tfentonz · March 28, 2023 20:30
diff --git a/alb-ssl-policy.sh b/alb-ssl-policy.sh
 #!/bin/bash

 export AWS_DEFAULT_PROFILE='my-profile'
 export AWS_DEFAULT_REGION='us-east-1'

 # Find all application load balancers
 load_balancer_arns=$(aws elbv2 describe-load-balancers --query 'LoadBalancers[?Type==`application`].[LoadBalancerArn]' --output text)

 for load_balancer_arn in $load_balancer_arns
 do
  echo "$load_balancer_arn"
  # Find all SSL listeners for the current application load balancer
  ssl_listener_arns=$(aws elbv2 describe-listeners --load-balancer-arn $load_balancer_arn --query 'Listeners[?Protocol==`HTTPS`].[ListenerArn]' --output text)

  # Loop through each SSL listener ARN
  for ssl_listener_arn in $ssl_listener_arns
  do
    aws elbv2 modify-listener --listener-arn "$ssl_listener_arn" --ssl-policy "ELBSecurityPolicy-TLS13-1-2-2021-06"
  done
 done
	#!/bin/bash

	export AWS_DEFAULT_PROFILE='my-profile'
	export AWS_DEFAULT_REGION='us-east-1'

	# Find all application load balancers
	load_balancer_arns=$(aws elbv2 describe-load-balancers --query 'LoadBalancers[?Type==`application`].[LoadBalancerArn]' --output text)

	for load_balancer_arn in $load_balancer_arns
	do
	echo "$load_balancer_arn"
	# Find all SSL listeners for the current application load balancer
	ssl_listener_arns=$(aws elbv2 describe-listeners --load-balancer-arn $load_balancer_arn --query 'Listeners[?Protocol==`HTTPS`].[ListenerArn]' --output text)

	# Loop through each SSL listener ARN
	for ssl_listener_arn in $ssl_listener_arns
	do
	aws elbv2 modify-listener --listener-arn "$ssl_listener_arn" --ssl-policy "ELBSecurityPolicy-TLS13-1-2-2021-06"
	done
	done