💼 [CloudFront.15] CloudFront distributions should use the recommended TLS security policy

ID: /frameworks/aws-fsbp-v1.0.0/cloudfront/15

Description

If you configure an Amazon CloudFront distribution to require viewers to use HTTPS to access content, you have to choose a security policy and specify the minimum SSL/TLS protocol version to use. This determines which protocol version CloudFront uses to communicate with viewers, and the ciphers that CloudFront uses to encrypt the communications. We recommend using the latest security policy that CloudFront provides. This ensures that CloudFront uses the latest cipher suites to encrypt data in transit between a viewer and a CloudFront distribution.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/cloudfront-controls.html#cloudfront-15

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS CloudFront Web Distribution uses legacy Security Policy🟢	1	🟢 x6	no data

Description​

Similar​

Sub Sections​

Policies (1)​

Description

Similar

Sub Sections

Policies (1)