Force TLS1.2 to secure connection to AWS S3 bucket

Hello team,

AWS is going to force all of the connections to S3 bucket use TLS1.2. All of the connections use older version will be blocked. I cannot find a place to explain what version of TLS Terraform is using. Or anyway we can configure this?

(We are using S3 bucket to store the state file of Terraform.)

Hi @xyfleet,

I saw you asked the same question in a GitHub issue:

I’ve written the start of an answer there but we’ll need to wait for the AWS provider team to confirm whether the S3 backend is following the default TLS client settings that I was answering about.

As long as the S3 backend is using the default TLS client settings when it makes its requests then it’s supported TLS 1.2 for several years already, and requires server support for TLS 1.2 since Terraform v1.1.