Bootstrap FreeKB - Amazon Web Services (AWS) - List Elastic Load Balancer (ELB) SSL Policies using the AWS CLI
Amazon Web Services (AWS) - List Elastic Load Balancer (ELB) SSL Policies using the AWS CLI
Updated:   |  Amazon Web Services (AWS) articles

An Elastic Load Balancer (ELB) is typically used to load balance requests across two (or more) different EC2 instances. 

 

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

The aws elbv2 describe-ssl-policies command can be used to list the SSL Policies that can be used with a Load Balancer that is configured with SSL, such as a Network Load Balancer (NLB) with an HTTPS Listener.

aws elbv2 describe-ssl-policies

 

And here is an example of how to limit the output using the --query option

aws elbv2 describe-ssl-policies --query 'SslPolicies[?Name==`ELBSecurityPolicy-2016-08`]'

 

Something like this should be returned.

[
    {
        "SslProtocols": [
            "TLSv1",
            "TLSv1.1",
            "TLSv1.2"
        ],
        "Ciphers": [
            {
                "Name": "ECDHE-ECDSA-AES128-GCM-SHA256",
                "Priority": 1
            },
            {
                "Name": "ECDHE-RSA-AES128-GCM-SHA256",
                "Priority": 2
            },
            {
                "Name": "ECDHE-ECDSA-AES128-SHA256",
                "Priority": 3
            },
            {
                "Name": "ECDHE-RSA-AES128-SHA256",
                "Priority": 4
            },
            {
                "Name": "ECDHE-ECDSA-AES128-SHA",
                "Priority": 5
            },
            {
                "Name": "ECDHE-RSA-AES128-SHA",
                "Priority": 6
            },
            {
                "Name": "ECDHE-ECDSA-AES256-GCM-SHA384",
                "Priority": 7
            },
            {
                "Name": "ECDHE-RSA-AES256-GCM-SHA384",
                "Priority": 8
            },
            {
                "Name": "ECDHE-ECDSA-AES256-SHA384",
                "Priority": 9
            },
            {
                "Name": "ECDHE-RSA-AES256-SHA384",
                "Priority": 10
            },
            {
                "Name": "ECDHE-RSA-AES256-SHA",
                "Priority": 11
            },
            {
                "Name": "ECDHE-ECDSA-AES256-SHA",
                "Priority": 12
            },
            {
                "Name": "AES128-GCM-SHA256",
                "Priority": 13
            },
            {
                "Name": "AES128-SHA256",
                "Priority": 14
            },
            {
                "Name": "AES128-SHA",
                "Priority": 15
            },
            {
                "Name": "AES256-GCM-SHA384",
                "Priority": 16
            },
            {
                "Name": "AES256-SHA256",
                "Priority": 17
            },
            {
                "Name": "AES256-SHA",
                "Priority": 18
            }
        ],
        "Name": "ELBSecurityPolicy-2016-08",
        "SupportedLoadBalancerTypes": [
            "application",
            "network"
        ]
    }
]

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 241a66 in the box below so that we can be sure you are a human.