AWS Security ChangesHomeSearch

AWS AmazonRDS documentation change

Service: AmazonRDS · 2026-06-13 · Documentation medium

File: AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md

Summary

Added TLS 1.3 cipher support and updated TLS 1.2 cipher defaults

Security assessment

Introduces ssl_tls13_ciphers parameter for TLS 1.3 and updates ssl_ciphers defaults for TLS 1.2. This documents new encryption capabilities but doesn't indicate a security fix.

Diff

diff --git a/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md b/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md
index 09b2eb334..7acfccb75 100644
--- a//AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md
+++ b//AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Reference.ParameterGroups.md
@@ -429 +429,2 @@ ssl_cert_file | Location of the SSL server certificate file. | /rdsdbdata/rds-me
-ssl_ciphers | Sets the list of allowed TLS ciphers to be used on secure connections. | –   
+ssl_ciphers | Sets the list of ciphers allowed for secure connections using TLS 1.2. | TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  
+ssl_tls13_ciphers | Sets the list of ciphers allowed for secure connections using TLS 1.3. | TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384