terraform aws_elastic_beanstalk_environment SSL PolicyNames

Question

Using terraform, does anyone know how to set a predefined SSL Security Policy for an ELB, from within the aws_elastic_beanstalk_environment resource?

I've tried various permutations of parameters, branching out from something like the below, but have had no luck. ```

setting {
    name = "PolicyNames"
    namespace = "aws:elb:listener"
    value = "ELBSecurityPolicy-TLS-1-2-2017-01"
}

```

Can this be done using the setting syntax?

regards Michael

Answer 1

Following works for classic ELB, LoadBalancerPorts is also required to set to 443 for the predefined policy to take effect.

setting {
  namespace = "aws:elb:policies:sslpolicy"
  name      = "SSLReferencePolicy"
  value     = "ELBSecurityPolicy-TLS-1-2-2017-01"
}

setting {
  namespace = "aws:elb:policies:sslpolicy"
  name      = "LoadBalancerPorts"
  value     = "443"
}