AWS Site-to-Site VPN extends AWS Secrets Manager integration in additional AWS Regions

AWS Site-to-Site VPN is extending three new capabilities, including AWS Secrets Manager integration, for enhanced security and ease of configuration in AWS GovCloud (US) Regions and AWS Europe (Milan) Region.

• AWS Secrets Manager Integration: With the AWS Secrets Manager integration, when customers store their pre-shared keys (PSKs) in Secrets Manager, VPN connection API responses will redact the PSK and instead display the Secrets Manager ARN (Amazon Resource Name), providing enhanced security.
• New API to track VPN algorithms: You can now easily track the currently negotiated internet key exchange (IKE) version, Diffie-Hellman (DH) groups, encryption algorithms, and integrity algorithms using the “GetActiveVpnTunnelStatus” API. This new API eliminates the need for you to enable Site-to-Site VPN logs to get this information, saving time and reducing operational overhead.
• Recommended Configuration: “GetVpnConnectionDeviceSampleConfiguration” API now includes “recommended” parameter to help you use the best-practices security configuration – IKE version 2, DH group 20, SHA-384 integrity algorithm, and AES-GCM-256 encryption algorithm – on your customer gateway devices, reducing configuration time and potential errors.

There is no additional charge for using these capabilities. To learn more and get started, visit the AWS Site-to-Site VPN documentation.

Source Link: https://educronix.com/aws-site-to-site-vpn-extends-aws-secrets-manager-integration-in-additional-aws-regions/

Author: -

Published on: July 2, 2025 5:00 pm

This post was originally published on this site