By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Are the docs incorrect in stating that ALB Security Policies ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 are identical?

0

On reviewing this page for Application Load Balancers, it states that Security Policies ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 are identical.

However upon checking the output of aws elbv2 describe-ssl-policies for ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08, they are not identical.

ELBSecurityPolicy-2015-05 has an additional cipher, DHE-RSA-AES128-SHA, that is not present in the output for aws elbv2 describe-ssl-policies ELBSecurityPolicy-2016-08.

Do the docs need to be updated?

Topics
Networking & Content DeliveryAWS Well-Architected Framework
Tags
Elastic Load BalancingSecurity
Language
English
Rachel
asked a year ago215 views
1 Answer
0
Accepted Answer

Hi Rachel,

just checked the output of the two policies you mentioned and apart from the name there is no difference:

aws elbv2 describe-ssl-policies --name ELBSecurityPolicy-2015-05 > 05.json
aws elbv2 describe-ssl-policies --name ELBSecurityPolicy-2016-08 > 06.json
diff 05.json 06.json 
83c83
<             "Name": "ELBSecurityPolicy-2015-05",
---
>             "Name": "ELBSecurityPolicy-2016-08",

Do you see the difference in a particular region or in all regions?

Cheers,
Philipp

AWS
EXPERT
Philipp S
answered a year ago
  • Rachel
    a year ago

    Thanks for your response.

    Interesting. I see the difference in region us-east-2.

    After seeing your comment I spot checked us-east-1 and ca-central-1. I do not see any difference other than name for us-east-1. I do see the difference on DHE-RSA-AES128-SHA for ca-central-1

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content