turbot/aws_compliance

Control: CloudFront distributions should use secure SSL cipher

Description

Ensure that CloudFront distributions do not have any insecure SSL ciphers. Using insecure and deprecated ciphers could make the SSL connection between the CloudFront and the origins vulnerable to exploits.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.cloudfront_distribution_use_secure_cipher

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.cloudfront_distribution_use_secure_cipher --share

SQL

This control uses a named query:

cloudfront_distribution_use_secure_cipher

Tags