AWS AmazonRDS documentation change
Summary
Added TLS 1.3 cipher support and updated TLS 1.2 cipher defaults
Security assessment
Introduces ssl_tls13_ciphers parameter for TLS 1.3 and updates ssl_ciphers defaults for TLS 1.2. This documents new encryption capabilities but doesn't indicate a security fix.
Diff
diff --git a/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md b/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md index 09b2eb334..7acfccb75 100644 --- a//AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md +++ b//AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md @@ -429 +429,2 @@ ssl_cert_file | Location of the SSL server certificate file. | /rdsdbdata/rds-me -ssl_ciphers | Sets the list of allowed TLS ciphers to be used on secure connections. | – +ssl_ciphers | Sets the list of ciphers allowed for secure connections using TLS 1.2. | TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 +ssl_tls13_ciphers | Sets the list of ciphers allowed for secure connections using TLS 1.3. | TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384