- 最新
- 最多得票
- 最多評論
In the documentation you linked, the first link has the answer:
Elastic Load Balancing provides the following security policies for Application Load Balancers:
Classic load balancers are not Application Load Balancers. While the policies might share some names, that doesn't mean they are identical. For ELBSecurityPolicy-2015-05 and ELBSecurityPolicy-2016-08 they are identical for ALBs.
Some other things to note:
In the AWS CLI there is the elb and the elbv2 options. They are distinct. The elb option is for classic load balancers, while elbv2 is for network and application load balancers.
When querying using the CLI you can spot some differences in the results. The key clue is returned from aws elbv2 describe-ssl-policies. In the output there is a field named: SupportedLoadBalancerTypes which lists the types of load balancers the policy is valid for. In the 2015-05 one, it lists application and network.
Good question. Did you try this API https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-ssl-policies.html to check for each and compare?
Thanks for your response. The output for
aws elbv2 describe-ssl-policiesis not identical for the two policies mentioned in the question.
相關內容
- 已提問 6 個月前
AWS 官方已更新 2 年前- AWS 官方已更新 10 個月前
Thanks for your response.
I checked the output of
aws elbv2 describe-ssl-policiesforELBSecurityPolicy-2015-05andELBSecurityPolicy-2016-08. It is not identical, despite what is stated here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies.ELBSecurityPolicy-2015-05has an additional cipher,DHE-RSA-AES128-SHA, that is not present in the output foraws elbv2 describe-ssl-policies ELBSecurityPolicy-2016-08.Are you able to clarify this discrepancy?