Alibaba Cloud Cypher Policy is not secured

Description

The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, enable the latest version of TLS protocol (i.e. TLS 1.2) as part of Alibaba Cloud Cypher policy configuration.

Fix - Buildtime

resource "alicloud_slb_tls_cipher_policy" "pass" {
  tls_cipher_policy_name = "itsfine"
  tls_versions           = ["TLSv1.2"]
  ciphers                = ["AES256-SHA","AES256-SHA256", "AES128-GCM-SHA256"]
}