2 Answers
- Newest
- Most votes
- Most comments
2
I think you are mixing things here. What it's being updated is the AWS APIs (what we usually call the control plane). So, if you want to interact with AWS via API your client (i.e. SDK or AWS cli) will need to "speak" TLS 1.2 or higher, no AWS API will support TLS 1.x. So, this has nothing to do with the listener of an ELB for your application, which our suggestion is not to use anything lower than TLS 1.2 but that's your decision.
Hope this clarifies your question.
Best,
answered 8 months ago
0
Yes it is but there is a way to avoid it.
The below knowledge[1] will be help.
[1] How do I allow access to my Amazon S3 buckets to customers who do not use TLS 1.2 or higher? https://repost.aws/knowledge-center/s3-access-old-tls
Relevant content
- Accepted Answerasked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 12 days ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
Sorry, after reading the article, I am even more confused. It seems the suggested solution in the article is to access S3 through a CDN (CloudFront) to address the TLS version issue. My question is, why is CloudFront still able to support TLS 1.0/1.1? According to this notification: https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/, isn't it supposed to no longer support them, just like S3? And, can Elastic Load Balancing (ELB) still support TLS 1.0/1.1?