AWS Security ChangesHomeSearch

AWS neptune medium security documentation change

Service: neptune · 2025-04-11 · Security-related medium

File: neptune/latest/userguide/security-ssl.md

Summary

Updated TLS cipher suite list, replacing RSA-based ciphers with ECDSA variants and reordering encryption strengths

Security assessment

Changed cryptographic standards by replacing RSA ciphers with ECDSA variants, indicating a security-focused update to stronger/more modern encryption protocols

Diff

diff --git a/neptune/latest/userguide/security-ssl.md b/neptune/latest/userguide/security-ssl.md
index 9a291238b..725b9eb80 100644
--- a//neptune/latest/userguide/security-ssl.md
+++ b//neptune/latest/userguide/security-ssl.md
@@ -11 +11 @@ Neptune requires at least TLS version 1.2, using the following strong cipher sui
-  * `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`
+  * `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256`
@@ -13 +13 @@ Neptune requires at least TLS version 1.2, using the following strong cipher sui
-  * `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
+  * `TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384`
@@ -15 +15 @@ Neptune requires at least TLS version 1.2, using the following strong cipher sui
-  * `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384`
+  * `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
@@ -17 +17 @@ Neptune requires at least TLS version 1.2, using the following strong cipher sui
-  * `TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256`
+  * `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384`