Ensure Elastic Load Balancers use SSL certificates provided by AWS Certificate Manager

Error: Elastic load balancers do not use SSL Certificates provided by AWS Certificate Manager

Bridgecrew Policy ID: BC_AWS_GENERAL_67
Checkov Check ID: CKV_AWS_127
Severity: HIGH

Elastic load balancers do not use SSL Certificates provided by AWS Certificate Manager

Description

TBA.

Fix - Buildtime

Terraform

  • Resource: aws_elb
  • Argument: ssl_certificate_id
resource "aws_elb" "test" {
  ...
  listener {
    instance_port      = 8000
    instance_protocol  = "http"
    lb_port            = 443
    lb_protocol        = "https"
+   ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName"
  }           
}

Did this page help you?