tfentonz/alb-ssl-policy.sh

## alb-ssl-policy.sh
#!/bin/bash

export AWS_DEFAULT_PROFILE='my-profile'
export AWS_DEFAULT_REGION='us-east-1'

# Find all application load balancers
load_balancer_arns=$(aws elbv2 describe-load-balancers --query 'LoadBalancers[?Type==`application`].[LoadBalancerArn]' --output text)

for load_balancer_arn in $load_balancer_arns
do
  echo "$load_balancer_arn"
  # Find all SSL listeners for the current application load balancer
  ssl_listener_arns=$(aws elbv2 describe-listeners --load-balancer-arn $load_balancer_arn --query 'Listeners[?Protocol==`HTTPS`].[ListenerArn]' --output text)

  # Loop through each SSL listener ARN
  for ssl_listener_arn in $ssl_listener_arns
  do
    aws elbv2 modify-listener --listener-arn "$ssl_listener_arn" --ssl-policy "ELBSecurityPolicy-TLS13-1-2-2021-06"
  done
done
	#!/bin/bash

	export AWS_DEFAULT_PROFILE='my-profile'
	export AWS_DEFAULT_REGION='us-east-1'

	# Find all application load balancers
	load_balancer_arns=$(aws elbv2 describe-load-balancers --query 'LoadBalancers[?Type==`application`].[LoadBalancerArn]' --output text)

	for load_balancer_arn in $load_balancer_arns
	do
	echo "$load_balancer_arn"
	# Find all SSL listeners for the current application load balancer
	ssl_listener_arns=$(aws elbv2 describe-listeners --load-balancer-arn $load_balancer_arn --query 'Listeners[?Protocol==`HTTPS`].[ListenerArn]' --output text)

	# Loop through each SSL listener ARN
	for ssl_listener_arn in $ssl_listener_arns
	do
	aws elbv2 modify-listener --listener-arn "$ssl_listener_arn" --ssl-policy "ELBSecurityPolicy-TLS13-1-2-2021-06"
	done
	done