AWS API Gateway should prevent use of TLS v1

0 votes

Refering to AWS Cloudfront Documentation, AWS API Gateway supports TLS v1.0, v1.1, v1.2.

But I want to limit the encryption protocols to TLS v1.1 and v1.2 for my Gateway API. Where do I configure this? I do not see any cloudfront distribution for my API. Gateway resource page does not have an option to specify the security protocol.

My API is running in production for last 2 years using a custom domain. Any idea how do I limit my API to TLS V1.1 and V1.2 protocols only in API Gateway?

Aug 1, 2018 in Cloud Computing by code_ninja
• 6,120 points
468 views

1 answer to this question.

0 votes
  • API ( application programming interface )- It is a key to get permission to access the code written by other person.
  • TLS(Transport layer Security)- is a protocol that provides privacy and data integrity between two communicating applications.
  • In case to make API to work with additional Cloud Front distribution, we need to follow these

  1. Go to AWS Console, under API Gateway click on  Custom Domain Name and delete the mapped entry
  2. Create a new cloudfront distribution with following settings-

Cloudfront settings

  1. Provide origin domain name as your Gate API endpoint https://abcdfefg.execute-api.us-east-1.amazonaws.com( provide your endpoint according to your account)
  2. Set viewer protocol policy to  HTTPS Only
  3. provide origin SSL protocols as TLSv1.2, TLSv1.1 (Uncheck TLSv1)
  4. then add a Alternate Domain Name(cName's) to refer to custom domain name
  5. and few other defaults after the above changes are completed, accessing the custom domain name on https will enforce the TLS security settings as defined in Cloud Front distribution
answered Aug 1, 2018 by ArchanaNagur
• 2,110 points

Related Questions In Cloud Computing

0 votes
1 answer

Can we Use Api keys with AWS API Gateway?

There is no getting away here. When ...READ MORE

answered Apr 18, 2018 in Cloud Computing by hemant
• 5,750 points
16 views
+3 votes
3 answers

Is it possible to delete a API in AWS API Gateway?

Yes, it is possible to delete an ...READ MORE

answered Mar 27, 2018 in Cloud Computing by brat_1
• 7,080 points
520 views
+4 votes
3 answers

AWS API Gateway with AWS WAF

Well that is not possible, Reason: API Gateway would ...READ MORE

answered Mar 27, 2018 in Cloud Computing by code_ninja
• 6,120 points
334 views
0 votes
1 answer

Where should I use Amazon Kinesis instead of SNS-SQS?

Your concern is very valid. These two ...READ MORE

answered Apr 17, 2018 in Cloud Computing by code_ninja
• 6,120 points
552 views
+1 vote
2 answers

AWS: API Gateway Encoding for multipart/form-data

API Gateway now supports binary payloads. Simply ...READ MORE

answered Aug 22, 2018 in Cloud Computing by Priyaj
• 56,160 points
1,153 views
0 votes
1 answer

AWS: User Keys API Gateway

For identification you can generate one API ...READ MORE

answered May 22, 2018 in Cloud Computing by code_ninja
• 6,120 points
17 views
0 votes
1 answer

What are some of the popular DevOps Tools we can use or we should learn?

If you ask me, I would say ...READ MORE

answered Jul 23, 2018 in Cloud Computing by hemant
• 5,750 points
15 views
0 votes
1 answer

AWS: What is an API Gateway in AWS?

Amazon API Gateway is a fully managed ...READ MORE

answered Jul 26, 2018 in Cloud Computing by Meci Matt
• 9,400 points
27 views
0 votes
1 answer

When to use Amazon Cloudfront or S3

Amazon S3 is simple storage service for internet ...READ MORE

answered Jul 31, 2018 in Cloud Computing by ArchanaNagur
• 2,110 points
49 views
0 votes
1 answer

AWS trusted adviser vs Inspector

AWS is a web service by Amazon ...READ MORE

answered Aug 2, 2018 in Cloud Computing by ArchanaNagur
• 2,110 points
204 views