for AWS FIPS endpoints

March 18, 2021: This post was originally published in February 2021. Since then, the number of services that require a TLS minimum of 1.2 has grown from over 40 to over 70. We’ve updated this post accordingly. In a March 2020 blog post, we told you about work Amazon Web Services (AWS) was undertaking to […]