1 Answer
- Newest
- Most votes
- Most comments
0
What I do know is that any traffic from the ALB to a target that is using SSL doesn’t strictly follow SSL standards.
The alb does not care if it connects to a target that’s running a self signed cert or a cert that’s expired.
That said you will never know if there’s a “man in the middle”
However, the information you have found regarding vpc traffic encryption is true which is transparent.
If it’s really a concern then end to end encryption may be needed to meet certain controls and standards. That’s I guess a business decision.
Not sure if that helps answer your question.
Relevant content
- asked a year ago
- Accepted Answerasked 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 9 months ago
"However, the information you have found regarding vpc traffic encryption is true which is transparent.", sure, but is AWS encrypting with the Caesar cipher, or are they doing something else? AWS seems confident in their encryption enough to tell users that it exists, so, they should make us confident in their encryption by telling us how it works.