Are the ELB Security Policies offered for Classic and Application Load Balancers the same?

0

On reviewing this page for Application Load Balancers, it states that Security Policies ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 are identical.

However in the table on this page for Classic Load Balancers, Security Policy 2015-05 has an additional Cipher, DES-CBC3-SHA, that is not listed as being present in Security Policy 2016-08.

Are the Security Policies offered for Application and Classic Load Balancers different, or is there a mistake in documenting them on one of these pages?

2 Answers
0
Accepted Answer

In the documentation you linked, the first link has the answer:

Elastic Load Balancing provides the following security policies for Application Load Balancers:

Classic load balancers are not Application Load Balancers. While the policies might share some names, that doesn't mean they are identical. For ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 they are identical for ALBs.

Some other things to note:

In the AWS CLI there is the elb and the elbv2 options. They are distinct. The elb option is for classic load balancers, while elbv2 is for network and application load balancers.

When querying using the CLI you can spot some differences in the results. The key clue is returned from aws elbv2 describe-ssl-policies. In the output there is a field named: SupportedLoadBalancerTypes which lists the types of load balancers the policy is valid for. In the 2015-05 one, it lists application and network.

answered 2 years ago
profile picture
EXPERT
reviewed 4 months ago
0

Good question. Did you try this API https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-ssl-policies.html to check for each and compare?

Niko
answered 2 years ago
  • Thanks for your response. The output for aws elbv2 describe-ssl-policies is not identical for the two policies mentioned in the question.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions