Checks/Aws/Test-ElbInsecureSslCiphers.ps1
|
function Test-ElbInsecureSslCiphers { <# .SYNOPSIS Elastic Load Balancer HTTPS listeners, if present, use the ELBSecurityPolicy-TLS-1-2-2017-01 policy .DESCRIPTION Elastic Load Balancer HTTPS listeners are assessed for use of a **strong TLS policy**. Listeners associated with `ELBSecurityPolicy-TLS-1-2-2017-01` are considered to negotiate only modern protocols and ciphers, avoiding legacy SSL/TLS and weak suites. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: elb_insecure_ssl_ciphers [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check elb_insecure_ssl_ciphers for reference.', 'N/A', 'elb Resources') } |