AWS API Gateway should prevent use of TLS v1

0 votes

Refering to AWS Cloudfront Documentation, AWS API Gateway supports TLS v1.0, v1.1, v1.2.

But I want to limit the encryption protocols to TLS v1.1 and v1.2 for my Gateway API. Where do I configure this? I do not see any cloudfront distribution for my API. Gateway resource page does not have an option to specify the security protocol.

My API is running in production for last 2 years using a custom domain. Any idea how do I limit my API to TLS V1.1 and V1.2 protocols only in API Gateway?

Aug 1, 2018 in Cloud Computing by code_ninja
• 6,300 points
2,279 views

1 answer to this question.

0 votes
  • API ( application programming interface )- It is a key to get permission to access the code written by other person.
  • TLS(Transport layer Security)- is a protocol that provides privacy and data integrity between two communicating applications.
  • In case to make API to work with additional Cloud Front distribution, we need to follow these

  1. Go to AWS Console, under API Gateway click on  Custom Domain Name and delete the mapped entry
  2. Create a new cloudfront distribution with following settings-

Cloudfront settings

  1. Provide origin domain name as your Gate API endpoint https://abcdfefg.execute-api.us-east-1.amazonaws.com( provide your endpoint according to your account)
  2. Set viewer protocol policy to  HTTPS Only
  3. provide origin SSL protocols as TLSv1.2, TLSv1.1 (Uncheck TLSv1)
  4. then add a Alternate Domain Name(cName's) to refer to custom domain name
  5. and few other defaults after the above changes are completed, accessing the custom domain name on https will enforce the TLS security settings as defined in Cloud Front distribution
answered Aug 1, 2018 by ArchanaNagur
• 2,360 points

Related Questions In Cloud Computing

0 votes
1 answer

Can we Use Api keys with AWS API Gateway?

There is no getting away here. When ...READ MORE

answered Apr 18, 2018 in Cloud Computing by hemant
• 5,790 points
553 views
+3 votes
3 answers

Is it possible to delete a API in AWS API Gateway?

Yes, it is possible to delete an ...READ MORE

answered Mar 27, 2018 in Cloud Computing by brat_1
• 7,200 points
4,815 views
+4 votes
3 answers

AWS API Gateway with AWS WAF

Well that is not possible, Reason: API Gateway would ...READ MORE

answered Mar 27, 2018 in Cloud Computing by code_ninja
• 6,300 points
1,896 views
0 votes
1 answer

Where should I use Amazon Kinesis instead of SNS-SQS?

Your concern is very valid. These two ...READ MORE

answered Apr 17, 2018 in Cloud Computing by code_ninja
• 6,300 points
2,206 views
+1 vote
2 answers

AWS: API Gateway Encoding for multipart/form-data

API Gateway now supports binary payloads. Simply ...READ MORE

answered Aug 22, 2018 in Cloud Computing by Priyaj
• 58,020 points
6,558 views
0 votes
1 answer

AWS: User Keys API Gateway

For identification you can generate one API ...READ MORE

answered May 22, 2018 in Cloud Computing by code_ninja
• 6,300 points
692 views
0 votes
1 answer

What are some of the popular DevOps Tools we can use or we should learn?

If you ask me, I would say ...READ MORE

answered Jul 23, 2018 in Cloud Computing by hemant
• 5,790 points
778 views
0 votes
1 answer

AWS: What is an API Gateway in AWS?

Amazon API Gateway is a fully managed ...READ MORE

answered Jul 26, 2018 in Cloud Computing by Meci Matt
• 9,460 points
1,358 views
0 votes
1 answer

When to use Amazon Cloudfront or S3

Amazon S3 is simple storage service for internet ...READ MORE

answered Aug 1, 2018 in Cloud Computing by ArchanaNagur
• 2,360 points
732 views
0 votes
1 answer

AWS trusted adviser vs Inspector

AWS is a web service by Amazon ...READ MORE

answered Aug 3, 2018 in Cloud Computing by ArchanaNagur
• 2,360 points
1,324 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP