-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support TLS v1.3 in Cloudfront distribution minimum_protocol_version #15194
Comments
Not sure this is possible. As far as I can tell, there's no security policy that is TLSv1.3+. |
@reedloden AWS now supports TLSv1.3 as of last month: https://aws.amazon.com/about-aws/whats-new/2021/06/amazon-cloudfront-announces-new-tlsv12_2021-security-policy-for-viewer-connections/ Maybe we can have a minimum_protocol_version = TLSv1.2_2021`? |
Since the AWS API docs list viewer_certificate {
cloudfront_default_certificate = #...
acm_certificate_arn = #...
ssl_support_method = #...
minimum_protocol_version = "TLSv1.2_2021"
} It's a little confusing, but looking at the table linked above, certain The Terraform AWS resource documentation doesn't mention the latest version available, though, which made me uncertain if |
@enigmango Can you please tell what version of terraform you are using?
|
@AbhilashDawar That might be an AWS provider version issue instead of a terraform version issue. Either way, I'm using TF 0.14.6 and the AWS provider 3.27.0. Below is my version config block. terraform {
required_version = "~> 0.14.6"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
} |
Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label. If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you! |
Am I seeing a discrepancy between the AWS policies and actually enforcing
If I'm reading this correctly, there's no way to say |
Community Note
Description
AWS announced TLS v1.3 for viewer connections. This should be available in the Terraform AWS provider.
New or Affected Resource(s)
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: