Amazon CloudFront Update: Added new viewer security policy, TLSv1.2_2025, for CloudFront.

AWS · AWS · commit 52d77318d82c · 2025-10-10T18:50:50.000Z
diff --git a/.changes/next-release/feature-AmazonCloudFront-89c127f.json b/.changes/next-release/feature-AmazonCloudFront-89c127f.json
@@ -0,0 +1,6 @@
+{
+    "type": "feature",
+    "category": "Amazon CloudFront",
+    "contributor": "",
+    "description": "Added new viewer security policy, TLSv1.2_2025, for CloudFront."
+}
diff --git a/services/cloudfront/src/main/resources/codegen-resources/service-2.json b/services/cloudfront/src/main/resources/codegen-resources/service-2.json
@@ -10521,7 +10521,8 @@
         "TLSv1.2_2018",
         "TLSv1.2_2019",
         "TLSv1.2_2021",
-        "TLSv1.3_2025"
+        "TLSv1.3_2025",
+        "TLSv1.2_2025"
       ]
     },
     "MissingBody":{
@@ -11563,7 +11564,7 @@
           "documentation":"<p>Configuration information about a public key that you can use with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">signed URLs and signed cookies</a>, or with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html\">field-level encryption</a>.</p>"
         }
       },
-      "documentation":"<p>A public key that you can use with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">signed URLs and signed cookies</a>, or with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html\">field-level encryption</a>.</p>"
+      "documentation":"<p>A public key that you can use with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">signed URLs and signed cookies</a>, or with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html\">field-level encryption</a>.</p> <p>CloudFront supports signed URLs and signed cookies with RSA 2048 or ECDSA 256 key signatures. Field-level encryption is only compatible with RSA 2048 key signatures.</p>"
     },
     "PublicKeyAlreadyExists":{
       "type":"structure",
@@ -11602,7 +11603,7 @@
           "documentation":"<p>A comment to describe the public key. The comment cannot be longer than 128 characters.</p>"
         }
       },
-      "documentation":"<p>Configuration information about a public key that you can use with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">signed URLs and signed cookies</a>, or with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html\">field-level encryption</a>.</p>"
+      "documentation":"<p>Configuration information about a public key that you can use with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html\">signed URLs and signed cookies</a>, or with <a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html\">field-level encryption</a>.</p> <p>CloudFront supports signed URLs and signed cookies with RSA 2048 or ECDSA 256 key signatures. Field-level encryption is only compatible with RSA 2048 key signatures.</p>"
     },
     "PublicKeyIdList":{
       "type":"list",
