AWS Security ChangesHomeSearch

AWS AmazonS3 medium security documentation change

Service: AmazonS3 · 2025-11-22 · Security-related medium

File: AmazonS3/latest/userguide/network-isolation.md

Summary

Added recommendation for hybrid post-quantum key exchange with TLS 1.3 and linked to AWS post-quantum cryptography resources

Security assessment

Proactively documents quantum-resistant encryption methods to mitigate future cryptographic vulnerabilities. Links to AWS security resources about post-quantum cryptography demonstrate a security-focused update.

Diff

diff --git a/AmazonS3/latest/userguide/network-isolation.md b/AmazonS3/latest/userguide/network-isolation.md
index 5c170ecc8..108fe1b94 100644
--- a//AmazonS3/latest/userguide/network-isolation.md
+++ b//AmazonS3/latest/userguide/network-isolation.md
@@ -9 +9 @@ As a managed service, Amazon S3 is protected by the AWS global network security
-Access to Amazon S3 via the network is through AWS published APIs. Clients must support Transport Layer Security (TLS) 1.2. We recommend also supporting TLS 1.3. (For more information about this recommendation, see [Faster AWS cloud connections with TLS 1.3](https://aws.amazon.com/blogs/security/faster-aws-cloud-connections-with-tls-1-3/) on the _AWS Security Blog_.)
+Access to Amazon S3 via the network is through AWS published APIs. Clients must support Transport Layer Security (TLS) 1.2. We recommend also supporting TLS 1.3 and hybrid post-quantum key exchange. To learn about post-quantum cryptography at AWS, including links to blog posts and research papers, see [Post-Quantum Cryptography for AWS](https://aws.amazon.com/security/post-quantum-cryptography/).