Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update default minimum viewer protocol to TLSv1.2_2021 #117

Merged
merged 5 commits into from
Mar 19, 2024
Merged

Update default minimum viewer protocol to TLSv1.2_2021 #117

merged 5 commits into from
Mar 19, 2024

Conversation

venkatamutyala
Copy link
Contributor

what

By default deprecated protocols are being supported:

image

This change would disable support for viewers using TLS 1.1 and TLS 1.0.

why

1.0 and 1.1 are known to be deprecated/insecure. To save folks trouble by their security teams using the latest version seems the most appropriate.

references

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html

@venkatamutyala venkatamutyala requested review from a team as code owners March 14, 2024 05:06
@mergify mergify bot added the triage Needs triage label Mar 14, 2024
@joe-niland joe-niland added the patch A minor, backward compatible change label Mar 14, 2024
@joe-niland
Copy link
Member

Thanks @venkatamutyala

Could you please run the following and commit the result?

make init
make readme

@joe-niland joe-niland self-requested a review March 14, 2024 06:09
@venkatamutyala
Copy link
Contributor Author

Done. Let me know if you folks need anything else.

@joe-niland joe-niland removed the triage Needs triage label Mar 14, 2024
@joe-niland
Copy link
Member

/terratest

Copy link
Member

@joe-niland joe-niland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One suggestion

variables.tf Outdated Show resolved Hide resolved
@joe-niland joe-niland changed the title MAJOR: update TLS support to latest recommended from AWS TLSv1.2_2021 Update default minimum viewer protocol to latest recommended from AWS TLSv1.2_2021 Mar 15, 2024
@joe-niland
Copy link
Member

Thanks @venkatamutyala the latest change will require the readme to be updated again

@joe-niland
Copy link
Member

/terratest

@joe-niland joe-niland changed the title Update default minimum viewer protocol to latest recommended from AWS TLSv1.2_2021 Update default minimum viewer protocol to TLSv1.2_2021 Mar 19, 2024
@joe-niland joe-niland merged commit 8b9ca79 into cloudposse:main Mar 19, 2024
12 checks passed
@joe-niland
Copy link
Member

Thanks for your contribution @venkatamutyala

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
patch A minor, backward compatible change
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants