Services that support TLS details in CloudTrail - Amazon CloudTrail
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Services that support TLS details in CloudTrail

Starting on June 28, 2023, Amazon requires the Transport Layer Security (TLS) configuration for all Amazon service API endpoints to have a minimum version of TLS 1.2. For more information, see the blog post, TLS 1.2 to become the minimum TLS protocol level for all Amazon API endpoints. The tlsDetails structure in each CloudTrail record contains the TLS version, cipher suite, and the client-provided host name used in the service API call, which is typically the fully qualified domain name (FQDN) of the service endpoint. You can then use the data in the records to help you pinpoint your client software that is using an older TLS version, and update it accordingly. Nearly half of Amazon services currently provide the TLS information in the CloudTrail tlsDetails field. The following table shows Amazon services that display TLS information in CloudTrail records.


The tlsDetails field is optional. There are some cases when the tlsDetails field is not present in an event record.

Services that support TLS details
Alexa for Business
Amazon Activate
Amazon AppConfig
Amazon App Mesh
Amazon App Runner
Amazon AppStream 2.0
Amazon Auto Scaling
Amazon Backup
Amazon Backup Gateway
Amazon Billing
Amazon Certificate Manager
Amazon Cloud9
Amazon Cloud Directory
Amazon CloudFormation
Amazon CloudFront
Amazon Cloud Map
Amazon CloudSearch
Amazon CloudTrail
Amazon CloudWatch
Amazon CloudWatch Application Insights
Amazon CloudWatch Events
Amazon CloudWatch Logs
Amazon CodeArtifact
Amazon CodeBuild
Amazon CodeCommit
Amazon CodeDeploy
Amazon CodePipeline
AWS CodeStar
AWS CodeStar Connections
Amazon Comprehend
Amazon Comprehend Medical
Amazon Compute Optimizer
Amazon Connect Voice ID
Amazon Control Tower
Amazon Cost and Usage Report
Amazon Cost Explorer
Amazon Database Migration Service (DMS)
Amazon Data Pipeline
Amazon DataSync
Amazon DeepRacer
Amazon Device Farm
Amazon Diode
Amazon Direct Connect
Amazon Directory Service
Amazon DynamoDB
Amazon DynamoDB Accelerator (DAX)
Amazon Elastic Block Store (EBS)
Amazon Elastic Compute Cloud (EC2)
Amazon EC2 Instance Connect
Amazon Elastic Container Registry (ECR)
Amazon Elastic Container Registry (ECR) Public
Amazon Elastic Container Service (ECS)
Amazon ElastiCache
Amazon Elastic File System (EFS)
Amazon Elastic Transcoder
Amazon Elastic Load Balancing (ELB)
Amazon Elastic Load Balancing (ELBV2)
AWS Elemental MediaStore
Amazon EMR
Amazon EventBridge
Amazon Firewall Manager
Amazon Forecast
Amazon Fraud Detector
Amazon FSx
Amazon GameLift
Amazon Global Accelerator
Amazon Glue (Lake Formation)
Amazon HealthLake
Amazon Identity and Access Management (IAM)
Amazon Identity Store
Amazon Inspector
Amazon IoT Analytics
Amazon IoT Core
Amazon IoT Events
Amazon IoT Secure Tunneling
Amazon IoT SiteWise
Amazon IoT Wireless
Amazon Kendra
Amazon Key Management Service (KMS)
Amazon Kinesis
Amazon Managed Service for Apache Flink
Amazon Data Firehose
Amazon Kinesis Data Streams
Amazon Kinesis Video Streams
Amazon Lambda
Amazon License Manager
Amazon Lightsail
Amazon Lookout for Equipment
Amazon Machine Learning
Amazon Managed Service for Prometheus
Amazon Managed Services
Amazon Marketplace Commerce Analytics
Amazon Web Services Marketplace Discovery
Amazon Marketplace Entitlement Service
Amazon Marketplace Metering Service
Amazon Mechanical Turk
Amazon MemoryDB for Redis
Amazon Migration Hub
Amazon Network Firewall
Amazon OpenSearch Service
Amazon OpsWorks CM
Amazon Organizations
Amazon Polly
Amazon Price List
Amazon Private Certificate Authority
Amazon Proton
Amazon QuickSight
Amazon Redshift
Amazon Rekognition
Amazon Relational Database Service (RDS)
Amazon Relational Database Service (RDS) Data API
Amazon Resource Groups Tagging
Amazon Route 53
Amazon Route 53 Domains
Amazon Route 53 Resolver
Amazon SageMaker
Amazon SageMaker-Edge
Amazon Secrets Manager
Amazon Security Token Service (STS)
Amazon Service Catalog
Amazon Service Quotas
Amazon Shield
Amazon SimpleDB
Amazon Simple Email Service (SES)
Amazon Simple Notification Service (SNS)
Amazon Simple Queue Service (SQS)
Amazon Simple Storage Service (S3)
Amazon S3 Glacier
Amazon Simple Workflow Service (SWF)
Amazon Snowball
Amazon Step Functions
Amazon Storage Gateway
Amazon Web Services Support
Amazon Systems Manager
Amazon Textract
Amazon Timestream
Amazon Transcribe Streaming Service
Amazon Transfer Family
Amazon Translate
Amazon Trusted Advisor
Amazon WAF
Amazon WorkDocs
Amazon WorkMail
Amazon WorkMail Message Flow
Amazon WorkSpaces
Amazon X-Ray