AWS Site-to-Site VPN is extending three new capabilities, including AWS Secrets Manager integration, for enhanced security and ease of configuration in AWS GovCloud (US) Regions and AWS Europe (Milan) Region.
- AWS Secrets Manager Integration: With the AWS Secrets Manager integration, when customers store their pre-shared keys (PSKs) in Secrets Manager, VPN connection API responses will redact the PSK and instead display the Secrets Manager ARN (Amazon Resource Name), providing enhanced security.
- New API to track VPN algorithms: You can now easily track the currently negotiated internet key exchange (IKE) version, Diffie-Hellman (DH) groups, encryption algorithms, and integrity algorithms using the “GetActiveVpnTunnelStatus” API. This new API eliminates the need for you to enable Site-to-Site VPN logs to get this information, saving time and reducing operational overhead.
- Recommended Configuration: “GetVpnConnectionDeviceSampleConfiguration” API now includes “recommended” parameter to help you use the best-practices security configuration – IKE version 2, DH group 20, SHA-384 integrity algorithm, and AES-GCM-256 encryption algorithm – on your customer gateway devices, reducing configuration time and potential errors.
There is no additional charge for using these capabilities. To learn more and get started, visit the AWS Site-to-Site VPN documentation.
Categories: general:products/aws-site-to-site,marketing:marchitecture/networking
Source: Amazon Web Services
Latest Posts
- Amazon Connect expands automated agent performance evaluations to 5 additional languages
- GCP Release Notes: December 24, 2025
- Dynamics 365 Customer Service – Simulate AI field prediction capability from Case Management Agent [MC1204658]
- Microsoft 365 Copilot for Service – Create case records from customer emails with one click [MC1204498]
