Policy: AWS > EC2 > Classic Load Balancer Listener > SSL Policy > Default

Define the default AWS SSL policy the AWS EC2 classic load balancer listener should use if it's not currently using an allowed SSL policy.

The SSL policy selected in this policy should also be allowed in the AWS > EC2 > Classic Load Balancer Listener > SSL Policy > Allowed policy, else the control will move into an invalid state while trying to enforce this policy.

Resource Types

This policy targets the following resource types:

AWS > EC2 > Classic Load Balancer Listener

Primary Policy

This policy is used with the following primary policy:

AWS > EC2 > Classic Load Balancer Listener > SSL Policy

Controls

AWS > EC2 > Classic Load Balancer Listener > SSL Policy

Policy Packs

This policy setting is used by the following policy packs:

Enforce TLS 1.2 SSL Policy for AWS EC2 Classic Load Balancer Listeners

Policy Specification

Schema Type	`string`
Default	`ELBSecurityPolicy-2016-08`
Valid Values [YAML]	`ELBSample-ELBDefaultNegotiationPolicy` `ELBSample-OpenSSLDefaultNegotiationPolicy` `ELBSecurityPolicy-2011-08` `ELBSecurityPolicy-2014-01` `ELBSecurityPolicy-2014-10` `ELBSecurityPolicy-2015-02` `ELBSecurityPolicy-2015-03` `ELBSecurityPolicy-2015-05` `ELBSecurityPolicy-2016-08` `ELBSecurityPolicy-TLS-1-1-2017-01` `ELBSecurityPolicy-TLS-1-2-2017-01`
Examples [YAML]	`ELBSecurityPolicy-2016-08`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/other

Policy Type URI

tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault

GraphQL

query policyType(id: "tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-ec2#/policy/types/classicLoadBalancerListenerSslPolicyDefault"