Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: default https_ssl_policy to ELBSecurityPolicy-TLS13-1-2-2021-06 #179

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: default https_ssl_policy to ELBSecurityPolicy-TLS13-1-2-2021-06 #179

wants to merge 3 commits into from

Conversation

jestallin
Copy link

@jestallin jestallin commented Aug 20, 2024
edited by nitrocode
Loading

what

  • Updates default https_ssl_policy to ELBSecurityPolicy-TLS13-1-2-2021-06

why

  • ELBSecurityPolicy-TLS13-1-2-2021-06 is the default AWS recommendation.

The ELBSecurityPolicy-TLS13-1-2-2021-06 policy is the default security policy for TLS listeners created using the AWS Management Console.
- We recommend the ELBSecurityPolicy-TLS13-1-2-2021-06 security policy, which includes TLS 1.3, and is backwards compatible with TLS 1.2.

references

@jestallin jestallin requested review from a team as code owners August 20, 2024 11:25
@mergify mergify bot added the triage Needs triage label Aug 20, 2024
@nitrocode
Copy link
Member

/terratest

@nitrocode
Copy link
Member

I added the link https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies and the quote to the pr body

Seems reasonable

nitrocode
nitrocode previously approved these changes Aug 20, 2024
View reviewed changes
@mergify mergify bot removed the triage Needs triage label Aug 20, 2024
@nitrocode nitrocode enabled auto-merge (squash) September 10, 2024 13:52
@nitrocode nitrocode enabled auto-merge (squash) September 10, 2024 13:53
@nitrocode
Copy link
Member

/terratest

@nitrocode nitrocode changed the title Updates default https_ssl_policy to ELBSecurityPolicy-TLS13-1-2-2021-06 feat: default https_ssl_policy to ELBSecurityPolicy-TLS13-1-2-2021-06 Sep 10, 2024
@mergify Mergify
Copy link

mergify bot commented Sep 19, 2024

💥 This pull request now has conflicts. Could you fix it @jestallin? 🙏

@mergify mergify bot added the conflict This PR has conflicts label Sep 19, 2024
@mergify mergify bot added triage Needs triage and removed conflict This PR has conflicts labels Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nitrocode nitrocode nitrocode left review comments

@hans-d hans-d Awaiting requested review from hans-d hans-d is a code owner automatically assigned from cloudposse/contributors

@joe-niland joe-niland Awaiting requested review from joe-niland joe-niland is a code owner automatically assigned from cloudposse/contributors

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
triage Needs triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update default HTTPS security policy to ELBSecurityPolicy-TLS13-1-2-2021-06 to match AWS recommendation
2 participants
@jestallin @nitrocode