Ensure Load Balancer Listener Using HTTPS
Description
This policy checks whether a Load Balancer Listener is using the HTTPS protocol. Using HTTPS ensures that data transmitted between the load balancer and its clients is encrypted, which is essential for protecting sensitive information. If HTTP is used instead, the data is sent in plaintext, making it vulnerable to eavesdropping and tampering. Ensuring the use of HTTPS helps maintain the confidentiality and integrity of the data.
Code Example
terraform
resource "ncloud_lb_listener" "example" {
protocol = "HTTPS"
}Remediation
Update the Load Balancer Listener to use the HTTPS protocol.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1225 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | ncloud_lb_listener |
| Checkov ID | CKV_NCP_24 |