run-x / opta

The next generation of Infrastructure-as-Code. Work with high-level constructs instead of getting lost in low-level cloud configuration.
https://docs.opta.dev
Apache License 2.0
906 stars 61 forks source link

Update TLS ssl policy #908

Closed nsarupr closed 2 years ago

nsarupr commented 2 years ago

Description

Update SSL Policy from ELBSecurityPolicy-TLS-1-2-2017-01 to ELBSecurityPolicy-TLS13-1-2-2021-06

Note from AWS:

For TLS listeners, we recommend using the ELBSecurityPolicy-TLS13-1-2-2021-06 security policy. This is the default policy for listeners created using the AWS Management Console. This security policy includes TLS 1.3, which is optimized for security and performance, and is backward compatible with TLS 1.2.

Safety checklist

How has this change been tested, beside unit tests?

codecov[bot] commented 2 years ago

Codecov Report

Merging #908 (96fc3bb) into main (bc95d16) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #908   +/-   ##
=======================================
  Coverage   72.91%   72.91%           
=======================================
  Files         122      122           
  Lines        8282     8282           
=======================================
  Hits         6039     6039           
  Misses       2243     2243           
Flag Coverage Δ
unittests 72.91% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.


Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update bc95d16...96fc3bb. Read the comment docs.