AWS Security ChangesHomeSearch

AWS AmazonRDS medium security documentation change

Service: AmazonRDS · 2026-04-28 · Security-related medium

File: AmazonRDS/latest/UserGuide/rds-proxy.md

Summary

Added link to best practices documentation and documented limitations regarding SSL negotiation mode and PostgreSQL protocol version support

Security assessment

Similar to the Aurora counterpart, this documents the lack of direct SSL negotiation support (a security-related feature) for PostgreSQL in RDS Proxy. While important for security configurations, this is a documented limitation rather than a vulnerability fix.

Diff

diff --git a/AmazonRDS/latest/UserGuide/rds-proxy.md b/AmazonRDS/latest/UserGuide/rds-proxy.md
index ffd14a4bb..86ab50aa9 100644
--- a//AmazonRDS/latest/UserGuide/rds-proxy.md
+++ b//AmazonRDS/latest/UserGuide/rds-proxy.md
@@ -50,0 +51,2 @@ RDS Proxy is fully compatible with the engine versions that it supports. You can
+  * [Best practices with RDS Proxy](./rds-proxy-best-practices.html)
+
@@ -220,0 +223,4 @@ The following additional limitations apply to RDS Proxy with RDS for PostgreSQL
+  * RDS Proxy doesn't support direct SSL negotiation mode.
+
+  * RDS Proxy only supports version 3.0 of the PostgreSQL messaging protocol.
+