AWS Security ChangesHomeSearch

AWS elasticloadbalancing documentation change

Service: elasticloadbalancing · 2025-05-25 · Documentation medium

File: elasticloadbalancing/latest/application/describe-ssl-policies.md

Summary

Updated default SSL policy to TLS 1.3-compatible version and clarified security policy requirements

Security assessment

Introduces documentation about TLS 1.3 support and updates default security policies, which improves security posture documentation but doesn't address a specific known vulnerability.

Diff

diff --git a/elasticloadbalancing/latest/application/describe-ssl-policies.md b/elasticloadbalancing/latest/application/describe-ssl-policies.md
index 90e89ed78..dd2e6735d 100644
--- a//elasticloadbalancing/latest/application/describe-ssl-policies.md
+++ b//elasticloadbalancing/latest/application/describe-ssl-policies.md
@@ -15 +15 @@ Elastic Load Balancing uses a Secure Socket Layer (SSL) negotiation configuratio
-  * Application Load Balancers do not support custom security policies.
+  * When you create an HTTPS listener, you must select a security policy.
@@ -17 +17 @@ Elastic Load Balancing uses a Secure Socket Layer (SSL) negotiation configuratio
-  * The `ELBSecurityPolicy-TLS13-1-2-2021-06` policy is the default security policy for HTTPS listeners created using the AWS Management Console.
+  * The `ELBSecurityPolicy-TLS13-1-2-Res-2021-06` policy is the default security policy for HTTPS listeners created using the AWS Management Console. This policy supports TLS 1.3 and is backward compatible with TLS 1.2.
@@ -21,3 +21 @@ Elastic Load Balancing uses a Secure Socket Layer (SSL) negotiation configuratio
-  * When you create an HTTPS listener, selecting a security policy is required.
-
-    * We recommend the `ELBSecurityPolicy-TLS13-1-2-Res-2021-06` security policy, which includes TLS 1.3, and is backwards compatible with TLS 1.2.
+  * Application Load Balancers do not support custom security policies.