AWS Security ChangesHomeSearch

AWS AmazonRDS high security documentation change

Service: AmazonRDS · 2025-08-28 · Security-related high

File: AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MariaDB.Major.md

Summary

Added upgrade note about MariaDB 11.8's require_secure_transport default change

Security assessment

Explicitly documents a security-relevant configuration change where SSL/TLS becomes mandatory by default in MariaDB 11.8, requiring attention during upgrades to maintain connectivity security.

Diff

diff --git a/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MariaDB.Major.md b/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MariaDB.Major.md
index 02c3c0621..b133b1f22 100644
--- a//AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MariaDB.Major.md
+++ b//AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.MariaDB.Major.md
@@ -8,0 +9,4 @@ Major version upgrades can contain database changes that are not backward-compat
+###### Note
+
+In MariaDB 11.8, the default value for `require_secure_transport` is now `1`, requiring secure SSL/TLS connections. Set to `0` if non-secure connections are needed.
+
@@ -10,0 +15,2 @@ Amazon RDS supports the following in-place upgrades for major versions of the Ma
+  * Any MariaDB version to MariaDB 11.8
+