top of page

CloudFront.10

CloudFront distributions should not use deprecated SSL protocols between edge locations and custom origins

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon CloudFront

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks if CloudFront distributions are using deprecated SSL protocols for HTTPS communication between CloudFront edge locations and your custom origins. This control fails for a CloudFront distribution if it has a 'CustomOriginConfig' where ‘OriginSslProtocols’ includes ‘SSLv3’.

bottom of page