Secure Ciphers Disabled
- Query id: 218413a0-c716-4b94-9e08-0bb70d854709
- Query name: Secure Ciphers Disabled
- Platform: Ansible
- Severity: High
- Category: Encryption
- URL: Github
Description¶
Check if secure ciphers aren't used in CloudFront
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - yaml file
- name: example
community.aws.cloudfront_distribution:
state: present
caller_reference: unique test distribution ID
origins:
- id: 'my test origin-000111'
domain_name: www.example.com
origin_path: /production
custom_headers:
- header_name: MyCustomHeaderName
header_value: MyCustomHeaderValue
viewer_certificate:
cloudfront_default_certificate: false
minimum_protocol_version: 'SSLv3'
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: example
community.aws.cloudfront_distribution:
state: present
caller_reference: unique test distribution ID
origins:
- id: my test origin-000111
domain_name: www.example.com
origin_path: /production
custom_headers:
- header_name: MyCustomHeaderName
header_value: MyCustomHeaderValue
viewer_certificate:
cloudfront_default_certificate: true