This weekend, I restricted the use of TLS to 1.2 and higher. Figure I'd document it a bit here.
- Navigate to the Load Balancers page(under VPCs)
- Select the ALB you want to update.
- Click on the
Listeners
tab. - Select the HTTPS listener.
- Click edit.
- Change the security policy to
ELBSecurityPolicy-FS-1-2-Res-2020-10
or something more up to date. - Click the
Update
button in the top right.
Here is a list of the different types of security policies that you can enable via AWS.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
Hopefully, you don't have to do these updates manually, but it still helps to know how. Use IaC, it helps a ton in the long run.
Enjoy!