Skynats Logo

Need Assistance?

In only two hours, with an average response time of 15 minutes, our expert will have your problem sorted out.

Get Assistance Now

Server Trouble?

For a single, all-inclusive fee, we guarantee the continuous reliability, safety, and blazing speed of your servers.

Explore Our Plans

How to Configure DocumentDB TLS Settings via AWS Console

  • December 2, 2025

Table of Contents

The following steps show how to identify your parameter group, verify AWS DocumentDB TLS settings, and modify them all from the console.

Identify the Cluster’s Parameter Group

  1. Open the AWS DocumentDB TLS console and search for document db service
  2. In the navigation pane, choose Clusters.
  3. Select the cluster you want to manage.
  4. Open the Configuration tab.
  5. Scroll to Cluster details and locate Cluster parameter group.

If your cluster uses a default parameter group (example: default.docdb4.0), you cannot modify TLS settings yet. You must create a custom cluster parameter group.

Create a Custom Parameter Group

If you do not already have a custom parameter group:

1. In the left menu, select Parameter groups.

2. Choose Create.

3. Fill in:

4. Parameter group family: select the version that matches your cluster

  1. Group type: db-cluster
  2. Name: docdb-5
  3. Description: Custom parameter group for  TLS settings

5. Choose Create.

Your custom parameter group is now ready for editing.

View the Current TLS Parameter Value

  1. In the AWS DocumentDB TLS console, open Parameter groups.
  2. Select the custom parameter group you want to modify.
  3. Scroll to the Cluster parameters section.
  4. Search for: tls
  5. Review:

Cluster parameter name

  1. Current value
  2. Allowed values

Modify the TLS Parameter

1. In your parameter group, find the row for tls.

2. Select the radio button next to it.

3. Choose Edit.

4. In the Modify tls dialog box, select the desired value:

a. enabled

b. disabled

c. tls1.2+

d. tls1.3+

5. Choose Modify cluster parameter to save.

This updates the parameter group but does not apply the change until the cluster reboots.

Apply the Parameter Group to the Cluster

If your cluster was already using this parameter group, you can skip this step.

Otherwise:

  1. Open Clusters.
  2. Select your cluster.
  3. Choose Modify.
  4. Under DB cluster parameter group, choose your custom group (e.g., docdb-custom-tls).
  5. Choose Continue, then Modify cluster.

The new parameter group is now associated with the cluster.

Reboot the AWS DocumentDB TLS instance

To ensure the change is applied across the entire cluster, reboot each instance in the cluster.

  • In the navigation pane, choose Instances.
  • Find the instance you want to reboot, then select the checkbox next to its name.
  • Choose Actions, then select Reboot.

All required changes to the TLS configuration of the AWS DocumentDB TLS cluster have been implemented. Each instance has been rebooted to apply the new settings, and the cluster is now functioning with the updated security configuration.

If you need expert assistance in securing your AWS environment or require hands-on guidance to configure AWS DocumentDB TLS settings, our team is here to help. Skynats provides comprehensive AWS Management Services tailored to ensure your cloud infrastructure remains optimized, secure, and fully compliant.


Liked!! Share the post.

Get Support right now!

Start server management with our 24x7 monitoring and active support team

GET STARTED NOW
wordpress malware removal services

Recent Posts

Subscribe and get your first issue fixed for Free!

Looking for server support and 24x7 monitoring?

Get 7-day free trial

Have doubts? Connect with us now.