AWS Site-to-Site VPN introduces three new capabilities for enhanced security
News
AWS Site-to-Site VPN has introduced three new security and configuration capabilities for its VPN service:
- AWS Secrets Manager integration to securely store pre-shared keys (PSKs), with API responses now redacting PSK details
- New "GetActiveVpnTunnelStatus" API to track VPN connection parameters like IKE version, Diffie-Hellman groups, and encryption algorithms without enabling logs
- "GetVpnConnectionDeviceSampleConfiguration" API now includes a "recommended" parameter with best-practices security configuration
These capabilities are available in most AWS commercial Regions at no additional cost, helping customers improve VPN security and reduce configuration complexity.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jul 8
2025
2025
AWS Site-to-Site VPN now supports IPv6 addresses on outer tunnel IPs
May 6
2026
2026
AWS Site-to-Site VPN now supports modifying tunnel bandwidth on existing VPN connections
Sep 24
2025
2025
AWS Site-to-Site VPN now supports IPv6 on the outside IPs
Nov 12
2025
2025
AWS Site-to-Site VPN announces 5 Gbps bandwidth tunnels
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.