I have been using Terraform to deploy Elastic Beanstalk app and there seem to be an issue when I am trying to set custom ciphers for Classic Load Balancer. I have to repeat deployments by changing just the namespace from sslpolicy to TLSHighPolicy and revert back to sslpolicy before the custom ciphers appear.
Error I get look something like this
failed Reason: Reference-Security-Policy attribute cannot be used together with attributes for ciphers and protocols. Either use the Reference-Security-Policy by itself or specify individual ciphers and protocols.
Settings I am using via Terraform
setting {
namespace = "aws:elb:policies:sslpolicy"
name = "SSLProtocols"
value = "Protocol-TLSv1.2,Server-Defined-Cipher-Order,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256"
}
This works just fine after just manipulating with name and namespaces. This seems to be a bug at AWS's end. Please comment. Thanks.
AWS 官方已更新 2 年前