Are the docs incorrect in stating that ALB Security Policies ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 are identical?

Question

On reviewing [this page](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) for Application Load Balancers, it states that Security Policies `ELBSecurityPolicy-2015-05` and `ELBSecurityPolicy-2016-08` are identical.

However upon checking the output of `aws elbv2 describe-ssl-policies` for `ELBSecurityPolicy-2015-05` and `ELBSecurityPolicy-2016-08`, they are not identical.

`ELBSecurityPolicy-2015-05` has an additional cipher, `DHE-RSA-AES128-SHA`, that is not present in the output for `aws elbv2 describe-ssl-policies ELBSecurityPolicy-2016-08`.

Do the docs need to be updated?

Accepted Answer

Hi Rachel,

just checked the output of the two policies you mentioned and apart from the name there is no difference:

```
aws elbv2 describe-ssl-policies --name ELBSecurityPolicy-2015-05 > 05.json
aws elbv2 describe-ssl-policies --name ELBSecurityPolicy-2016-08 > 06.json
diff 05.json 06.json 
83c83
<             "Name": "ELBSecurityPolicy-2015-05",
---
>             "Name": "ELBSecurityPolicy-2016-08",
```

Do you see the difference in a particular region or in all regions?

Cheers,  
Philipp

Are the docs incorrect in stating that ALB Security Policies ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 are identical?

Relevanter Inhalt