SLB Listener TLS Policy Check

ID: rule:aliyun:slb-all-listenter-tls-policy-check
Severity: medium
IaC Types: ROS, Terraform

Description

Ensures SLB HTTPS listeners use secure TLS cipher policies.

Reason for Violation

Weak cipher suites can be exploited to decrypt intercepted traffic.

Recommendation

Set tls_cipher_policy to 'tls_cipher_policy_1_2' or higher for HTTPS listeners.

Resource Types

• ROS: ALIYUN::SLB::Listener
• Terraform: alicloud_slb_listener