AWS is updating the TLS configuration

Question

Hi,,
In June I received an email from Amazon.
Attached is the first paragraph:
We are reaching out because there are TLS 1.0 or TLS 1.1 connections to Amazon Simple Storage Service (Amazon S3) objects hosted in your account. As AWS is updating the TLS configuration for all AWS API endpoints to a minimum of version TLS 1.2 [1], you must take action as soon as possible for these connections to maintain their access to your S3 objects.

After Amazon's updating  most of the operations on the website do not function.

Is there an expert who will make the change for me that Amazon requested in order for the site to function again?
Thanks,
Ori

Answer

Hi, You will need to perform the update by yourself, If you are using an AWS Software Developer Kit (AWS SDK) or the AWS Command Line Interface (AWS CLI), follow the detailed guidance about how to examine your client software code and properly configure the TLS version used in the blog post TLS 1.2 to become the minimum for FIPS endpoints. There is also information provided on identifying and updating the TLS version in your client in our AWS re:Inforce 2022 presentation Uplifting AWS service API data protection to TLS 1.2+ (DPP202).
You can take a look here - https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/

Answer

Ensure the resources accessing your website are able to support a TLS version of 1.2 or above.

Also review your bucket policy to ensure its not limiting access to ONLY < 1.2 etc

AWS is updating the TLS configuration

Relevant content