Ensure Alibaba Cloud Cypher Policy is secured

Error: Alibaba Cloud Cypher Policy is not secured

Bridgecrew Policy ID: BC_ALI_NETWORKING_9
Checkov Check ID: CKV_ALI_33
Severity: LOW

Alibaba Cloud Cypher Policy is not secured

Description

The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, enable the latest version of TLS protocol (i.e. TLS 1.2) as part of Alibaba Cloud Cypher policy configuration.

Fix - Buildtime

resource "alicloud_slb_tls_cipher_policy" "pass" {
  tls_cipher_policy_name = "itsfine"
  tls_versions           = ["TLSv1.2"]
  ciphers                = ["AES256-SHA","AES256-SHA256", "AES128-GCM-SHA256"]
}