Force TLS1.2 to secure connection to AWS S3 bucket

xyfleet · August 28, 2023, 7:24pm

Hello team,

AWS is going to force all of the connections to S3 bucket use TLS1.2. All of the connections use older version will be blocked. I cannot find a place to explain what version of TLS Terraform is using. Or anyway we can configure this?

(We are using S3 bucket to store the state file of Terraform.)

apparentlymart · August 28, 2023, 10:19pm

Hi @xyfleet,

I saw you asked the same question in a GitHub issue:

github.com/hashicorp/terraform

Force TLS1.2 to build the connection between terraform and AWS s3 bucket

opened 07:17PM - 28 Aug 23 UTC

xyfleet

enhancement backend/s3 new

### Terraform Version ```shell Terraform v1.3.7 ``` ### Use Cases AWS is goi…ng to force to use TLS 1.2 for all of the connections to S3 bucket. We need to know if Terraform already to upgrade the connection to use TLS1.2. Or if we can configure Terraform to use TLS1.2. ### Attempted Solutions None ### Proposal _No response_ ### References _No response_

I’ve written the start of an answer there but we’ll need to wait for the AWS provider team to confirm whether the S3 backend is following the default TLS client settings that I was answering about.

As long as the S3 backend is using the default TLS client settings when it makes its requests then it’s supported TLS 1.2 for several years already, and requires server support for TLS 1.2 since Terraform v1.1.

Topic		Replies	Views
ALLOW TLS ought to be ALLOW HTTPS AWS	2	252	September 2, 2022
Does Terraform communicate with Azure API using TLS 1.2? Terraform	0	285	April 15, 2020
Upgrade Existing Azure Storage accounts to TLS1_2Azu Azure	0	108	January 18, 2024
How can I verify that the communication between client library and upstream APIs is taking place securely or not Terraform	9	288	February 6, 2023
S3 replication with encryption help Terraform	1	1364	March 16, 2021

Force TLS1.2 to secure connection to AWS S3 bucket

Related topics