Amazon API Gateway now supports additional TLS security policies for REST APIs
Amazon API Gateway now supports enhanced TLS security policies on API endpoints and custom domain names, providing you with greater control over the security posture of your APIs. These new policies help you meet evolving security requirements, comply with stricter regulations, and enhance encryption for your API connections.
When configuring REST APIs and custom domain names, you can now select from an extended list of security policies, including options that require TLS 1.3 only, implement Perfect Forward Secrecy, comply with Federal Information Processing Standard (FIPS), or leverage Post Quantum Cryptography. These policies help meet evolving security requirements and stricter regulations while simplifying API security management. The enhanced policies also support endpoint access control for additional governance.
Enhanced TLS security policies are available in Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by NWCD.
To get started, visit Amazon API Gateway documentation.