Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Amazon CloudFront announces deprecation of older API versions #4

Open
mdeimel opened this issue Apr 23, 2019 · 1 comment
Open

Amazon CloudFront announces deprecation of older API versions #4

mdeimel opened this issue Apr 23, 2019 · 1 comment
Assignees

Comments

@mdeimel
Copy link

@mdeimel mdeimel commented Apr 23, 2019

Creating an issue here based on James Murty's recommendation from this post.

Given the recent announcement from Amazon that older CloudFront API versions will be deprecated, are there any plans to update JetS3t?

All CloudFront API releases from 2015 and prior will be supported until April 30, 2020. (This date was given in a followup announcement).

Based on the code and the release notes, it looks like the latest API version used is "2012-05-05".

It seems that without updating the API version, it would effectively end JetS3t's capabilities of contacting CloudFront.

Any information on the future of JetS3t would be appreciated. Whatever happens, thanks for your work on the project, it has provided several years of useful integration for us.

@mondain mondain self-assigned this Apr 23, 2019
@mondain

This comment has been minimized.

Copy link
Owner

@mondain mondain commented Apr 23, 2019

I am aware of the updates, I've got an email from Amazon:

We recently sent a followup notification to an April 9, 2019 forum announcement[1] notifying customers of an upcoming deprecation of specific versions (2015 or older) of the CloudFront APIs. Since this announcement we've received feedback from customers and we'd like to provide an update.

We want to reassure customers that the planned deprecation does not reduce functionality in any way and no CloudFront features are being disabled.

Recently, CloudFront has made improvements to CNAME validation[2] and to the minimum versions of TLS/SSL that are enabled by default. TLS/SSL Certificates have now been widely available for free, from Amazon Certificate Manager, LetsEncrypt, and others, for several years. Requiring that every customer using CloudFront with a custom domain to present a valid certificate proving domain ownership improves security for our customers because only legitimate domain owners can use those domains with CloudFront. Customers have also told us that they would prefer if new CloudFront distributions do not support the older, legacy versions of TLS/SSL. Unfortunately, these features are not compatible with the older versions of our APIs, which were designed and released prior to the availability of our SNI and TLS version features. By using the older API versions, there’s a risk that customers can be left unable to configure a distribution, or possibly even misconfigure and break it by removing security critical settings. 

While only a very small percentage of API calls are made using the older versions and the current APIs are backwards compatible with those we planned to deprecate, we’ve been alerted to a few cases where customers may have work migrating. Therefore, we have decided to extend the time to migrate to 12 months. The API versions 2015 or older will now be supported until at least April 30, 2020. We will also be notifying the small subset of customers who seem to still use the old versions of these APIs with more information about their usage.

We apologize for the confusion this may have caused. Please reach out to AWS Support[3] if you have questions.

[1] https://forums.aws.amazon.com/ann.jspa?annID=6697
[2] https://aws.amazon.com/blogs/networking-and-content-delivery/continually-enhancing-domain-security-on-amazon-cloudfront/
[3] https://aws.amazon.com/support

Sincerely,
Amazon Web Services
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.