- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
In the documentation you linked, the first link has the answer:
Elastic Load Balancing provides the following security policies for Application Load Balancers:
Classic load balancers are not Application Load Balancers. While the policies might share some names, that doesn't mean they are identical. For ELBSecurityPolicy-2015-05
and ELBSecurityPolicy-2016-08
they are identical for ALBs.
Some other things to note:
In the AWS CLI there is the elb
and the elbv2
options. They are distinct. The elb
option is for classic load balancers, while elbv2
is for network and application load balancers.
When querying using the CLI you can spot some differences in the results. The key clue is returned from aws elbv2 describe-ssl-policies
. In the output there is a field named: SupportedLoadBalancerTypes
which lists the types of load balancers the policy is valid for. In the 2015-05
one, it lists application
and network
.
Good question. Did you try this API https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-ssl-policies.html to check for each and compare?
Thanks for your response. The output for
aws elbv2 describe-ssl-policies
is not identical for the two policies mentioned in the question.
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
Thanks for your response.
I checked the output of
aws elbv2 describe-ssl-policies
forELBSecurityPolicy-2015-05
andELBSecurityPolicy-2016-08
. It is not identical, despite what is stated here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies.ELBSecurityPolicy-2015-05
has an additional cipher,DHE-RSA-AES128-SHA
, that is not present in the output foraws elbv2 describe-ssl-policies ELBSecurityPolicy-2016-08
.Are you able to clarify this discrepancy?