Neglected assets

Classic Load Balancer’s Listener with SSL policy and certificate not from AWS Certificate Manager

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, CCM-CSA, CCPA, cis_8, CPRA, Data Security Posture Management (DSPM) Best Practices, iso_27001_2022, iso_27002_2022, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA

Description

Classic Load Balancer (ELB) provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. The Classic Load Balancer {AwsEc2Elb} was found to have a listener with SSL Security Policy and a Certificate that was not issued by AWS Certificate Manager. This could result in an un-secure connection with weak encryption.