describe_ssl_policies

ElasticLoadBalancingv2.Client.describe_ssl_policies(**kwargs)

Describes the specified policies or all policies used for SSL negotiation.

For more information, see Security policies in the Application Load Balancers Guide or Security policies in the Network Load Balancers Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_ssl_policies(
    Names=[
        'string',
    ],
    Marker='string',
    PageSize=123,
    LoadBalancerType='application'|'network'|'gateway'
)
Parameters
  • Names (list) --

    The names of the policies.

    • (string) --
  • Marker (string) -- The marker for the next set of results. (You received this marker from a previous call.)
  • PageSize (integer) -- The maximum number of results to return with this call.
  • LoadBalancerType (string) -- The type of load balancer. The default lists the SSL policies for all load balancers.
Return type

dict

Returns

Response Syntax

{
    'SslPolicies': [
        {
            'SslProtocols': [
                'string',
            ],
            'Ciphers': [
                {
                    'Name': 'string',
                    'Priority': 123
                },
            ],
            'Name': 'string',
            'SupportedLoadBalancerTypes': [
                'string',
            ]
        },
    ],
    'NextMarker': 'string'
}

Response Structure

  • (dict) --

    • SslPolicies (list) --

      Information about the security policies.

      • (dict) --

        Information about a policy used for SSL negotiation.

        • SslProtocols (list) --

          The protocols.

          • (string) --
        • Ciphers (list) --

          The ciphers.

          • (dict) --

            Information about a cipher used in a policy.

            • Name (string) --

              The name of the cipher.

            • Priority (integer) --

              The priority of the cipher.

        • Name (string) --

          The name of the policy.

        • SupportedLoadBalancerTypes (list) --

          The supported load balancers.

          • (string) --
    • NextMarker (string) --

      If there are additional results, this is the marker for the next set of results. Otherwise, this is null.

Exceptions

  • ElasticLoadBalancingv2.Client.exceptions.SSLPolicyNotFoundException

Examples

This example describes the specified policy used for SSL negotiation.

response = client.describe_ssl_policies(
    Names=[
        'ELBSecurityPolicy-2015-05',
    ],
)

print(response)

Expected Output:

{
    'SslPolicies': [
        {
            'Ciphers': [
                {
                    'Name': 'ECDHE-ECDSA-AES128-GCM-SHA256',
                    'Priority': 1,
                },
                {
                    'Name': 'ECDHE-RSA-AES128-GCM-SHA256',
                    'Priority': 2,
                },
                {
                    'Name': 'ECDHE-ECDSA-AES128-SHA256',
                    'Priority': 3,
                },
                {
                    'Name': 'ECDHE-RSA-AES128-SHA256',
                    'Priority': 4,
                },
                {
                    'Name': 'ECDHE-ECDSA-AES128-SHA',
                    'Priority': 5,
                },
                {
                    'Name': 'ECDHE-RSA-AES128-SHA',
                    'Priority': 6,
                },
                {
                    'Name': 'DHE-RSA-AES128-SHA',
                    'Priority': 7,
                },
                {
                    'Name': 'ECDHE-ECDSA-AES256-GCM-SHA384',
                    'Priority': 8,
                },
                {
                    'Name': 'ECDHE-RSA-AES256-GCM-SHA384',
                    'Priority': 9,
                },
                {
                    'Name': 'ECDHE-ECDSA-AES256-SHA384',
                    'Priority': 10,
                },
                {
                    'Name': 'ECDHE-RSA-AES256-SHA384',
                    'Priority': 11,
                },
                {
                    'Name': 'ECDHE-RSA-AES256-SHA',
                    'Priority': 12,
                },
                {
                    'Name': 'ECDHE-ECDSA-AES256-SHA',
                    'Priority': 13,
                },
                {
                    'Name': 'AES128-GCM-SHA256',
                    'Priority': 14,
                },
                {
                    'Name': 'AES128-SHA256',
                    'Priority': 15,
                },
                {
                    'Name': 'AES128-SHA',
                    'Priority': 16,
                },
                {
                    'Name': 'AES256-GCM-SHA384',
                    'Priority': 17,
                },
                {
                    'Name': 'AES256-SHA256',
                    'Priority': 18,
                },
                {
                    'Name': 'AES256-SHA',
                    'Priority': 19,
                },
            ],
            'Name': 'ELBSecurityPolicy-2015-05',
            'SslProtocols': [
                'TLSv1',
                'TLSv1.1',
                'TLSv1.2',
            ],
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}