AWS CDK

2.248.0

enum SecurityPolicy

Language	Type name
.NET	`Amazon.CDK.AWS.APIGateway.SecurityPolicy`
Go	`github.com/aws/aws-cdk-go/awscdk/v2/awsapigateway#SecurityPolicy`
Java	`software.amazon.awscdk.services.apigateway.SecurityPolicy`
Python	`aws_cdk.aws_apigateway.SecurityPolicy`
TypeScript (source)	`aws-cdk-lib` » `aws_apigateway` » `SecurityPolicy`

The minimum version of the SSL protocol that you want API Gateway to use for HTTPS connections.

Example

declare const acmCertificateForExampleCom: any;

new apigateway.DomainName(this, 'custom-domain', {
  domainName: 'example.com',
  certificate: acmCertificateForExampleCom,
  endpointType: apigateway.EndpointType.EDGE, // default is REGIONAL
  securityPolicy: apigateway.SecurityPolicy.TLS_1_2
});

Members

Name	Description
TLS_1_0	Cipher suite TLS 1.0.
TLS_1_2	Cipher suite TLS 1.2.
TLS13_1_3_2025_09	Cipher suite TLS 1.3 for regional/private endpoints.
TLS13_1_3_FIPS_2025_09	Cipher suite TLS 1.3 (FIPS compliant) for regional/private endpoints.
TLS13_1_2_PQ_2025_09	Cipher suite TLS 1.3 and TLS 1.2 with post-quantum cryptography for regional/private endpoints.
TLS13_1_2_PFS_PQ_2025_09	Cipher suite TLS 1.3 and TLS 1.2 with Perfect Forward Secrecy and post-quantum cryptography for regional/private endpoints.
TLS13_2025_EDGE	Cipher suite TLS 1.3 for edge-optimized endpoints.
TLS12_PFS_2025_EDGE	Cipher suite TLS 1.2 with Perfect Forward Secrecy for edge-optimized endpoints.
TLS12_2018_EDGE	Cipher suite TLS 1.2 for edge-optimized endpoints (legacy).

TLS_1_0

Cipher suite TLS 1.0.

TLS_1_2

Cipher suite TLS 1.2.

TLS13_1_3_2025_09

Cipher suite TLS 1.3 for regional/private endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS13_1_3_FIPS_2025_09

Cipher suite TLS 1.3 (FIPS compliant) for regional/private endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS13_1_2_PQ_2025_09

Cipher suite TLS 1.3 and TLS 1.2 with post-quantum cryptography for regional/private endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS13_1_2_PFS_PQ_2025_09

Cipher suite TLS 1.3 and TLS 1.2 with Perfect Forward Secrecy and post-quantum cryptography for regional/private endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS13_2025_EDGE

Cipher suite TLS 1.3 for edge-optimized endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS12_PFS_2025_EDGE

Cipher suite TLS 1.2 with Perfect Forward Secrecy for edge-optimized endpoints.

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

TLS12_2018_EDGE

Cipher suite TLS 1.2 for edge-optimized endpoints (legacy).

See also: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-custom-domain-tls-version.html

← Previous Next →